DON'T WANT TO MISS A THING?

Certification Exam Passing Tips

Latest exam news and discount info

Curated and up-to-date by our experts

Yes, send me the newsletter

Latest GIAC GCIH Exam Questions for Effective Exam Preparation

The GIAC Certified Incident Handler (GCIH) certification validates a practitioner's ability to detect, respond, and resolve computer security incidents using a wide range of essential security skills. GCIH certification holders have the knowledge needed to manage security incidents by understanding common attack techniques, vectors and tools, as well as defend against and respond to such attacks when they occur. Preparing for the GCIH exam with SPOTO's exam questions and answers, test questions, and mock exams can significantly increase your chances of passing successfully. Their comprehensive exam preparation study materials and exam resources cover all the key topics, providing you with the necessary foundation to ace the certification exam. With SPOTO's high-quality exam questions and rigorous practice tests, you can confidently tackle the real GCIH exam.
Take other online exams
Question #1
Which of the following Incident handling process phases is responsible for defining rules, collaborating human workforce, creating a back-up plan, and testing the plans for an enterprise?
A. Preparation phase
B. Eradication phase
C. Identification phase
D. Recovery phase
E. Containment phase
View answer
Correct Answer: A
Question #2
Which of the following is a computer worm that caused a denial of service on some Internet hosts and dramatically slowed down general Internet traffic?
A. Klez
B. Code red
C. SQL Slammer
D. Beast
View answer
Correct Answer: C
Question #3
Which of the following takes control of a session between a server and a client using TELNET, FTP, or any other non-encrypted TCP/IP utility?
A. Dictionary attack
B. Session Hijacking
C. Trojan horse
D. Social Engineering
View answer
Correct Answer: B
Question #4
You work as a System Engineer for Cyber World Inc. Your company has a single Active Directory domain. All servers in the domain run Windows Server 2008.The Microsoft Hyper-V server role has been installed on one of the servers, namely uC1. uC1 hosts twelve virtual machines. You have been given the task to configure the Shutdown option for uC1, so that each virtual machine shuts down before the main Hyper-V server shuts down. Which of the following actions will you perform to accomplish the task?
A. Enable the Shut Down the Guest Operating System option in the Automatic Stop Action Properties on each virtual machine
B. Manually shut down each of the guest operating systems before the server shuts down
C. Create a batch file to shut down the guest operating system before the server shuts down
D. Create a logon script to shut down the guest operating system before the server shuts down
View answer
Correct Answer: A
Question #5
Adam works as a sales manager for Umbrella Inc. He wants to download software from the Internet. As the software comes from a site in his untrusted zone,Adam wants to ensure that the downloaded software has not been Trojaned. Which of the following options would indicate the best course of action for Adam?
A. Compare the file size of the software with the one given on the Website
B. Compare the version of the software with the one published on the distribution media
C. Compare the file's virus signature with the one published on the distribution
D. Compare the file's MD5 signature with the one published on the distribution media
View answer
Correct Answer: D
Question #6
Which of the following tools can be used to detect the steganography?
A. Dskprobe
B. Blindside
C. ImageHide
D. Snow
View answer
Correct Answer: A
Question #7
Which of the following functions can you use to mitigate a command injection attack?Each correct answer represents a part of the solution. (Choose all that apply.)
A. escapeshellarg()
B. escapeshellcmd()
C. htmlentities()
D. strip_tags()
View answer
Correct Answer: AB
Question #8
Maria works as a professional Ethical Hacker. She is assigned a project to test the security of www.we-are-secure.com. She wants to test a DoS attack on theWe-are-secure server. She finds that the firewall of the server is blocking the ICMP messages, but it is not checking the UDP packets. Therefore, she sends a large amount of UDP echo request traffic to the IP broadcast addresses. These UDP requests have a spoofed source address of the We-are-secure server. Which of the following DoS attacks is Maria usin
A. Ping flood attack
B. Fraggle DoS attack
C. Teardrop attack
D. Smurf DoS attack
View answer
Correct Answer: B
Question #9
Adam works as a Senior Programmer for Umbrella Inc. A project has been assigned to him to write a short program to gather user input for a Web application. He wants to keep his program neat and simple. His chooses to use printf(str) where he should have ideally used printf("%s", str).What attack will his program expose the Web application to?
A. Format string attack
B. Cross Site Scripting attack
C. SQL injection attack
D. Sequence++ attack
View answer
Correct Answer: A
Question #10
Which of the following password cracking attacks is based on a pre-calculated hash table to retrieve plain text passwords?
A. Rainbow attack
B. Brute Force attack
C. Dictionary attack
D. Hybrid attack
View answer
Correct Answer: A
Question #11
You work as a Network Administrator for InformSec Inc. You find that the TCP port number 23476 is open on your server. You suspect that there may be a Trojan named Donald Dick installed on your server. Now you want to verify whether Donald Dick is installed on it or not. For this, you want to know the process running on port 23476, as well as the process id, process name, and the path of the process on your server. Which of the following applications will you most likely use to accomplish the task?
A. Tripwire
B. SubSeven
C. Netstat
D. Fport
View answer
Correct Answer: D
Question #12
In which of the following scanning methods do Windows operating systems send only RST packets irrespective of whether the port is open or closed?
A. TCP FIN
B. FTP bounce
C. XMAS
D. TCP SYN
View answer
Correct Answer: A
Question #13
Which of the following is designed to protect the Internet resolvers (clients) from forged DNS data created by DNS cache poisoning?
A. Stub resolver
B. BINDER
C. Split-horizon DNS
D. Domain Name System Extension (DNSSEC)
View answer
Correct Answer: D
Question #14
Which of the following tools is used to download the Web pages of a Website on the local system?
A. wget
B. jplag
C. Nessus
D. Ettercap
View answer
Correct Answer: A
Question #15
Many organizations create network maps of their network system to visualize the network and understand the relationship between the end devices and the transport layer that provide services.Which of the following are the techniques used for network mapping by large organizations?Each correct answer represents a complete solution. (Choose three.)
A. Packet crafting
B. Route analytics
C. SNMP-based approaches
D. Active Probing
View answer
Correct Answer: BCD

View Answers after Submission

Please submit your email and WhatsApp to get the answers of questions.

Note: Please make sure your email ID and Whatsapp are valid so that you can get the correct exam results.

Email:
Whatsapp/phone number:


Copyright © 2024. Designer by SPOTO Official Website. All Rights Reserved.