Winter Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: s2p65

Easiest Solution 2 Pass Your Certification Exams

GCIH GIAC Certified Incident Handler Free Practice Exam Questions (2025 Updated)

Prepare effectively for your GIAC GCIH GIAC Certified Incident Handler certification with our extensive collection of free, high-quality practice questions. Each question is designed to mirror the actual exam format and objectives, complete with comprehensive answers and detailed explanations. Our materials are regularly updated for 2025, ensuring you have the most current resources to build confidence and succeed on your first attempt.

GIAC GCIH Premium Access     Download Demo    
Page: 4 / 5
Total 328 questions

You work as a Network Penetration tester in the Secure Inc. Your company takes the projects to test the security of various companies. Recently, Secure Inc. has assigned you a project to test the security of a Web site. You go to the Web site login page and you run the following SQL query:

SELECT email, passwd, login_id, full_name

FROM members

WHERE email = 'attacker@somehwere.com'; DROP TABLE members; --'

What task will the above SQL query perform?

A.

Deletes the database in which members table resides.

B.

Deletes the rows of members table where email id is 'attacker@somehwere.com' given.

C.

Performs the XSS attacks.

D.

Deletes the entire members table.

Fill in the blank with the appropriate name of the attack.

______ takes best advantage of an existing authenticated connection

You are hired as a Database Administrator for Jennifer Shopping Cart Inc. You monitor the server health through the System Monitor and found that there is a sudden increase in the number of logins.

Which of the following types of attack has occurred?

A.

Injection

B.

Virus

C.

Worm

D.

Denial-of-service

Firekiller 2000 is an example of a __________.

A.

Security software disabler Trojan

B.

DoS attack Trojan

C.

Data sending Trojan

D.

Remote access Trojan

Which of the following types of attacks is often performed by looking surreptitiously at the keyboard or monitor of an employee's computer?

A.

Buffer-overflow attack

B.

Shoulder surfing attack

C.

Man-in-the-middle attack

D.

Denial-of-Service (DoS) attack

Which of the following programming languages are NOT vulnerable to buffer overflow attacks?

Each correct answer represents a complete solution. Choose two.

A.

C

B.

Java

C.

C++

D.

Perl

Which of the following tools can be used to perform brute force attack on a remote database?

Each correct answer represents a complete solution. Choose all that apply.

A.

SQLBF

B.

SQLDict

C.

FindSA

D.

nmap

Which of the following is the best method of accurately identifying the services running on a victim host?

A.

Use of the manual method of telnet to each of the open ports.

B.

Use of a port scanner to scan each port to confirm the services running.

C.

Use of hit and trial method to guess the services and ports of the victim host.

D.

Use of a vulnerability scanner to try to probe each port to verify which service is running.

Which of the following are types of access control attacks?

Each correct answer represents a complete solution. Choose all that apply.

A.

Spoofing

B.

Brute force attack

C.

Dictionary attack

D.

Mail bombing

You see the career section of a company's Web site and analyze the job profile requirements. You conclude that the company wants professionals who have a sharp knowledge of Windows server 2003 and Windows active directory installation and placement. Which of the following steps are you using to perform hacking?

A.

Scanning

B.

Covering tracks

C.

Reconnaissance

D.

Gaining access

Which of the following statements are true about netcat?

Each correct answer represents a complete solution. Choose all that apply.

A.

It provides special tunneling, such as UDP to TCP, with the possibility of specifying all network parameters.

B.

It can be used as a file transfer solution.

C.

It provides outbound and inbound connections for TCP and UDP ports.

D.

The nc -z command can be used to redirect stdin/stdout from a program.

Which of the following attacks is specially used for cracking a password?

A.

PING attack

B.

Dictionary attack

C.

Vulnerability attack

D.

DoS attack

Which of the following statements are true about firewalking?

Each correct answer represents a complete solution. Choose all that apply.

A.

To use firewalking, the attacker needs the IP address of the last known gateway before the firewall and the IP address of a host located behind the firewall.

B.

In this technique, an attacker sends a crafted packet with a TTL value that is set to expire one hop past the firewall.

C.

A malicious attacker can use firewalking to determine the types of ports/protocols that can bypass the firewall.

D.

Firewalking works on the UDP packets.

You run the following command while using Nikto Web scanner:

perl nikto.pl -h 192.168.0.1 -p 443

What action do you want to perform?

A.

Using it as a proxy server

B.

Updating Nikto

C.

Seting Nikto for network sniffing

D.

Port scanning

Ryan, a malicious hacker submits Cross-Site Scripting (XSS) exploit code to the Website of Internet forum for online discussion. When a user visits the infected Web page, code gets automatically executed and Ryan can easily perform acts like account hijacking, history theft etc. Which of the following types of Cross-Site Scripting attack Ryan intends to do?

A.

Non persistent

B.

Document Object Model (DOM)

C.

SAX

D.

Persistent

An attacker sends a large number of packets to a target computer that causes denial of service.

Which of the following type of attacks is this?

A.

Spoofing

B.

Snooping

C.

Phishing

D.

Flooding

Adam works as a Senior Programmer for Umbrella Inc. A project has been assigned to him to write a short program to gather user input for a Web application. He wants to keep his program neat and simple. His chooses to use printf(str) where he should have ideally used printf("%s", str).

What attack will his program expose the Web application to?

A.

Format string attack

B.

Cross Site Scripting attack

C.

SQL injection attack

D.

Sequence++ attack

You work as a Network Administrator for Infonet Inc. The company has a Windows Server 2008 Active Directory-based single domain single forest network. The company has three Windows 2008 file servers, 150 Windows XP Professional, thirty UNIX-based client computers. The network users have identical user accounts for both Active Directory and the UNIX realm. You want to ensure that the UNIX clients on the network can access the file servers. You also want to ensure that the users are able to access all resources by logging on only once, and that no additional software is installed on the UNIX clients. What will you do to accomplish this task?

Each correct answer represents a part of the solution. Choose two.

A.

Configure a distributed file system (Dfs) on the file server in the network.

B.

Enable the Network File System (NFS) component on the file servers in the network.

C.

Configure ADRMS on the file servers in the network.

D.

Enable User Name Mapping on the file servers in the network.

Which of the following is a network worm that exploits the RPC sub-system vulnerability present in the Microsoft Windows operating system?

A.

Win32/Agent

B.

WMA/TrojanDownloader.GetCodec

C.

Win32/Conflicker

D.

Win32/PSW.OnLineGames

You have configured a virtualized Internet browser on your Windows XP professional computer. Using the virtualized Internet browser, you can protect your operating system from which of the following?

A.

Brute force attack

B.

Mail bombing

C.

Distributed denial of service (DDOS) attack

D.

Malware installation from unknown Web sites

GIAC GCIH Premium Access     Download Demo    
Page: 4 / 5
Total 328 questions
Copyright © 2014-2025 Solution2Pass. All Rights Reserved