Dec-2023 New Version GPEN Certificate & Helpful Exam Dumps is Online
GPEN Free Certification Exam Material with 405 Q&As
NEW QUESTION # 192
What is the purpose of the following command?
C:\>wmic /node:[target IP] /user:[admin-user]
/password:[password] process call create [command]
- A. Creating a service on a remote Windows machine
- B. Listing the running processes on a remote windows machine
- C. Running a command on a remote Windows machine
- D. Creating an admin account on a remote Windows machine
Answer: B
NEW QUESTION # 193
You work as an IT Technician for PassGuide Inc. You have to take security measures for the wireless network of the company. You want to prevent other computers from accessing the company's wireless network. On the basis of the hardware address, which of the following will you use as the best possible method to accomplish the task?
- A. WEP
- B. MAC Filtering
- C. SSID
- D. RAS
Answer: B
NEW QUESTION # 194
You work as a Penetration Tester for the Infosec Inc. Your company takes the projects of security auditing.
Recently, your company has assigned you a project to test the security of the we-aresecure. com Website. The we-are-secure.com Web server is using Linux operating system. When you port scanned the we-are- secure.com Web server, you got that TCP port 23, 25, and 53 are open. When you tried to telnet to port 23, you got a blank screen in response. When you tried to type the dir, copy, date, del, etc. commands you got only blank spaces or underscores symbols on the screen. What may be the reason of such unwanted situation?
- A. The telnet session is being affected by the stateful inspection firewall.
- B. The we-are-secure.com server is using honeypot.
- C. The telnet service of we-are-secure.com has corrupted.
- D. The we-are-secure.com server is using a TCP wrapper.
Answer: D
Explanation:
Section: Volume C
NEW QUESTION # 195
John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we-are-secure.com. He successfully performs a brute force attack on the We-are-secure server. Now, he suggests some countermeasures to avoid such brute force attacks on the Wearesecure server. Which of the following are countermeasures against a brute force attack?
Each correct answer represents a complete solution. Choose all that apply.
- A. The site should force its users to change their passwords from time to time.
- B. The site should restrict the number of login attempts to only three times.
- C. The site should increase the encryption key length of the password.
- D. The site should use CAPTCHA after a specific number of failed login attempts.
Answer: B,D
NEW QUESTION # 196
Which protocol would need to be available on a target in order for Nmap to identify services like IMAPS and POP3S?
- A. SSL
- B. TLS
- C. LDAP
- D. HTTPS
Answer: D
Explanation:
Section: Volume B
Explanation/Reference:
http://nmap.org/book/vscan.html
NEW QUESTION # 197
Anonymizers are the services that help make a user's own Web surfing anonymous. An anonymizer removes all the identifying information from a user's computer while the user surfs the Internet. It ensures the privacy of the user in this manner. After the user anonymizes a Web access with an anonymizer prefix, every subsequent link selected is also automatically accessed anonymously. Which of the following are limitations of anonymizers?
Each correct answer represents a complete solution. Choose all that apply.
- A. Secure protocols
- B. ActiveX controls
- C. Java applications
- D. Plugins
- E. JavaScript
Answer: A,B,C,D,E
Explanation:
Section: Volume B
NEW QUESTION # 198
John works as a Penetration Tester in a security service providing firm named you-are-secure Inc.
Recently, John's company has got a project to test the security of a promotional Website www.missatlanta.com and assigned the pen-testing work to John. When John is performing penetration testing, he inserts the following script in the search box at the company home page:
<script>alert('Hi, John')</script>
After pressing the search button, a pop-up box appears on his screen with the text - "Hi, John." Which of the following attacks can be performed on the Web site tested by john while considering the above scenario?
- A. CSRF attack
- B. XSS attack
- C. Replay attack
- D. Buffer overflow attack
Answer: B
Explanation:
Section: Volume B
NEW QUESTION # 199
__________ firewall architecture uses two NICs with a screening router inserted between the host and the untrusted network.
- A. packet filtering
- B. Screened subnet
- C. Dual homed host
- D. Screened host
Answer: D
NEW QUESTION # 200
You have obtained the hash below from the /etc/shadow file. What are you able to discern simply by looking at this hash?
- A. A4XD$B4COCqWaEpFjLLDe. is a SHAI hash that was created using the salt $1 SuWeOhL6k$ 1
- B. A4XDsB4COCqWaEpFjLLDe. is a SHAI hash that was created using the salt uweohL6k
- C. A4XD$B4COCqWaEpFjLLDe. is an MD5 hash that was created using the salt $1 SuWeOhL6k$
- D. A4XDsB4COGqWaEpFjLLDe. is an MD5 hash that was created using the salt uWeOhL6k
Answer: D
NEW QUESTION # 201
What problem occurs when executing the following command from within a netcat raw shell? sudo cat /etc/ shadow
- A. Sudo works fine if the user and command are both in the /etc/sudoers file
- B. The display blanks after typing the sudo command
- C. Sudo does not work at all from a shell
- D. You will not be able to type the password at the password prompt
Answer: C
NEW QUESTION # 202
During a penetration test we determine that TCP port 22 is listening on a target host. Knowing that SSHD is the typical service that listens on that port we attempt to validate that assumption with an SSH client but our effort Is unsuccessful. It turns out that it is actually an Apache webserver listening on the port, which type of scan would have helped us to determine what service was listening on port 22?
- A. Version scanning
- B. OS fingerprinting
- C. Port scanning
- D. Network sweeping
Answer: D
Explanation:
Section: Volume A
NEW QUESTION # 203
You want to run the nmap command that includes the host specification of 202.176.56-57.*. How many hosts will you scan?
- A. 0
- B. 1
- C. 2
- D. 3
Answer: D
Explanation:
Section: Volume D
NEW QUESTION # 204
ACME corporation has decided to setup wireless (IEEE 802.11) network in it's sales branch at Tokyo and found that channels 1, 6, 9,11 are in use by the neighboring offices. Which is the best channel they can use?
- A. 0
- B. 1
- C. 2
- D. 3
Answer: B
NEW QUESTION # 205
You are concerned about war driving bringing hackers attention to your wireless network. What is the most basic step you can take to mitigate this risk?
- A. Don't broadcast SSID
- B. Implement MAC filtering
- C. Implement WEP
- D. Implement WPA
Answer: A
Explanation:
Section: Volume C
NEW QUESTION # 206
Victor wants to use Wireless Zero Configuration (WZC) to establish a wireless network connection using his computer running on Windows XP operating system. Which of the following are the most likely threats to his computer?
Each correct answer represents a complete solution. Choose two.
- A. It will not allow the configuration of encryption and MAC filtering. Sending information is not secure on wireless network.
- B. Attacker can use the Ping Flood DoS attack if WZC is used.
- C. Information of probing for networks can be viewed using a wireless analyzer and may be used to gain access.
- D. Attacker by creating a fake wireless network with high power antenna cause Victor's computer to associate with his network to gain access.
Answer: C,D
Explanation:
Section: Volume D
NEW QUESTION # 207
Which of the following is NOT a valid DNS zone type?
- A. Secondary zone
- B. Stub zone
- C. AlterNet zone
- D. Primary zone
Answer: C
NEW QUESTION # 208
......
Get The Important Preparation Guide With GPEN Dumps: https://www.passsureexam.com/GPEN-pass4sure-exam-dumps.html
UPDATED GPEN Exam Questions Certification Test Engine to PDF: https://drive.google.com/open?id=1ha__OGmZJ80efFkf34qwJpd4E5OlfoYa