GIAC GPEN - GIAC Penetration Tester Exam
Page: 1 / 77
Total 385 questions
Question #1 (Topic: Topic 1)
What is the impact on pre-calculated Rainbow Tables of adding multiple salts to a set of
passwords?
passwords?
A. Salts increases the time to crack the original password by increasing the number oftables that must be calculated.
B. Salts double the total size of a rainbow table database.
C. Salts can be reversed or removed from encoding quickly to produce unsaltedhashes.
D. Salts have little effect because they can be calculated on the fly with applicationssuch as Ophcrack.
Answer: B
Question #2 (Topic: Topic 1)
If the privacy bit is set in the 802.11 header, what does it indicate?
A. SSID cloaking is being used.
B. Some form of encryption is In use.
C. WAP is being used.
D. Some form of PEAP is being used.
Answer: C
Question #3 (Topic: Topic 1)
Analyze the command output below. What information can the tester infer directly from the
Information shown?
[GIAC-GPEN-8.0/GIAC-GPEN-4_2.png]
Information shown?
[GIAC-GPEN-8.0/GIAC-GPEN-4_2.png]
A. Usernames for the domain tesrdomain.com
B. Directory indexing is allowed on the web server
C. Vulnerable versions of Adobe software in use
D. Naming convention for public documents
Answer: D
Question #4 (Topic: Topic 1)
Which Metasploitvncinject stager will allow VNC communications from the attacker to a
listening port of the attacker's choosing on the victim machine?
listening port of the attacker's choosing on the victim machine?
A. Vncinject/find.lag
B. Vncinject/reverse.tcp
C. Vncinject/reverse-http
D. Vncinject /bind.tcp
Answer: B
Question #5 (Topic: Topic 1)
You are pen testing a Windows system remotely via a raw netcat shell. You want to quickly
change directories to where the Windows operating system resides, what command could
you use?
change directories to where the Windows operating system resides, what command could
you use?
A. cd systemroot
B. cd-
C. cd /systemroot/
D. cd %systemroot%
Answer: B