Microsoft
Amazon
CompTIA
Salesforce
Cisco®
SAP
PMI
ISC
ISACA
VMware
HP
Palo Alto Networks
EC-Council
LPI
Google
Fortinet
All Vendors
  2. Home
  3. Exam List
  4. GIAC
  5. GCIH

GIAC Certified Incident Handler
GCIH Exam

You have inserted a Trojan on your friend's computer and you want to put it in the startup so that whenever the computer reboots the Trojan will start to run on the startup. Which of the following registry entries will you edit to accomplish the task?

  1. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Startup
  2. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Auto
  3. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
  4. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Start

Answer(s): C



Which of the following is the best method of accurately identifying the services running on a victim host?

  1. Use of the manual method of telnet to each of the open ports.
  2. Use of a port scanner to scan each port to confirm the services running.
  3. Use of hit and trial method to guess the services and ports of the victim host.
  4. Use of a vulnerability scanner to try to probe each port to verify which service is running.

Answer(s): A



Jason, a Malicious Hacker, is a student of Baker university. He wants to perform remote hacking on the server of DataSoft Inc. to hone his hacking skills. The company has a Windows-based network. Jason successfully enters the target system remotely by using the advantage of vulnerability. He places a Trojan to maintain future access and then disconnects the remote session. The employees of the company complain to Mark, who works as a Professional Ethical Hacker for DataSoft Inc., that some computers are very slow. Mark diagnoses the network and finds that some irrelevant log files and signs of Trojans are present on the computers. He suspects that a malicious hacker has accessed the network. Mark takes the help from Forensic Investigators and catches Jason.
Which of the following mistakes made by Jason helped the Forensic Investigators catch him?

  1. Jason did not perform a vulnerability assessment.
  2. Jason did not perform OS fingerprinting.
  3. Jason did not perform foot printing.
  4. Jason did not perform covering tracks.
  5. Jason did not perform port scanning.

Answer(s): D



Which of the following functions can be used as a countermeasure to a Shell Injection attack? Each correct answer represents a complete solution. (Choose all that apply.)

  1. escapeshellarg()
  2. mysql_real_escape_string()
  3. regenerateid()
  4. escapeshellcmd()

Answer(s): A,D




Tina
Last week I took the Citrix exam and I passed with a very high mark, more than what I expected. Thanks!!
- Israel
Upvote


Calvin B.
I just took my Certification testing for 10-184 Microsoft CRM Installation and Configuration. Your test questions definitely covered the essence of the exam material and I easily passed the exam.
- Lafayette
Upvote


950+
I just finished my exam this week. It was a good score of 950+.
- UNITED STATES
Upvote


Abdul
I passed the exam on Monday morning and was amazed at how much this site had covered, fortunately that's it for another three years. The tests really did help so thanks!!
- Doha
Upvote


Rose
I passed that exam the first time. And I thank you folks for that. I could not have passed it with out your help.
- South Africa
Upvote


Shourya
I've just done my exam and passed (890) - your materials are spot on.
- UNITED STATES
Upvote


90%
I have sat and passed.
- Haidarabad
Upvote


Jessica
Thanks to this site! i passed my 310-055 exam with 90%
- UNITED STATES
Upvote


George
I passed my VCP Exam this week with an 87. I hadn't taken a cert exam in 10 years. Your product was very helpful and helped me hone the areas where I was lacking. Thank you.
- UNITED ARAB EMIRATES
Upvote


David B.
I would like to thank this site for the great support and passing 920-105 exam with excellent result. Thanks once again!
- UNITED STATES
Upvote

Read more ...