[Jun-2025] Valid Way To Pass GIAC Exam Dumps with GCIH Exam Study Guide
All GCIH Dumps and GIAC Certified Incident Handler Training Courses Help candidates to study and pass the Exams hassle-free!
NEW QUESTION # 199
Which of the following statements are true about worms?
Each correct answer represents a complete solution. Choose all that apply.
- A. Worms cause harm to the network by consuming bandwidth, whereas viruses almost always corrupt or modify files
on a targeted computer. - B. One feature of worms is keystroke logging.
- C. Worms can exist inside files such as Word or Excel documents.
- D. Worms replicate themselves from one system to another without using a host file.
Answer: A,C,D
NEW QUESTION # 200
What is the major difference between a worm and a Trojan horse?
- A. A worm spreads via e-mail, while a Trojan horse does not.
- B. A Trojan horse is a malicious program, while a worm is an anti-virus software.
- C. A worm is self replicating, while a Trojan horse is not.
- D. A worm is a form of malicious program, while a Trojan horse is a utility.
Answer: C
NEW QUESTION # 201
Which of the following programming languages are NOT vulnerable to buffer overflow attacks?
Each correct answer represents a complete solution. Choose two.
- A. C
- B. Perl
- C. Java
- D. C++
Answer: B,C
Explanation:
Section: Volume B
Explanation/Reference:
NEW QUESTION # 202
Which of the following steps can be taken as countermeasures against sniffer attacks?
Each correct answer represents a complete solution. Choose all that apply.
- A. Reduce the range of the network to avoid attacks into wireless networks.
- B. Use switches instead of hubs since they switch communications, which means that information is delivered only to the predefined host.
- C. Use encrypted protocols for all communications.
- D. Use tools such as StackGuard and Immunix System to avoid attacks.
Answer: A,B,C
NEW QUESTION # 203
John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He has successfully completed the following steps of the pre-attack phase:
l Information gathering
l Determining network range
l Identifying active machines
l Finding open ports and applications
l OS fingerprinting
l Fingerprinting services
Now John wants to perform network mapping of the We-are-secure network. Which of the following tools can he use to accomplish his task?
Each correct answer represents a complete solution. Choose all that apply.
- A. Traceroute
- B. NeoTrace
- C. Cheops
- D. Ettercap
Answer: A,B,C
Explanation:
Section: Volume B
Explanation
NEW QUESTION # 204
Buffer overflows are one of the major errors used for exploitation on the Internet today. A buffer overflow occurs when a particular operation/function writes more data into a variable than the variable was designed to hold.
Which of the following are the two popular types of buffer overflows?
Each correct answer represents a complete solution. Choose two.
- A. Static buffer overflows
- B. Dynamic buffer overflows
- C. Heap based buffer overflow
- D. Stack based buffer overflow
Answer: C,D
NEW QUESTION # 205
Which of the following actions is performed by the netcat command given below?
nc 55555 < /etc/passwd
- A. It changes the /etc/passwd file when connected to the UDP port 55555.
- B. It grabs the /etc/passwd file when connected to UDP port 55555.
- C. It fills the incoming connections to /etc/passwd file.
- D. It resets the /etc/passwd file to the UDP port 55555.
Answer: B
Explanation:
Section: Volume B
Explanation
NEW QUESTION # 206
Which of the following provides packet-level encryption between hosts in a LAN?
- A. PFS
- B. PPTP
- C. Tunneling protocol
- D. IPsec
Answer: D
NEW QUESTION # 207
Against which of the following does SSH provide protection?
Each correct answer represents a complete solution. Choose two.
- A. DoS attack
- B. IP spoofing
- C. Password sniffing
- D. Broadcast storm
Answer: B,C
Explanation:
Section: Volume B
NEW QUESTION # 208
Which of the following statements about a Trojan horse are true?
Each correct answer represents a complete solution. Choose two.
- A. It is a malicious software program code that resembles another normal program.
- B. The writers of a Trojan horse can use it later to gain unauthorized access to a computer.
- C. It is a macro or script that attaches itself to a file or template.
- D. It infects the boot record on hard disks and floppy disks.
Answer: A,B
Explanation:
Section: Volume A
Explanation
NEW QUESTION # 209
Which of the following languages are vulnerable to a buffer overflow attack?
Each correct answer represents a complete solution. Choose all that apply.
- A. Action script
- B. Java
- C. C++
- D. C
Answer: C,D
NEW QUESTION # 210
Victor works as a professional Ethical Hacker for SecureEnet Inc. He has been assigned a job to test an image, in which some secret information is hidden, using Steganography. Victor performs the following techniques to accomplish the task:
1. Smoothening and decreasing contrast by averaging the pixels of the area where significant color transitions occurs.
2. Reducing noise by adjusting color and averaging pixel value.
3. Sharpening, Rotating, Resampling, and Softening the image.
Which of the following Steganography attacks is Victor using?
- A. Steg-Only Attack
- B. Stegdetect Attack
- C. Chosen-Stego Attack
- D. Active Attacks
Answer: D
Explanation:
Section: Volume B
NEW QUESTION # 211
You want to create an SSH tunnel for POP and SMTP protocols. Which of the following commands will you run?
- A. ssh -L 110:mailhost:110 -L 25:mailhost:25 -1 user -N mailhost
- B. ssh -L 25:mailhost:110 -L 110
- C. ssh -L 110:mailhost:110 -L 25:mailhost:25 -1
- D. ssh -L 110:mailhost:110 -L 25
Answer: A
NEW QUESTION # 212
Which of the following statements about smurf is true?
- A. It is an attack with IP fragments that cannot be reassembled.
- B. It is a UDP attack that involves spoofing and flooding.
- C. It is a denial of service (DoS) attack that leaves TCP ports open.
- D. It is an ICMP attack that involves spoofing and flooding.
Answer: D
Explanation:
Section: Volume C
NEW QUESTION # 213
Which of the following statements are true about netcat?
Each correct answer represents a complete solution. Choose all that apply.
- A. It can be used as a file transfer solution.
- B. It provides outbound and inbound connections for TCP and UDP ports.
- C. It provides special tunneling, such as UDP to TCP, with the possibility of specifying all network parameters.
- D. The nc -z command can be used to redirect stdin/stdout from a program.
Answer: A,B,C
NEW QUESTION # 214
Which of the following types of malware does not replicate itself but can spread only when the
circumstances are beneficial?
- A. Worm
- B. Trojan horse
- C. Mass mailer
- D. Blended threat
Answer: B
NEW QUESTION # 215
......
Real Exam Questions and Answers - GIAC GCIH Dump is Ready: https://drive.google.com/open?id=14y0qbvo2cpV9G1_mN-vqbH3OIvXSup2l
Get Latest [Jun-2025] Conduct effective penetration tests using ValidExam GCIH: https://www.validexam.com/GCIH-latest-dumps.html