最新 [2024年07月] 効果的な学習法でJPNTestの問題集でGPENテストを合格せよ [Q98-Q123]

最新 [2024年07月] 効果的な学習法でJPNTestの問題集でGPENテストを合格せよ

実績のある受験者のシミュレーションされたGPEN試験PDF問題を試そう

質問 # 98
You have changed the RestrictAnonymous registry setting from 0 to 1 on your servers to secure your Windows 2000 system so that any malicious user cannot establish a null session on the server. However, when you test the security using userinfo tool, you got that you can still establish the null session. What may be its reason?

A. You need to install a firewall.
B. You need to set the RestrictAnonymous key value to 2 instead of 1.
C. You need to disable the promiscuous mode of network Ethernet card.
D. You cannot disable establishing null sessions.

正解：B

質問 # 99
Which of the following are the two different file formats in which Microsoft Outlook saves e-mail messages based on system configuration?
Each correct answer represents a complete solution. Choose two.

A. .txt
B. .pst
C. .ost
D. .xst

正解：B、C

質問 # 100
LM hash is one of the password schemes that Microsoft LAN Manager and Microsoft Windows versions prior to the Windows Vista use to store user passwords that are less than 15 characters long. If you provide a password seven characters or less, the second half of the LM hash is always __________.

A. 0xBBC3C435C51504EF
B. 0xAAD3B435B51404FF
C. 0xBBD3B435B51504FF
D. 0xAAD3B435B51404EE

正解：D

質問 # 101
Which of the following attacks allows the bypassing of access control lists on servers or routers, and helps an attacker to hide?
Each correct answer represents a complete solution. Choose two.

A. DNS cache poisoning
B. MAC spoofing
C. DDoS attack
D. IP spoofing attack

正解：B、D

質問 # 102
A customer has asked for a scan or vulnerable SSH servers. What is the penetration tester attempting to accomplish using the following Nmap command?

A. Running an exploit against the target
B. Checking operating system version
C. Checking protocol version
D. Checking configuration

正解：C

質問 # 103
Which of the following tools automates password guessing in the NetBIOS session?

A. L0phtCrack
B. Legion
C. John the Ripper
D. NTInfoScan

正解：B

質問 # 104
All of the following are advantages of using the Metasploitpriv module for dumping hashes from a local Windows machine EXCEPT:

A. Provides less evidence for forensics Investigators to recover
B. Doesn't require SMB or NetBIOS access to the target machine
C. Can run inside of a process owned by any user
D. LSASS related reboot problems aren't an Issue

正解：C

解説：
Reference:
http://www.vita.virginia.gov/uploadedFiles/VITA_Main_Public/Security/Meetings/ISOAG/2012/201
2 _Jan_ISOAG.pdf

質問 # 105
Which of the following is the correct sequence of packets to perform the 3-way handshake method?

A. SYN, ACK, SYN/ACK
B. SYN, SYN, ACK
C. SYN, ACK, ACK
D. SYN, SYN/ACK, ACK

正解：D

質問 # 106
Approximately how many packets are usually required to conduct a successful FMS attack onWEP?

A. 250.000
B. 20.000
C. 10.000,000
D. l (with a weak IV)

正解：B

質問 # 107
Identify the network activity shown below;

A. An attempt to disassociate wireless clients.
B. A flood of the local switch's CAM table.
C. A sweep of available hosts on the local subnet
D. An attempt to impersonate the local gateway

正解：D

質問 # 108
Given the following Scapy information, how is default Layer 2 information derived?

A. Scapy relies on the underlying operating system to construct Layer 2 information touse as default.
B. The default layer 2 information is contained in a local scapy.cfg configuration fileon the local system.
C. If not explicitly defined, the Ether type field value Is created using the hex value ofthe destination port, in this case 80
D. If not explicitly defined, pseudo-random values are generated for the Layer 2 defaultinformation.

正解：D

質問 # 109
Which of the following penetration testing phases involves gathering data from whois, DNS, and network scanning, which helps in mapping a target network and provides valuable information regarding the operating system and applications running on the systems?

A. Pre-attack phase
B. On-attack phase
C. Post-attack phase
D. Attack phase

正解：A

質問 # 110
John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He wants to perform a stealth scan to discover open ports and applications running on the We-are-secure server. For this purpose, he wants to initiate scanning with the IP address of any third party. Which of the following scanning techniques will John use to accomplish his task?

A. TCP SYN/ACK
B. IDLE
C. UDP
D. RPC

正解：B

質問 # 111
Which of the following attacks is a form of active eavesdropping in which the attacker makes independent connections with the victims and relays messages between them, making them believe that they are talking directly to each other over a private connection, when in fact the entire conversation is controlled by the attacker?

A. Man-in-the-middle
B. Brute force
C. Sniffing
D. DoS

正解：A

質問 # 112
In which of the following scanning methods do Windows operating systems send only RST packets irrespective of whether the port is open or closed?

A. FTP bounce
B. TCP FIN
C. TCP SYN
D. XMAS

正解：B

質問 # 113
You work as a Network Administrator for Tech Perfect Inc. The company requires a secure wireless network. To provide security, you are configuring ISA Server 2006 as a firewall. While configuring ISA Server 2006, which of the following is NOT necessary?

A. Setting up of monitoring on ISA Server
B. Configuration of VPN access
C. Defining ISA Server network configuration
D. Defining how ISA Server would cache Web contents

正解：B

質問 # 114
CORRECT TEXT
Write the appropriate attack name to fill in the blank.
In a _____________ DoS attack, the attacker sends a spoofed TCP SYN packet in which the IP address of the target is filled in both the source and destination fields.

正解：

解説：
land

質問 # 115
A client has asked for a vulnerability scan on an internal network that does not have internet access. The rules of engagement prohibits any outside connection for the Nessus scanning machine. The customer has asked you to scan for a new critical vulnerability, which was released after the testing started, winch of the following methods of updating the Nessus plugins does not violate the rules of engagement?

A. Download the updates on an alternative machine and manually load on scanningmachine
B. Connect the scanning machine via wireless bridge and download the updateddirectly
C. Proceed with the test and note the limitation of updating the plugins
D. Change the routing and connect through an alternative gateway

正解：A

質問 # 116
Fill in the blank with the appropriate word.
_______ is a utility that encrypts the hashed password information in a SAM database in a Windows system using a 128-bit encryption key.

正解：

解説：
SYSKEY

質問 # 117
Which of the following tools is an example of HIDS?

A. Auditpol.exe
B. Elsave
C. Log File Monitor
D. Anti-Spector

正解：C

質問 # 118
John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He wants to perform a stealth scan to discover open ports and applications running on the We-are-secure server. For this purpose, he wants to initiate scanning with the IP address of any third party. Which of the following scanning techniques will John use to accomplish his task?

A. TCP SYN/ACK
B. IDLE
C. UDP
D. RPC

正解：B

質問 # 119
Which of the following tools can be used to automate the MITM attack?

A. IKECrack
B. Airjack
C. Hotspotter
D. Kismet

正解：B

質問 # 120
John works as a Network Security Professional. He is assigned a project to test the security of www.we-are-secure.com. He establishes a connection to a target host running a Web service with netcat and sends a bad html request in order to retrieve information about the service on the host.

Which of the following attacks is John using?

A. Banner grabbing
B. War driving
C. Sniffing
D. Eavesdropping

正解：A

質問 # 121
What command will correctly reformat the Unix passwordcopy and shadowcopy Tiles for input to John The Ripper?

A. /Unshadow shadowcopy passwdcopy >john file
B. /Unshadow passwdcopy shadowcopy > johnfile
C. /Un shadow passwd copy shadowcopy > johnfile
D. /Unshadow passwdcopy shadowcopy > johnfile

正解：A

解説：
Reference:
https://books.google.co.in/books?id=SCtAwAAQBAJ&pg=PA286&lpg=PA286&dq=/Unshadow+shadow+copy+passwd+copy+%3Ejohn+fil e&source=bl&ots=OnZK9atlc1&sig=co7EM5EHye96vO74W3wZxky3sXU&hl=en&sa=X&ei=FBuoV PLHDccugSDxYGYBA&ved=0CCwQ6AEwAg#v=onepage&q=%2FUnshadow%20shadow%20copy%20p asswd%20copy%20%3Ejohn%20file&f=false

質問 # 122
You want to create a binary log file using tcpdump. Which of the following commands will you use?