Latest [Sep 05, 2022] GIAC GPEN Real Exam Dumps PDF [Q61-Q77]

NO.61 You are pen testing a Windows system remotely via a raw netcat shell. You want to quickly change directories to where the Windows operating system resides, what command could you use?

NO.62 John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we-are-secure.com. He copies the whole structure of the We-are-secure Web site to the local disk and obtains all the files on the Web site. Which of the following techniques is he using to accomplish his task?

NO.63 Which of the following is generally practiced by the police or any other recognized governmental authority?

NO.64 Which of the following ports is used for NetBIOS null sessions?

NO.65 Analyze the command output below. What information can the tester infer directly from the Information shown?

NO.66 Your company has decided that the risk of performing a penetration test Is too great. You would like to figure out other ways to find vulnerabilities on their systems, which of the following is MOST likely to be a valid alternative?

NO.67 Which of the following tools can be used to perform Windows password cracking, Windows enumeration, and VoIP session sniffing?

NO.68 You want to retrieve the default security report of nessus. Which of the following google search queries will you use?

NO.69 In which of the following security tests does the security testing team simulate as an employee or other person with an authorized connection to the organization’s network?

NO.70 In which of the following attacks does an attacker use packet sniffing to read network traffic between two parties to steal the session cookie?

NO.71 Which of the following tools can be used to enumerate networks that have blocked ICMP Echo packets, however, failed to block timestamp or information packet or not performing sniffing of trusted addresses, and it also supports spoofing and promiscuous listening for reply packets?

NO.72 Which of the following is the number of bits of encryption that 64-bit Wired Equivalent Privacy (WEP) effectively provides?

NO.73 You work as a Network Administrator for Tech Perfect Inc. The company has a TCP/IP-based network. Rick, your assistant, is configuring some laptops for wireless access. For security, WEP needs to be configured for wireless communication. By mistake, Rick configures different WEP keys in a laptop than that is configured on the Wireless Access Point (WAP). Which of the following statements is true in such situation?

NO.74 John works as a Penetration Tester in a security service providing firm named you-are-secure Inc.
Recently, John’s company has got a project to test the security of a promotional Website
www.missatlanta.com and assigned the pen-testing work to John. When John is performing penetration testing, he inserts the following script in the search box at the company home page:
<script>alert(‘Hi, John’)</script>
After pressing the search button, a pop-up box appears on his screen with the text – “Hi, John.”
Which of the following attacks can be performed on the Web site tested by john while considering the above scenario?

NO.75 You have compromised a Windows workstation using Metasploit and have injected the Meterpreter payload into the smss process. You want to dump the SAM database of the remote system so you can crack it offline.
Which Meterpreter module would you need to load in addition to the defaults so that you can accomplish this?

NO.76 You are running a vulnerability scan on a remote network and the traffic Is not making It to the target system. You investigate the connection issue and determine that the traffic is making it to the internal interface of your network firewall, but not making. It to the external Interface or to any systems outside your firewall. What is the most likely problem?

NO.77 TCP FIN scanning is a type of stealth scanning through which the attacker sends a FIN packet to the target port. If the port is closed, the victim assumes that this packet was sent mistakenly by the attacker and sends the RST packet to the attacker. If the port is open, the FIN packet will be ignored and the port will drop the packet. Which of the following operating systems can be easily identified with the help of TCP FIN scanning?