GPEN – GIAC Penetration Tester

Loading demo links...

Showing 1–3 of 15 questions

Question 1 (Volume C)

Which of the following statements are true about session hijacking?

Each correct answer represents a complete solution. Choose all that apply.

Select all that apply, then click Submit answer.

○
It is used to slow the working of victim's network resources.
○
TCP session hijacking is when a hacker takes over a TCP session between two machines.
○
Use of a long random number or string as the session key reduces session hijacking.
○
It is the exploitation of a valid computer session to gain unauthorized access to information or services in a computer system.

Question 2 (Volume C)

Which of the following are considered Bluetooth security violations?

Each correct answer represents a complete solution. Choose two.

Select all that apply, then click Submit answer.

Question 3 (Volume B)

You run the following PHP script:

$password = mysql_real_escape_string($_POST["password"]);?>

What is the use of the mysql_real_escape_string() function in the above script.

Each correct answer represents a complete solution. Choose all that apply

Select all that apply, then click Submit answer.

○
It escapes all special characters from strings $_POST["name"] and $_POST["password"].
○
It escapes all special characters from strings $_POST["name"] and $_POST["password"] except ' and ".
○
It can be used to mitigate a cross site scripting attack.
○
It can be used as a countermeasure against a SQL injection attack.

← Prev 1 2 3 4 5 Next →

Page 1 of 5

Sale Ends In

2h 0m 0s