[Q179-Q200] Get 100% Real GCIH Accurate & Verified Answers As Seen in the Real Exam!

Q179. Which of the following types of attacks is targeting a Web server with multiple compromised computers that are simultaneously sending hundreds of FIN packets with spoofed IP source IP addresses?

Q180. Which of the following refers to a condition in which a hacker sends a bunch of packets that leave TCP ports half open?

Q181. Which of the following strategies allows a user to limit access according to unique hardware information supplied by a
potential client?

Q182. Which of the following are countermeasures to prevent unauthorized database access attacks?
Each correct answer represents a complete solution. Choose all that apply.

Q183. OutGuess is used for __________ attack.

Q184. In which of the following attacks does the attacker gather information to perform an access attack?

Q185. Which of the following is a network worm that exploits the RPC sub-system vulnerability present in the Microsoft Windows operating system?

Q186. Rick works as a Computer Forensic Investigator for BlueWells Inc. He has been informed that some confidential information is being leaked out by an employee of the company. Rick suspects that someone is sending the information through email. He checks the emails sent by some employees to other networks. Rick finds out that Sam, an employee of the Sales department, is continuously sending text files that contain special symbols, graphics, and signs. Rick suspects that Sam is using the Steganography technique to send data in a disguised form. Which of the following techniques is Sam using?
Each correct answer represents a part of the solution. Choose all that apply.

Q187. Which of the following statements are true regarding SYN flood attack?

Q188. In which of the following attacking methods does an attacker distribute incorrect IP address?

Q189. John works as a professional Ethical Hacker. He is assigned a project to test the security of www.weare-secure.com. He
enters a single quote in the input field of the login page of the We-are-secure Web site and receives the following
error message:
Microsoft OLE DB Provider for ODBC Drivers error ‘0x80040E14’
This error message shows that the We-are-secure Website is vulnerable to __________.

Q190. In which of the following attacks does an attacker create the IP packets with a forged (spoofed) source IP address with the purpose of concealing the identity of the sender or impersonating another computing system?

Q191. Which of the following Linux rootkits allows an attacker to hide files, processes, and network connections?
Each correct answer represents a complete solution. Choose all that apply.

Q192. You want to integrate the Nikto tool with nessus vulnerability scanner. Which of the following steps will you take to accomplish the task?
Each correct answer represents a complete solution. Choose two.

Q193. Buffer overflows are one of the major errors used for exploitation on the Internet today. A buffer overflow occurs when a particular operation/function writes more data into a variable than the variable was designed to hold.
Which of the following are the two popular types of buffer overflows?
Each correct answer represents a complete solution. Choose two.

Q194. You work as a Network Administrator for InformSec Inc. You find that the TCP port number 23476 is open on your server. You suspect that there may be a Trojan named Donald Dick installed on your server. Now you want to verify whether Donald Dick is installed on it or not. For this, you want to know the process running on port 23476, as well as the process id, process name, and the path of the process on your server. Which of the following applications will you most likely use to accomplish the task?

Q195. Buffer overflows are one of the major errors used for exploitation on the Internet today. A buffer overflow occurs when a particular operation/function writes more data into a variable than the variable was designed to hold.
Which of the following are the two popular types of buffer overflows?
Each correct answer represents a complete solution. Choose two.

Q196. You work as a professional Ethical Hacker. You are assigned a project to test the security of www.weare- secure.com. You somehow enter in we-are-secure Inc. main server, which is Windows based.
While you are installing the NetCat tool as a backdoor in the we-are-secure server, you see the file credit.dat having the list of credit card numbers of the company’s employees. You want to transfer the credit.dat file in your local computer so that you can sell that information on the internet in the good price. However, you do not want to send the contents of this file in the clear text format since you do not want that the Network Administrator of the we-are-secure Inc. can get any clue of the hacking attempt. Hence, you decide to send the content of the credit.dat file in the encrypted format.
What steps should you take to accomplish the task?

Q197. As a professional hacker, you want to crack the security of secureserver.com. For this, in the information gathering step, you performed scanning with the help of nmap utility to retrieve as many different protocols as possible being used by the secureserver.com so that you could get the accurate knowledge about what services were being used by the secure server.com. Which of the following nmap switches have you used to accomplish the task?

Q198. Which of the following is the Web 2.0 programming methodology that is used to create Web pages that are dynamic and interactive?

Q199. Which of the following programs can be used to detect stealth port scans performed by a malicious hacker?
Each correct answer represents a complete solution. Choose all that apply.

Q200. In which of the following attacks does the attacker gather information to perform an access attack?