최신 GPEN 무료덤프 - GIAC Certified Penetration Tester
You work as a Penetration Tester for the Infosec Inc. Your company takes the projects of security auditing. Recently, your company has assigned you a project to test the security of the we- aresecure. com Web site. For this, you want to perform the idle scan so that you can get the ports open in the we-are-secure.com server. You are using Hping tool to perform the idle scan by using a zombie computer. While scanning, you notice that every IPID is being incremented on every query, regardless whether the ports are open or close. Sometimes, IPID is being incremented by more than one value. What may be the reason?
정답: D
Joseph works as a Network Administrator for WebTech Inc. He has to set up a centralized area on the network so that each employee can share resources and documents with one another.
Which of the following will he configure to accomplish the task?
Which of the following will he configure to accomplish the task?
정답: C
You work as a Network Administrator in the SecureTech Inc. The SecureTech Inc. is using Linuxbased server. Recently, you have updated the password policy of the company in which the server will disable passwords after four trials. What type of attack do you want to stop by enabling this policy?
정답: D
How does OWASP ZAP function when used for performing web application assessments?
정답: B
192.168.116.9 Is an IP address forvvww.scanned-server.com. Why are the results from the two scans, shown below, different?
정답: D
Which of the following programming languages are NOT vulnerable to buffer overflow attacks?
Each correct answer represents a complete solution. Choose two.
Each correct answer represents a complete solution. Choose two.
정답: A,D
Which of the following tools is an automated tool that is used to implement SQL injections and to retrieve data from Web server databases?
정답: B
You are using the dsniff tool to intercept communications between two entities and establish credentials with both sides of the connections. These entities do not notice that you were retrieving the information between these two. Which of the following attacks are you performing?
정답: D
You are running a vulnerability scan on a remote network and the traffic Is not making It to the target system. You investigate the connection issue and determine that the traffic is making it to the internal interface of your network firewall, but not making. It to the external Interface or to any systems outside your firewall. What is the most likely problem?
정답: D
Which of the following Trojans does not use TCP protocol?
정답: B
You have compromised a Windows workstation using Metasploit and have injected the Meterpreter payload into the svchost process. After modifying some files to set up a persistent backdoor you realize that you will need to change the modified and access times of the files to ensure that the administrator can't see the changes you made. Which Meterpreter module would you need to load in order to do this?
정답: C
What section of the penetration test or ethical hacking engagement final report is used to detail and prioritize the results of your testing?
정답: D
In which of the following scanning methods do Windows operating systems send only RST packets irrespective of whether the port is open or closed?
정답: A
Analyze the screenshot below, which of the following sets of results will be retrieved using this search?
정답: A