Which of the following types of scan does not open a full TCP connection?
A. Idle scan
B. Stealth scan
C. ACK scan
D. FIN scan
正解:B
質問 2:
Which of the following tools are used as a network traffic monitoring tool in the Linux operating
system?
Each correct answer represents a complete solution. Choose all that apply.
A. Ntop
B. Netbus
C. MRTG
D. IPTraf
正解:A,C,D
質問 3:
Which of the following can be used as a Trojan vector to infect an information system?
Each correct answer represents a complete solution. Choose all that apply.
A. ActiveX controls, VBScript, and Java scripts
B. Spywares and adware
C. Any fake executable
D. NetBIOS remote installation
正解:A,B,C,D
質問 4:
Which of the following statements are true about session hijacking?
Each correct answer represents a complete solution. Choose all that apply.
A. TCP session hijacking is when a hacker takes over a TCP session between two machines.
B. It is the exploitation of a valid computer session to gain unauthorized access to information or services in a
computer system.
C. It is used to slow the working of victim's network resources.
D. Use of a long random number or string as the session key reduces session hijacking.
正解:A,B,D
質問 5:
Which of the following provides packet-level encryption between hosts in a LAN?
A. IPsec
B. PFS
C. PPTP
D. Tunneling protocol
正解:A
質問 6:
Which of the following types of rootkits replaces regular application binaries with Trojan fakes and modifies the
behavior of existing applications using hooks, patches, or injected code?
A. Boot loader rootkit
B. Kernel level rootkit
C. Application level rootkit
D. Hypervisor rootkit
正解:C
Matsui -
GCIH問題集は信頼に値する商品です。GCIHのおかげで、無事にGCIH試験に合格しました。