1

If you are still hesitating whether to select ITCertMaster, you can free download part of our exam practice questions and answers from ITCertMaster website to determine our reliability. If you choose to download all of our providing exam practice questions and answers, ITCertMaster dare 100% guarantee that you can pass GIAC certification GPEN exam disposably with a high score.

If you buy ITCertMaster GIAC GPEN exam training materials, you will solve the problem of your test preparation. You will get the training materials which have the highest quality. Buy our products today, and you will open a new door, and you will get a better future. We can make you pay a minimum of effort to get the greatest success.

The person who has been able to succeed is because that he believed he can do it. ITCertMaster is able to help each IT person, because it has the capability. ITCertMaster GIAC GPEN exam training materials can help you to pass the exam. Any restrictions start from your own heart, if you want to pass the GIAC GPEN examination, you will choose the ITCertMaster.

We all know that the major problem in the IT industry is a lack of quality and practicality. ITCertMaster GIAC GPEN questions and answers to prepare for your exam training materials you need. Like actual certification exams, multiple-choice questions (multiple-choice questions) to help you pass the exam. The our ITCertMaster GIAC GPEN exam training materials, the verified exam, these questions and answers reflect the professional and practical experience of ITCertMaster.

Exam Code: GPEN
Exam Name: GIAC (GIAC Certified Penetration Tester)
Guaranteed success with practice guides, No help, Full refund!
384 Questions and Answers
Updated: 2013-10-24

GIAC GPEN authentication certificate is the dream IT certificate of many people. GIAC certification GPEN exam is a examination to test the examinees' IT professional knowledge and experience, which need to master abundant IT knowledge and experience to pass. In order to grasp so much knowledge, generally, it need to spend a lot of time and energy to review many books. ITCertMaster is a website which can help you save time and energy to rapidly and efficiently master the GIAC certification GPEN exam related knowledge. If you are interested in ITCertMaster, you can first free download part of ITCertMaster's GIAC certification GPEN exam exercises and answers on the Internet as a try.

Through the feedback of many examinees who have used ITCertMaster's training program to pass some IT certification exams, it proves that using ITCertMaster's products to pass IT certification exams is very easy. Recently, ITCertMaster has developed the newest training solutions about the popular GIAC certification GPEN exam, including some pertinent simulation tests that will help you consolidate related knowledge and let you be well ready for GIAC certification GPEN exam.

ITCertMaster is a website to provide IT certification exam training tool for people who attend IT certification exam examinee. ITCertMaster's training tool has strong pertinence, which can help you save a lot of valuable time and energy to pass IT certification exam. Our exercises and answers and are very close true examination questions. IN a short time of using ITCertMaster's simulation test, you can 100% pass the exam. So spending a small amount of time and money in exchange for such a good result is worthful. Please add ITCertMaster's training tool in your shopping cart now.

GPEN Free Demo Download: http://www.itcertmaster.com/GPEN.html

NO.1 Which of the following statements are true about WPA?
Each correct answer represents a complete solution. Choose all that apply.
A. WPA-PSK converts the passphrase into a 256-bit key.
B. WPA provides better security than WEP .
C. WPA-PSK requires a user to enter an 8-character to 63-character passphrase into a wireles s client.
D. Shared-key WPA is vulnerable to password cracking attacks if a weak passphrase is used.
Answer: A,B,C,D

GIAC   GPEN dumps   GPEN   GPEN dumps

NO.2 Which of the following attacks allows an attacker to sniff data frames on a local area network
(LAN) or stop the traffic altogether?
A. Man-in-the-middle
B. ARP spoofing
C. Port scanning
D. Session hijacking
Answer: B

GIAC   GPEN exam prep   GPEN exam dumps   GPEN

NO.3 Which of the following are the scanning methods used in penetration testing?
Each correct answer represents a complete solution. Choose all that apply.
A. Vulnerability
B. Port
C. Network
D. Services
Answer: A,B,C

GIAC   GPEN   GPEN   GPEN dumps

NO.4 Which of the following is NOT an example of passive footprinting?
A. Scanning ports.
B. Analyzing job requirements.
C. Performing the whois query.
D. Querying the search engine.
Answer: A

GIAC   GPEN exam dumps   GPEN   GPEN

NO.5 Which of the following statements are true about SSIDs?
Each correct answer represents a complete solution. Choose all that apply.
A. SSIDs are case insensitive text strings and have a maximum length of 64 characters.
B. Configuring the same SSID as that of the other Wireless Access Points (WAPs) of other networks
will create a conflict.
C. SSID is used to identify a wireless network.
D. All wireless devices on a wireless network must have the same SSID in order to communicate
with each other.
Answer: B,C,D

GIAC certification   GPEN   GPEN test answers   GPEN exam simulations

NO.6 Which of the following statements are true about KisMAC?
A. Data generated by KisMAC can also be saved in pcap format.
B. It cracks WEP and WPA keys by Rainbow attack or by dictionary attack.
C. It scans for networks passively on supported cards.
D. It is a wireless network discovery tool for Mac OS X.
Answer: A,C,D

GIAC   GPEN   GPEN test questions   GPEN test   GPEN practice test

NO.7 A Web developer with your company wants to have wireless access for contractors that come
in to work on various projects. The process of getting this approved takes time. So rather than wait,
he has put his own wireless router attached to one of the network ports in his department. What
security risk does this present?
A. An unauthorized WAP is one way for hackers to get into a network.
B. It is likely to increase network traffic and slow down network performance.
C. This circumvents network intrusion detection.
D. None, adding a wireless access point is a common task and not a security risk.
Answer: A

GIAC pdf   GPEN test questions   GPEN study guide

NO.8 An executive in your company reports odd behavior on her PDA. After investigation you
discover that a trusted device is actually copying data off the PDA. The executive tells you that the
behavior started shortly after accepting an e-business card from an unknown person. What type of
attack is this?
A. Session Hijacking
B. PDA Hijacking
C. Privilege Escalation
D. Bluesnarfing
Answer: D

GIAC exam dumps   GPEN practice test   GPEN exam dumps

NO.9 Which of the following tools can be used to perform brute force attack on a remote database?
Each correct answer represents a complete solution. Choose all that apply.
A. FindSA
B. SQLDict
C. nmap
D. SQLBF
Answer: A,B,D

GIAC   GPEN test questions   GPEN test   GPEN certification training   GPEN

NO.10 You work as a professional Ethical Hacker. You are assigned a project to perform blackhat
testing on www.we-are-secure.com. You visit the office of we-are-secure.com as an air-condition
mechanic. You claim that someone from the office called you saying that there is some fault in the
air-conditioner of the server room. After some inquiries/arguments, the Security Administrator
allows you to repair the air-conditioner of the server room.
When you get into the room, you found the server is Linux-based. You press the reboot button of
the server after inserting knoppix Live CD in the CD drive of the server. Now, the server promptly
boots backup into Knoppix. You mount the root partition of the server after replacing the root
password in the /etc/shadow file with a known password hash and salt. Further, you copy the netcat
tool on the server and install its startup files to create a reverse tunnel and move a shell to a remote
server whenever the server is restarted. You simply restart the server, pull out the Knoppix Live CD
from the server, and inform that the air-conditioner is working properly.
After completing this attack process, you create a security auditing report in which you mention
various threats such as social engineering threat, boot from Live CD, etc. and suggest the
countermeasures to stop booting from the external media and retrieving sensitive data. Which of
the following steps have you suggested to stop booting from the external media and retrieving
sensitive data with regard to the above scenario?
Each correct answer represents a complete solution. Choose two.
A. Encrypting disk partitions
B. Using password protected hard drives
C. Placing BIOS password
D. Setting only the root level access for sensitive data
Answer: A,B

GIAC   GPEN braindump   GPEN

NO.11 TCP FIN scanning is a type of stealth scanning through which the attacker sends a FIN packet to
the target port. If the port is closed, the victim assumes that this packet was sent mistakenly by the
attacker and sends the RST packet to the attacker. If the port is open, the FIN packet will be ignored
and the port will drop the packet. Which of the following operating systems can be easily identified
with the help of TCP FIN scanning?
A. Solaris
B. Red Hat
C. Windows
D. Knoppix
Answer: C

GIAC   GPEN test questions   GPEN   GPEN   GPEN

NO.12 Which of the following statements is true about the Digest Authentication scheme?
A. In this authentication scheme, the username and password are passed with every request, not
just when the user first types them.
B. A valid response from the client contains a checksum of the username, the password, the given
random value, the HTTP method, and the requested URL.
C. The password is sent over the network in clear text format.
D. It uses the base64 encoding encryption scheme.
Answer: B

GIAC certification   GPEN practice test   GPEN   GPEN test answers

NO.13 You execute the following netcat command:
c:\target\nc -1 -p 53 -d -e cmd.exe
What action do you want to perform by issuing the above command?
A. Capture data on port 53 and performing banner grabbing.
B. Listen the incoming traffic on port 53 and execute the remote shell.
C. Listen the incoming data and performing port scanning.
D. Capture data on port 53 and delete the remote shell.
Answer: B

GIAC   GPEN certification   GPEN   GPEN

NO.14 Which of the following options holds the strongest password?
A. california
B. $#164aviD

Post a Comment

  1. Get prepared for a successful attempt of GPEN certification exam. Come and join Examcollection to find 100% valid and up-to-date GPEN dumps. The GPEN exam dumps are entailing expertly designed and verified GPEN exam questions. Examcollection.in is claiming your success at first attempt and in case you fail, get your money back. Come and give it a try at:https://goo.gl/Lz1cEK

    ReplyDelete

 
Top