[Apr 07, 2024] GIAC GCIH Exam Dumps Files, Q1/275: You are the Administrator for a corporate network. You are concerned about denial of service attacks.

Join the discussion

Question 1/275

You are the Administrator for a corporate network. You are concerned about denial of service attacks.
Which of the following measures would be most helpful in defending against a Denial-of-Service (DoS) attack?

A. Place a honey pot in the DMZ.

B. Implement network based antivirus.

C. Shorten the timeout for connection attempts.

D. Implement a strong password policy.

Add Comments

Other Question (275q): Q1. You are the Administrator for a corporate network. You are concerned about denial of servi...; Q2. Which of the following attacks are examples of Denial-of-service attacks (DoS)? Each corre...; Q3. Which of the following applications is an example of a data-sending Trojan?...; Q4. You are monitoring your network's behavior. You find a sudden increase in traffic on the n...; Q5. In which of the following attacking methods does an attacker distribute incorrect IP addre...; Q6. You want to add a netbus Trojan in the chess.exe game program so that you can gain remote ...; Q7. You work as a Penetration Tester for the Infosec Inc. Your company takes the projects of s...; Q8. Which of the following penetration testing phases involves gathering data from whois, DNS,...; Q9. Adam, a malicious hacker, wants to perform a reliable scan against a remote target. He is ...; Q10. Which of the following types of attacks is often performed by looking surreptitiously at t...; Q11. Which of the following types of malware can an antivirus application disable and destroy? ...; Q12. Which of the following statements about Denial-of-Service (DoS) attack are true? Each corr...; Q13. Which of the following types of attacks is mounted with the objective of causing a negativ...; Q14. Which of the following types of attacks is mounted with the objective of causing a negativ...; Q15. Which of the following is an Internet mapping technique that relies on various BGP collect...; Q16. Which of the following HTTP requests is the SQL injection attack?...; Q17. Which of the following tools can be used to perform brute force attack on a remote databas...; Q18. Andrew, a bachelor student of Faulkner University, creates a gmail account. He uses 'Faulk...; Q19. Victor works as a professional Ethical Hacker for SecureNet Inc. He wants to use Steganogr...; Q20. Which of the following malicious software travels across computer networks without the ass...; Q21. Which of the following tools is an automated tool that is used to implement SQL injections...; Q22. In which of the following malicious hacking steps does email tracking come under?...; Q23. John works as an Ethical Hacker for PassGuide Inc. He wants to find out the ports that are...; Q24. In which of the following steps of the incident handling processes does the Incident Handl...; Q25. Adam, a malicious hacker is sniffing the network to inject ARP packets. He injects broadca...; Q26. Adam works as a sales manager for Umbrella Inc. He wants to download software from the Int...; Q27. Which of the following is executed when a predetermined event occurs?...; Q28. Which of the following IP packet elements is responsible for authentication while using IP...; Q29. Against which of the following does SSH provide protection? Each correct answer represents...; Q30. John works as an Ethical Hacker for PassGuide Inc. He wants to find out the ports that are...; Q31. Your friend plans to install a Trojan on your computer. He knows that if he gives you a ne...; Q32. You work as an Incident handling manager for a company. The public relations process of th...; Q33. Adam, a novice web user, is very conscious about the security. He wants to visit the Web s...; Q34. Adam works as a sales manager for Umbrella Inc. He wants to download software from the Int...; Q35. Which of the following can be used to perform session hijacking? Each correct answer repre...; Q36. SIMULATION Fill in the blank with the appropriate name of the tool. ______ scans for rootk...; Q37. Which of the following statements about buffer overflow are true? Each correct answer repr...; Q38. You see the career section of a company's Web site and analyze the job profile requirement...; Q39. You work as a Network Administrator for Net Perfect Inc. The company has a Windows-based n...; Q40. You discover that your network routers are being flooded with broadcast packets that have ...; Q41. Which of the following are types of access control attacks? Each correct answer represents...; Q42. You have inserted a Trojan on your friend's computer and you want to put it in the startup...; Q43. Which of the following types of attacks is targeting a Web server with multiple compromise...; Q44. Mark works as a Network Administrator for Perfect Inc. The company has both wired and wire...; Q45. Which of the following procedures is designed to enable security personnel to identify, mi...; Q46. Which of the following is the process of comparing cryptographic hash functions of system ...; Q47. John works as a professional Ethical Hacker. He is assigned a project to test the security...; Q48. Which of the following penetration testing phases involves gathering data from whois, DNS,...; Q49. You work as a Network Administrator in the SecureTech Inc. The SecureTech Inc. is using Li...; Q50. Which of the following options scans the networks for vulnerabilities regarding the securi...; Q51. You work as a Network Penetration tester in the Secure Inc. Your company takes the project...; Q52. Which of the following programs can be used to detect stealth port scans performed by a ma...; Q53. Adam works as an Incident Handler for Umbrella Inc. He has been sent to the California uni...; Q54. Which of the following are the rules by which an organization operates?...; Q55. John works as a Penetration Tester in a security service providing firm named you-are-secu...; Q56. Which of the following can be used as a countermeasure against the SQL injection attack? E...; Q57. You work as an Incident handler in Mariotrixt.Inc. You have followed the Incident handling...; Q58. In which of the following scanning methods do Windows operating systems send only RST pack...; Q59. Which of the following tools can be used for stress testing of a Web server? Each correct ...; Q60. Which of the following types of skills are required in the members of an incident handling...; Q61. Which of the following statements are true regarding SYN flood attack?...; Q62. Which of the following statements about buffer overflow is true?...; Q63. You work as a Network Administrator for Tech Perfect Inc. The company has a TCP/IP-based n...; Q64. Mark works as a Network Administrator for Perfect Inc. The company has both wired and wire...; Q65. CORRECT TEXT Fill in the blank with the correct numeric value. ARP poisoning is achieved i...; Q66. Which of the following applications automatically calculates cryptographic hashes of all k...; Q67. In which of the following attacks does an attacker create the IP packets with a forged (sp...; Q68. Which of the following commands is used to access Windows resources from Linux workstation...; Q69. You see the career section of a company's Web site and analyze the job profile requirement...; Q70. Which of the following keyloggers cannot be detected by anti-virus or anti-spyware product...; Q71. Which of the following are open-source vulnerability scanners?...; Q72. Which of the following attacks allows an attacker to retrieve crucial information from a W...; Q73. Which of the following is a reason to implement security logging on a DNS server?...; Q74. Which of the following malicious code can have more than one type of trigger, multiple tas...; Q75. You are responsible for security at a company that uses a lot of Web applications. You are...; Q76. You have inserted a Trojan on your friend's computer and you want to put it in the startup...; Q77. Who are the primary victims of smurf attacks on the contemporary Internet system?...; Q78. Which of the following tools is used for vulnerability scanning and calls Hydra to launch ...; Q79. Which of the following Nmap commands is used to perform a UDP port scan?...; Q80. Which of the following incident response team members ensures that the policies of the org...; Q81. You want to integrate the Nikto tool with nessus vulnerability scanner. Which of the follo...; Q82. Your company has been hired to provide consultancy, development, and integration services ...; Q83. Adam has installed and configured his wireless network. He has enabled numerous security f...; Q84. Which of the following types of channels is used by Trojans for communication?...; Q85. Fill in the blank with the appropriate term. ______ is a technique used to make sure that ...; Q86. You want to scan your network quickly to detect live hosts by using ICMP ECHO Requests. Wh...; Q87. You work as a Network Administrator for Net Perfect Inc. The company has a Windows-based n...; Q88. Which of the following tools will you use to prevent from session hijacking? Each correct ...; Q89. Which of the following systems is used in the United States to coordinate emergency prepar...; Q90. Which of the following refers to a condition in which a hacker sends a bunch of packets th...; Q91. You have configured a virtualized Internet browser on your Windows XP professional compute...; Q92. Your friend plans to install a Trojan on your computer. He knows that if he gives you a ne...; Q93. John works as a professional Ethical Hacker. He has been assigned a project to test the se...; Q94. John works as a professional Ethical Hacker. He is assigned a project to test the security...; Q95. Which of the following is a computer worm that caused a denial of service on some Internet...; Q96. Which of the following statements is true about the difference between worms and Trojan ho...; Q97. You work as a Security Administrator for Net Perfect Inc. The company has a Windows-based ...; Q98. Adam, a malicious hacker purposely sends fragmented ICMP packets to a remote target. The t...; Q99. You work as a Network Administrator for Marioxnet Inc. You have the responsibility of hand...; Q100. John works as a Network Administrator for Net Perfect Inc. The company has a Windows-based...; Q101. You are the Security Consultant and have been hired to check security for a client's netwo...; Q102. You work as a System Administrator for Happy World Inc. Your company has a server named uC...; Q103. You see the career section of a company's Web site and analyze the job profile requirement...; Q104. Victor works as a professional Ethical Hacker for SecureNet Inc. He wants to use Steganogr...; Q105. Adam, a novice computer user, works primarily from home as a medical professional. He just...; Q106. You want to connect to your friend's computer and run a Trojan on it. Which of the followi...; Q107. John works as a Professional Penetration Tester. He has been assigned a project to test th...; Q108. Which of the following are the automated tools that are used to perform penetration testin...; Q109. Which of the following rootkits adds additional code or replaces portions of an operating ...; Q110. You work as a Penetration Tester for the Infosec Inc. Your company takes the projects of s...; Q111. You enter the netstat -an command in the command prompt and you receive intimation that po...; Q112. Address Resolution Protocol (ARP) spoofing, also known as ARP poisoning or ARP Poison Rout...; Q113. An attacker sends a large number of packets to a target computer that causes denial of ser...; Q114. Which of the following is a network worm that exploits the RPC sub-system vulnerability pr...; Q115. Which of the following is a type of computer security vulnerability typically found in Web...; Q116. You work as a Senior Marketing Manager for Umbrella Inc. You find out that some of the sof...; Q117. Which of the following statements is true about a Trojan engine?...; Q118. Jason, a Malicious Hacker, is a student of Baker university. He wants to perform remote ha...; Q119. Which of the following threats is a combination of worm, virus, and Trojan horse character...; Q120. You have configured a virtualized Internet browser on your Windows XP professional compute...; Q121. Which of the following protocol loggers is used to detect ping sweep?...; Q122. Fill in the blank with the appropriate word. StackGuard (as used by Immunix), ssp/ProPolic...; Q123. John works as a professional Ethical Hacker. He has been assigned a project to test the se...; Q124. Which of the following US Acts emphasized a "risk-based policy for cost-effective security...; Q125. John works as a Professional Ethical Hacker for NetPerfect Inc. The company has a Linux-ba...; Q126. You work as a System Administrator for Happy World Inc. Your company has a server named uC...; Q127. Which of the following applications automatically calculates cryptographic hashes of all k...; Q128. Which of the following password cracking attacks is based on a pre-calculated hash table t...; Q129. You work as a System Administrator in SunSoft Inc. You are running a virtual machine on Wi...; Q130. You send SYN packets with the exact TTL of the target system starting at port 1 and going ...; Q131. Which of the following tools is described in the statement given below? "It has a database...; Q132. You work as a Network Administrator for Infonet Inc. The company has a Windows Server 2008...; Q133. You want to measure the number of heaps used and overflows occurred at a point in time. Wh...; Q134. You want to use PGP files for steganography. Which of the following tools will you use to ...; Q135. Adam, a malicious hacker is sniffing the network to inject ARP packets. He injects broadca...; Q136. You work as a Network Administrator for Net Perfect Inc. The company has a Windows-based n...; Q137. The IT administrator wants to implement a stronger security policy. What are the four most...; Q138. John, a novice web user, makes a new E-mail account and keeps his password as "apple", his...; Q139. Which of the following is an Internet mapping technique that relies on various BGP collect...; Q140. Which of the following statements are true about worms? Each correct answer represents a c...; Q141. In which of the following steps of the incident handling processes does the Incident Handl...; Q142. Adam is a novice Web user. He chooses a 22 letters long word from the dictionary as his pa...; Q143. Which of the following programs is used for bypassing normal authentication for securing r...; Q144. CORRECT TEXT Fill in the blank with the appropriate option to complete the statement below...; Q145. Maria works as the Chief Security Officer for PassGuide Inc. She wants to send secret mess...; Q146. You work as a Network Administrator for Infonet Inc. The company has a Windows Server 2008...; Q147. Which of the following is the most common vulnerability that can affect desktop applicatio...; Q148. Adam works as a Network Administrator for PassGuide Inc. He wants to prevent the network f...; Q149. Which of the following statements are true about session hijacking? Each correct answer re...; Q150. Which of the following statements are true about firewalking? Each correct answer represen...; Q151. Which of the following are used to identify who is responsible for responding to an incide...; Q152. Which of the following applications is NOT used for passive OS fingerprinting?...; Q153. Adam works as an Incident Handler for Umbrella Inc. He has been sent to the California uni...; Q154. Which of the following penetration testing phases involves reconnaissance or data gatherin...; Q155. SIMULATION Fill in the blank with the correct numeric value. ARP poisoning is achieved in ...; Q156. Which of the following types of malware can an antivirus application disable and destroy? ...; Q157. Which of the following is a method of gaining access to a system that bypasses normal auth...; Q158. Which of the following are countermeasures to prevent unauthorized database access attacks...; Q159. Adam works as a Security administrator for Umbrella Inc. He runs the following traceroute ...; Q160. Your friend plans to install a Trojan on your computer. He knows that if he gives you a ne...; Q161. Adam works as a Network Administrator for PassGuide Inc. He wants to prevent the network f...; Q162. Which of the following attacking methods allows the bypassing of access control lists on s...; Q163. Which of the following types of attacks come under the category of hacker attacks? Each co...; Q164. Adam, a novice web user, is very conscious about the security. He wants to visit the Web s...; Q165. Which of the following ensures that the investigation process of incident response team do...; Q166. Which of the following refers to applications or files that are not classified as viruses ...; Q167. Which of the following Incident handling process phases is responsible for defining rules,...; Q168. Your company has been hired to provide consultancy, development, and integration services ...; Q169. You are the Administrator for a corporate network. You are concerned about denial of servi...; Q170. Which of the following types of attacks is the result of vulnerabilities in a program due ...; Q171. Which of the following is the Web 2.0 programming methodology that is used to create Web p...; Q172. Which of the following types of rootkits replaces regular application binaries with Trojan...; Q173. Which of the following rootkits is used to attack against full disk encryption systems?...; Q174. John works as a C programmer. He develops the following C program: #include <stdlib.h&g...; Q175. Ryan, a malicious hacker submits Cross-Site Scripting (XSS) exploit code to the Website of...; Q176. A user is sending a large number of protocol packets to a network in order to saturate its...; Q177. Network mapping provides a security testing team with a blueprint of the organization. Whi...; Q178. Which of the following is used to determine the operating system on the remote computer in...; Q179. What is the purpose of configuring a password protected screen saver on a computer?...; Q180. You run the following command while using Nikto Web scanner: perl nikto.pl -h 192.168.0.1 ...; Q181. Which of the following rootkits is able to load the original operating system as a virtual...; Q182. Which of the following DoS attacks affects mostly Windows computers by sending corrupt UDP...; Q183. John is a malicious attacker. He illegally accesses the server of We-are-secure Inc. He th...; Q184. Which of the following types of attacks is targeting a Web server with multiple compromise...; Q185. Adam works as a Security Analyst for Umbrella Inc. Company has a Windows-based network. Al...; Q186. Which of the following statements about threats are true? Each correct answer represents a...; Q187. Adam works as an Incident Handler for Umbrella Inc. He is informed by the senior authoriti...; Q188. Adam works as a Security Administrator for Umbrella Inc. A project has been assigned to hi...; Q189. Jason, a Malicious Hacker, is a student of Baker university. He wants to perform remote ha...; Q190. Which of the following is the difference between SSL and S-HTTP?...; Q191. Which of the following tools is used to download the Web pages of a Website on the local s...; Q192. Fill in the blank with the correct numeric value. ARP poisoning is achieved in ______ step...; Q193. In which of the following malicious hacking steps does email tracking come under?...; Q194. Adam, a malicious hacker performs an exploit, which is given below: ######################...; Q195. Adam, a malicious hacker has successfully gained unauthorized access to the Linux system o...; Q196. You discover that your network routers are being flooded with broadcast packets that have ...; Q197. Which of the following steps of incident response is steady in nature?...; Q198. Which of the following tools can be used to detect the steganography?...; Q199. You are the Administrator for a corporate network. You are concerned about denial of servi...; Q200. Which of the following is a technique for creating Internet maps? Each correct answer repr...; Q201. You work as a professional Ethical Hacker. You are assigned a project to test the security...; Q202. Which of the following ensures that a party to a dispute cannot deny the authenticity of t...; Q203. Which of the following tools is used for port scanning?...; Q204. You run the following PHP script: <?php $name = mysql_real_escape_string($_POST["name"]...; Q205. In which of the following DoS attacks does an attacker send an ICMP packet larger than 65,...; Q206. Which of the following are types of access control attacks? Each correct answer represents...; Q207. Which of the following services CANNOT be performed by the nmap utility? Each correct answ...; Q208. Maria works as the Chief Security Officer for PassGuide Inc. She wants to send secret mess...; Q209. Which of the following hacking tools provides shell access over ICMP?...; Q210. You work as a Network Administrator for Marioxnet Inc. You have the responsibility of hand...; Q211. Firekiller 2000 is an example of a __________....; Q212. Adam works as a Security Administrator for Umbrella Inc. A project has been assigned to hi...; Q213. Which of the following statements is true about the difference between worms and Trojan ho...; Q214. Which of the following types of rootkits replaces regular application binaries with Trojan...; Q215. You work as a professional Ethical Hacker. You are assigned a project to test the security...; Q216. A user is sending a large number of protocol packets to a network in order to saturate its...; Q217. Which of the following refers to the exploitation of a valid computer session to gain unau...; Q218. In which of the following attacks does an attacker spoof the source address in IP packets ...; Q219. John, a part-time hacker, has accessed in unauthorized way to the www.yourbank.com banking...; Q220. Victor wants to send an encrypted message to his friend. He is using certain steganography...; Q221. You work as a Senior Marketing Manager for Umbrella Inc. You find out that some of the sof...; Q222. Choose the correct actions performed during the Eradication step of the incident handling ...; Q223. John works as a professional Ethical Hacker. He has been assigned the project of testing t...; Q224. Maria works as a professional Ethical Hacker. She has been assigned the project of testing...; Q225. You are concerned about rootkits on your network communicating with attackers outside your...; Q226. You work as a Senior Marketing Manager for Umbrella Inc. You find out that some of the sof...; Q227. In which of the following attacks does an attacker create the IP packets with a forged (sp...; Q228. In which of the following attacks does an attacker use packet sniffing to read network tra...; Q229. Which of the following procedures is designed to enable security personnel to identify, mi...; Q230. Which of the following tools can be used for steganography? Each correct answer represents...; Q231. Choose and reorder the steps of an incident handling process in their correct order. (Exhi...; Q232. Rick works as a Computer Forensic Investigator for BlueWells Inc. He has been informed tha...; Q233. Windump is a Windows port of the famous TCPDump packet sniffer available on a variety of p...; Q234. Which of the following tools can be used to detect the steganography?...; Q235. Adam works as a Security Administrator for Umbrella Inc. A project has been assigned to hi...; Q236. Which of the following tools are used as a network traffic monitoring tool in the Linux op...; Q237. You are monitoring your network's behavior. You find a sudden increase in traffic on the n...; Q238. You want to add a netbus Trojan in the chess.exe game program so that you can gain remote ...; Q239. Which of the following attacks come under the category of layer 2 Denial-of-Service attack...; Q240. Which of the following DoS attacks affects mostly Windows computers by sending corrupt UDP...; Q241. You execute the following netcat command: c:\target\nc -1 -p 53 -d -e cmd.exe What action ...; Q242. Which of the following provides packet-level encryption between hosts in a LAN?...; Q243. Jason, a Malicious Hacker, is a student of Baker university. He wants to perform remote ha...; Q244. Which of the following US Acts emphasized a "risk-based policy for cost-effective security...; Q245. Which of the following is designed to protect the Internet resolvers (clients) from forged...; Q246. SIMULATION Fill in the blank with the appropriate term. ______ is a free Unix subsystem th...; Q247. Which of the following strategies allows a user to limit access according to unique hardwa...; Q248. Which of the following Denial-of-Service (DoS) attacks employ IP fragmentation mechanism? ...; Q249. Your friend plans to install a Trojan on your computer. He knows that if he gives you a ne...; Q250. Adam, a malicious hacker purposely sends fragmented ICMP packets to a remote target. The t...; Q251. An Active Attack is a type of steganography attack in which the attacker changes the carri...; Q252. Which of the following tools uses common UNIX/Linux tools like the strings and grep comman...; Q253. Many organizations create network maps of their network system to visualize the network an...; Q254. Which of the following is a computer worm that caused a denial of service on some Internet...; Q255. Network mapping provides a security testing team with a blueprint of the organization. Whi...; Q256. You work as a Network Administrator for Perfect Solutions Inc. The company has a Linux-bas...; Q257. The Klez worm is a mass-mailing worm that exploits a vulnerability to open an executable a...; Q258. John works as a Network Administrator for We-are-secure Inc. He finds that TCP port 7597 o...; Q259. OutGuess is used for __________ attack.; Q260. Fill in the blank with the appropriate term. _______is the practice of monitoring and pote...; Q261. Adam works as a Penetration Tester for Umbrella Inc. A project has been assigned to him ch...; Q262. You check performance logs and note that there has been a recent dramatic increase in the ...; Q263. Fill in the blank with the appropriate option to complete the statement below. You want to...; Q264. Session splicing is an IDS evasion technique in which an attacker delivers data in multipl...; Q265. Against which of the following does SSH provide protection? Each correct answer represents...; Q266. Which of the following is a technique of using a modem to automatically scan a list of tel...; Q267. Adam works as an Incident Handler for Umbrella Inc. He is informed by the senior authoriti...; Q268. Which of the following refers to the exploitation of a valid computer session to gain unau...; Q269. James works as a Database Administrator for Techsoft Inc. The company has a SQL Server 200...; Q270. Which of the following rootkits adds additional code or replaces portions of an operating ...; Q271. Adam, a malicious hacker is running a scan. Statistics of the scan is as follows: Scan dir...; Q272. John works as a professional Ethical Hacker. He has been assigned a project to test the se...; Q273. Which of the following attacking methods allows the bypassing of access control lists on s...; Q274. You work as a Network Administrator in the SecureTech Inc. The SecureTech Inc. is using Li...; Q275. Which of the following statements about buffer overflow are true? Each correct answer repr...

Join the discussion

Question 1/275

Add Comments

Download PDF File