GIAC GCIH - GIAC Certified Incident Handler Exam
Page: 2 / 169
Total 842 questions
Question #6 (Topic: Single Topic)
Adam has installed and configured his wireless network. He has enabled numerous security features such as changing the default SSID, enabling WPA
encryption, and enabling MAC filtering on his wireless router. Adam notices that when he uses his wireless connection, the speed is sometimes 16 Mbps and
sometimes it is only 8 Mbps or less. Adam connects to the management utility wireless router and finds out that a machine with an unfamiliar name is connected
through his wireless connection. Paul checks the router's logs and notices that the unfamiliar machine has the same MAC address as his laptop.
Which of the following attacks has been occurred on the wireless network of Adam?
encryption, and enabling MAC filtering on his wireless router. Adam notices that when he uses his wireless connection, the speed is sometimes 16 Mbps and
sometimes it is only 8 Mbps or less. Adam connects to the management utility wireless router and finds out that a machine with an unfamiliar name is connected
through his wireless connection. Paul checks the router's logs and notices that the unfamiliar machine has the same MAC address as his laptop.
Which of the following attacks has been occurred on the wireless network of Adam?
A. NAT spoofing
B. DNS cache poisoning
C. MAC spoofing
D. ARP spoofing
Answer: C
Question #7 (Topic: Single Topic)
Which of the following is a technique of using a modem to automatically scan a list of telephone numbers, usually dialing every number in a local area code to
search for computers, Bulletin board systems, and fax machines?
search for computers, Bulletin board systems, and fax machines?
A. Demon dialing
B. Warkitting
C. War driving
D. Wardialing
Answer: D
Question #8 (Topic: Single Topic)
Network mapping provides a security testing team with a blueprint of the organization. Which of the following steps is NOT a part of manual network mapping?
A. Gathering private and public IP addresses
B. Collecting employees information
C. Banner grabbing
D. Performing Neotracerouting
Answer: D
Question #9 (Topic: Single Topic)
Which of the following statements are true about tcp wrappers?
Each correct answer represents a complete solution. (Choose all that apply.)
Each correct answer represents a complete solution. (Choose all that apply.)
A. tcp wrapper provides access control, host address spoofing, client username lookups, etc.
B. When a user uses a TCP wrapper, the inetd daemon runs the wrapper program tcpd instead of running the server program directly.
C. tcp wrapper allows host or subnetwork IP addresses, names and/or ident query replies, to be used as tokens to filter for access control purposes.
D. tcp wrapper protects a Linux server from IP address spoofing.
Answer: ABC
Question #10 (Topic: Single Topic)
Which of the following types of attacks is the result of vulnerabilities in a program due to poor programming techniques?
A. Evasion attack
B. Denial-of-Service (DoS) attack
C. Ping of death attack
D. Buffer overflow attack
Answer: D
