GPEN Dumps PDF 2022 Program Your Preparation EXAM SUCCESS
Get Perfect Results with Premium GPEN Dumps Updated 385 Questions
For more info visit:
NEW QUESTION 146
During a penetration test we determine that TCP port 22 is listening on a target host. Knowing that SSHD is the typical service that listens on that port we attempt to validate that assumption with an SSH client but our effort Is unsuccessful. It turns out that it is actually an Apache webserver listening on the port, which type of scan would have helped us to determine what service was listening on port 22?
- A. Version scanning
- B. Port scanning
- C. Network sweeping
- D. OS fingerprinting
Answer: C
NEW QUESTION 147
You are pen testing a Windows system remotely via a raw netcat shell. You want to get a listing of all the local users in the administrators group, what command would you use?
- A. Net localgroup administrators
- B. Net localuser administrators
- C. Net user administrators
- D. Net account administrators
Answer: A
NEW QUESTION 148
Which of the following penetration testing phases involves gathering data from whois, DNS, and network scanning, which helps in mapping a target network and provides valuable information regarding the operating system and applications running on the systems?
- A. Pre-attack phase
- B. Post-attack phase
- C. Attack phase
- D. On-attack phase
Answer: A
NEW QUESTION 149
In which of the following scanning methods does an attacker send SYN packets and then a RST packet?
- A. TCP SYN scan
- B. XMAS scan
- C. TCP FIN scan
- D. IDLE scan
Answer: A
NEW QUESTION 150
You have just set up a wireless network for customers at a coffee shop. Which of the following are good security measures to implement?
Each correct answer represents a complete solution. Choose two.
- A. MAC filtering the router
- B. Not broadcasting SSID
- C. Using WPA encryption
- D. Using WEP encryption
Answer: C,D
NEW QUESTION 151
Which of the following are the two different file formats in which Microsoft Outlook saves e-mail messages based on system configuration?
Each correct answer represents a complete solution. Choose two.
- A. .txt
- B. .xst
- C. .ost
- D. .pst
Answer: C,D
NEW QUESTION 152
All of the following are advantages of using the Metasploitpriv module for dumping hashes from a local Windows machine EXCEPT:
- A. Provides less evidence for forensics Investigators to recover
- B. Doesn't require SMB or NetBIOS access to the target machine
- C. LSASS related reboot problems aren't an Issue
- D. Can run inside of a process owned by any user
Answer: D
Explanation:
Explanation/Reference:
Reference:
http://www.vita.virginia.gov/uploadedFiles/VITA_Main_Public/Security/Meetings/ ISOAG/2012/2012_Jan_ISOAG.pdf
NEW QUESTION 153
What is the most likely cause of the responses on lines 10 and 11 of the output below?
- A. The devices at hops 10 and II did not return an "ICMP TTL Exceeded in Transit" message.
- B. The host running the tracer utility lost its network connection during the scan
- C. The device at hop 10 is down and not forwarding any requests at all.
- D. The device at hop 10 silently drops UDP packets with a high destination port.
Answer: A
NEW QUESTION 154
In which of the following attacks does the attacker overload the CAM table of the switch?
- A. Mac flooding
- B. Monkey-in-the-middle attack
- C. Man-in-the-middle attack
- D. ARP poisoning
Answer: A
NEW QUESTION 155
Which of the following describe the benefits to a pass-the-hash attack over traditional password cracking?
- A. No account lockout, privileges at the level of the acquired password hash and useof native windows file and print Sharif tools on the compromised system.
- B. No triggering of IDS signatures from the attack, no account lockout and use ofnative windows file and print sharing tools on the compromised system.
- C. No triggering of IDS signatures from the attack privileges at the level of theacquired password hash and no corruption of the LSASS process.
- D. No account lockout, use of native file and print sharing tools on the compromisedsystem and no corruption of the LSASS process.
Answer: D
Explanation:
Section: Volume A
NEW QUESTION 156
John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He is using a tool to crack the wireless encryption keys. The description of the tool is as follows:
Which of the following tools is John using to crack the wireless encryption keys?
- A. AirSnort
- B. Kismet
- C. Cain
- D. PsPasswd
Answer: A
NEW QUESTION 157
John works as an Ethical Hacker for uCertify Inc. He wants to find out the ports that are open in uCertify's server using a port scanner. However, he does not want to establish a full TCP connection. Which of the following scanning techniques will he use to accomplish this task?
- A. TCP SYN/ACK
- B. TCP FIN
- C. Xmas tree
- D. TCP SYN
Answer: D
NEW QUESTION 158
Which of the following tools is NOT used for wireless sniffing?
- A. Sniffer Wireless
- B. AirMagnet
- C. MiniStumbler
- D. AiroPeek
Answer: C
NEW QUESTION 159
Adam works as a professional Computer Hacking Forensic Investigator. A project has been assigned to him to investigate a multimedia enabled mobile phone, which is suspected to be used in a cyber crime. Adam uses a tool, with the help of which he can recover deleted text messages, photos, and call logs of the mobile phone.
Which of the following tools is Adam using?
- A. FTK Imager
- B. Device Seizure
- C. Galleta
- D. FAU
Answer: B
Explanation:
Section: Volume C
NEW QUESTION 160
In the DNS Zone transfer enumeration, an attacker attempts to retrieve a copy of the entire zone file for a domain from a DNS server. The information provided by the DNS zone can help an attacker gather user names, passwords, and other valuable information. To attempt a zone transfer, an attacker must be connected to a DNS server that is the authoritative server for that zone. Besides this, an attacker can launch a Denial of Service attack against the zone's DNS servers by flooding them with a lot of requests. Which of the following tools can an attacker use to perform a DNS zone transfer?
Each correct answer represents a complete solution. Choose all that apply.
- A. Dig
- B. Host
- C. NSLookup
- D. DSniff
Answer: A,B,C
Explanation:
Section: Volume B
NEW QUESTION 161
Which of the following tools can be used to automate the MITM attack?
- A. Kismet
- B. Hotspotter
- C. Airjack
- D. IKECrack
Answer: C
NEW QUESTION 162
Approximately how many packets are usually required to conduct a successful FMS attack onWEP?
- A. l (with a weak IV)
- B. 20.000
- C. 10.000,000
- D. 250.000
Answer: B
NEW QUESTION 163
You suspect that a firewall or IPS exists between you and the target machine. Which nmap option will elicit responses from some firewalls and IPSs while being silently dropped by the target, thus confirming the existence of a firewall or IPS?
- A. --SF
- B. -Badsum
- C. -Firewalk
- D. -Traceroute
Answer: C
Explanation:
Section: Volume A
NEW QUESTION 164
What happens when you scan a broadcast IP address of a network?
Each correct answer represents a complete solution. Choose all that apply.
- A. It may show smurf DoS attack in the network IDS of the victim.
- B. It will show an error in the scanning process.
- C. Scanning of the broadcast IP address cannot be performed.
- D. It leads to scanning of all the IP addresses on that subnet at the same time.
Answer: A,D
Explanation:
Section: Volume C
NEW QUESTION 165
You work as a Network Security Analyzer. You got a suspicious email while working on a forensic project. Now, you want to know the IP address of the sender so that you can analyze various information such as the actual location, domain information, operating system being used, contact information, etc. of the email sender with the help of various tools and resources. You also want to check whether this email is fake or real. You know that analysis of email headers is a good starting point in such cases. The email header of the suspicious email is given below:
What is the IP address of the sender of this email?
- A. 141.1.1.1
- B. 209.191.91.180
- C. 216.168.54.25
- D. 172.16.10.90
Answer: C
NEW QUESTION 166
You have received a file named new.com in your email as an attachment. When you execute this file in your laptop, you get the following message:
'EICAR-STANDARD-ANTIVIRUS-TEST-FILE!'
When you open the file in Notepad, you get the following string:
X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
What step will you take as a countermeasure against this attack?
- A. Do nothing.
- B. Clean up your laptop with antivirus.
- C. Immediately shut down your laptop.
- D. Traverse to all of your drives, search new.com files, and delete them.
Answer: A
Explanation:
Section: Volume C
NEW QUESTION 167
You are running a vulnerability scan on a remote network and the traffic Is not making It to the target system. You investigate the connection issue and determine that the traffic is making it to the internal interface of your network firewall, but not making. It to the external Interface or to any systems outside your firewall. What is the most likely problem?
- A. Your network firewall is blocking the traffic
- B. The NAT or pat tables on your network based firewall are filling up and droppingthe traffic
- C. Your ISP Is blocking the traffic
- D. A host based firewall is blocking the traffic
Answer: D
NEW QUESTION 168
......
GPEN PDF Dumps Extremely Quick Way Of Preparation: https://validtorrent.prep4pass.com/GPEN_exam-braindumps.html
