NO.1 Which of the following is a technique of using a modem to automatically scan a list of telephone
numbers, usually dialing every number in a local area code to search for computers, Bulletin board
systems, and fax machines?
A. Warkitting
B. War driving
C. Demon dialing
D. Wardialing
Answer: D

NO.2 John works as a professional Ethical Hacker. He has been assigned a project to test the security of
www.we-are-secure.com. He performs Web vulnerability scanning on the We-are-secure server. The
output of the scanning test is as follows:
C:\whisker.pl -h target_IP_address
-- whisker / v1.4.0 / rain forest puppy / www.wiretrip.net -- = - = - = - = - =
= Host: target_IP_address
= Server: Apache/1.3.12 (Win32) ApacheJServ/1.1
mod_ssl/2.6.4 OpenSSL/0.9.5a mod_perl/1.22
+ 200 OK: HEAD /cgi-bin/printenv
John recognizes /cgi-bin/printenv vulnerability ('Printenv' vulnerability) in the We_are_secure server.
Which of the following statements about 'Printenv' vulnerability are true?
Each correct answer represents a complete solution. Choose all that apply.
A. This vulnerability helps in a cross site scripting attack.
B. With the help of 'printenv' vulnerability, an attacker can input specially crafted links and/or other
malicious scripts.
C. The countermeasure to 'printenv' vulnerability is to remove the CGI script.
D. 'Printenv' vulnerability maintains a log file of user activities on the Website, which may be useful for the
Answer: A,B,C


NO.3 Which of the following statements are true about tcp wrappers?
Each correct answer represents a complete solution. Choose all that apply.
A. tcp wrapper provides access control, host address spoofing, client username lookups, etc.
B. tcp wrapper protects a Linux server from IP address spoofing.
C. When a user uses a TCP wrapper, the inetd daemon runs the wrapper program tcpd instead of running
the server program directly.
D. tcp wrapper allows host or subnetwork IP addresses, names and/or ident query replies, to be used as
tokens to filter for access control purposes.
Answer: A,C,D


NO.4 Choose and reorder the steps of an incident handling process in their correct order.
Answer: A


GIACのGCIH独学書籍に受かるためにがんばって勉強していれば、JapanCertはあなたにヘルプを与えます。JapanCert が提供したGIACのGCIH独学書籍は実践の検査に合格したもので、最も良い品質であなたがGIACのGCIH独学書籍に合格することを保証します。


GCIH試験番号:GCIH 日本語
試験科目:「GIAC Certified Incident Handler」

>> GCIH 日本語


JapanCertは最新の70-980問題集と高品質の200-105問題と回答を提供します。JapanCertの300-080 VCEテストエンジンと9A0-388試験ガイドはあなたが一回で試験に合格するのを助けることができます。高品質の200-125 PDFトレーニング教材は、あなたがより迅速かつ簡単に試験に合格することを100%保証します。試験に合格して認証資格を取るのはそのような簡単なことです。