2026 New GCIH Exam Dumps with PDF and VCE Free: https://www.2passeasy.com/dumps/GCIH/

Act now and download your GIAC GCIH test today! Do not waste time for the worthless GIAC GCIH tutorials. Download Avant-garde GIAC GIAC Certified Incident Handler exam with real questions and answers and begin to learn GIAC GCIH with a classic professional.

Also have GCIH free dumps questions for you:

NEW QUESTION 1
Which of the following functions can you use to mitigate a command injection attack?
Each correct answer represents a part of the solution. Choose all that apply.

  • A. escapeshellarg()
  • B. escapeshellcmd()
  • C. htmlentities()
  • D. strip_tags()

Answer: AB

NEW QUESTION 2
You want to perform passive footprinting against we-are-secure Inc. Web server. Which of the following tools will you use?

  • A. Nmap
  • B. Ethereal
  • C. Ettercap
  • D. Netcraft

Answer: D

NEW QUESTION 3
Which of the following attacks are examples of Denial-of-service attacks (DoS)?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Fraggle attack
  • B. Smurf attack
  • C. Birthday attack
  • D. Ping flood attack

Answer: ABD

NEW QUESTION 4
Which of the following attacking methods allows the bypassing of access control lists on servers or routers, either hiding a computer on a network or allowing it to impersonate another computer by changing the Media Access Control address?

  • A. IP address spoofing
  • B. VLAN hoping
  • C. ARP spoofing
  • D. MAC spoofing

Answer: D

NEW QUESTION 5
Which of the following attacks involves multiple compromised systems to attack a single target?

  • A. Brute force attack
  • B. Replay attack
  • C. Dictionary attack
  • D. DDoS attack

Answer: D

NEW QUESTION 6
Which of the following techniques can be used to map 'open' or 'pass through' ports on a gateway?

  • A. Traceport
  • B. Tracefire
  • C. Tracegate
  • D. Traceroute

Answer: D

NEW QUESTION 7
John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we-are-secure.com. On the We-are-secure login page, he enters ='or''=' as a username and successfully logs in to the user page of the Web site.
The we-are-secure login page is vulnerable to a __________.

  • A. Dictionary attack
  • B. SQL injection attack
  • C. Replay attack
  • D. Land attack

Answer: B

NEW QUESTION 8
Which of the following is used to determine the range of IP addresses that are mapped to a live hosts?

  • A. Port sweep
  • B. Ping sweep
  • C. IP sweep
  • D. Telnet sweep

Answer: B

NEW QUESTION 9
Which of the following penetration testing phases involves gathering data from whois, DNS, and network scanning, which helps in mapping a target network and provides valuable information regarding the operating system and applications running on the systems?

  • A. Post-attack phase
  • B. On-attack phase
  • C. Attack phase
  • D. Pre-attack phase

Answer: D

NEW QUESTION 10
Which of the following refers to applications or files that are not classified as viruses or Trojan horse programs, but can still negatively affect the performance of the computers on your network and introduce significant security risks to your organization?

  • A. Hardware
  • B. Grayware
  • C. Firmware
  • D. Melissa

Answer: B

NEW QUESTION 11
You are the Administrator for a corporate network. You are concerned about denial of service attacks.
Which of the following would be the most help against Denial of Service (DOS) attacks?

  • A. Packet filtering firewall
  • B. Network surveys.
  • C. Honey pot
  • D. Stateful Packet Inspection (SPI) firewall

Answer: D

NEW QUESTION 12
You work as a Network Administrator for Perfect Solutions Inc. The company has a Linux-based network. You are working as a root user on the Linux operating system. Your company is facing an IP spoofing attack.
Which of the following tools will you use to get an alert saying that an upcoming IP packet is being spoofed?

  • A. Despoof
  • B. Dsniff
  • C. ethereal
  • D. Neotrace

Answer: A

NEW QUESTION 13
You want to scan your network quickly to detect live hosts by using ICMP ECHO Requests. What type of scanning will you perform to accomplish the task?

  • A. Idle scan
  • B. TCP SYN scan
  • C. XMAS scan
  • D. Ping sweep scan

Answer: D

NEW QUESTION 14
John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He finds that the We-are-secure server is vulnerable to attacks. As a countermeasure, he suggests that the Network Administrator should remove the IPP printing capability from the server. He is suggesting this as a countermeasure against __________.

  • A. IIS buffer overflow
  • B. NetBIOS NULL session
  • C. SNMP enumeration
  • D. DNS zone transfer

Answer: A

NEW QUESTION 15
Which of the following actions is performed by the netcat command given below?
nc 55555 < /etc/passwd

  • A. It changes the /etc/passwd file when connected to the UDP port 55555.
  • B. It resets the /etc/passwd file to the UDP port 55555.
  • C. It fills the incoming connections to /etc/passwd file.
  • D. It grabs the /etc/passwd file when connected to UDP port 55555.

Answer: D

NEW QUESTION 16
......

Thanks for reading the newest GCIH exam dumps! We recommend you to try the PREMIUM Allfreedumps.com GCIH dumps in VCE and PDF here: https://www.allfreedumps.com/GCIH-dumps.html (328 Q&As Dumps)