NO.1 Adam, a novice computer user, works primarily from home as a medical professional. He just bought a
brand new Dual Core Pentium computer with over 3 GB of RAM. After about two months of working on his
new computer, he notices that it is not running nearly as fast as it used to. Adam uses antivirus software,
anti-spyware software, and keeps the computer up-to-date with Microsoft patches. After another month of
working on the computer, Adam finds that his computer is even more noticeably slow. He also notices a
window or two pop-up on his screen, but they quickly disappear. He has seen these windows show up,
even when he has not been on the Internet. Adam notices that his computer only has about 10 GB of free
space available. Since his hard drive is a 200 GB hard drive, Adam thinks this is very odd.
Which of the following is the mostly likely the cause of the problem.?
A. Computer is infected with the stealth kernel level rootkit.
B. Computer is infected with stealth virus.
C. Computer is infected with the Stealth Trojan Virus.
D. Computer is infected with the Self-Replication Worm.
Answer: A

NO.2 Which of the following statements about buffer overflow is true?
A. It manages security credentials and public keys for message encryption.
B. It is a collection of files used by Microsoft for software updates released between major service pack
C. It is a condition in which an application receives more data than it is configured to accept.
D. It is a false warning about a virus.
Answer: C

GCIH資格取得   GCIH科目   

NO.3 Which of the following types of attacks is the result of vulnerabilities in a program due to poor
programming techniques?
A. Evasion attack
B. Ping of death attack
C. Denial-of-Service (DoS) attack
D. Buffer overflow attack
Answer: D


NO.4 John works as a Professional Penetration Tester. He has been assigned a project to test the Website
security of www.we-are-secure Inc. On the We-are-secure Website login page, he enters ='or''=' as a
username and successfully logs on to the user page of the Web site. Now, John asks the we-aresecure
Inc. to improve the login page PHP script. Which of the following suggestions can John give to improve
the security of the we-are-secure Website login page from the SQL injection attack?
A. Use the session_regenerate_id() function
B. Use the mysql_real_escape_string() function for escaping input
C. Use the escapeshellcmd() function
D. Use the escapeshellarg() function
Answer: B


NO.5 Choose and reorder the steps of an incident handling process in their correct order.
Answer: A


NO.6 Which of the following types of attack can guess a hashed password?
A. Evasion attack
B. Denial of Service attack
C. Brute force attack
D. Teardrop attack
Answer: C


NO.7 Which of the following commands is used to access Windows resources from Linux workstation?
A. scp
B. rsync
C. mutt
D. smbclient
Answer: D


NO.8 Adam works as an Incident Handler for Umbrella Inc. He has been sent to the California unit to train the
members of the incident response team. As a demo project he asked members of the incident response
team to perform the following actions:
Remove the network cable wires.
Isolate the system on a separate VLAN.
Use a firewall or access lists to prevent communication into or out of the system.
Change DNS entries to direct traffic away from compromised system.
Which of the following steps of the incident handling process includes the above actions?
A. Identification
B. Eradication
C. Recovery
D. Containment
Answer: D


今競争の激しいIT業界で地位を固めたいですが、GIAC GCIH専門知識に合格しなければなりません。IT業界ではさらに強くなるために強い専門知識が必要です。GIAC GCIH専門知識に合格することが簡単ではなくて、GIAC GCIH専門知識証明書は君にとってはIT業界に入るの一つの手づるになるかもしれません。しかし必ずしも大量の時間とエネルギーで復習しなくて、弊社が丹精にできあがった問題集を使って、試験なんて問題ではありません。

試験科目:「GIAC Certified Incident Handler」
問題と解答:全328問 GCIH専門知識

>> GCIH専門知識






nice!(0)  コメント(0)  トラックバック(0) 

nice! 0

コメント 0



トラックバック 0