Allen works as a professional Computer Hacking Forensic Investigator. A project has been assigned to him to investigate a computer, which is used by the suspect to sexually harass the victim using instant messenger program. Suspect's computer runs on Windows operating system. Allen wants to recover password from instant messenger program, which suspect is using, to collect the evidence of the crime. Allen is using Helix Live for this purpose. Which of the following utilities of Helix will he use to accomplish the task?
A. Asterisk Logger
B. Access PassView
C. Mail Pass View
D. MessenPass
Which of the following tools are used to determine the hop counts of an IP packet? Each correct answer represents a complete solution. Choose two.
A. TRACERT
B. Ping
C. IPCONFIG
D. Netstat
Adam works as a Computer Hacking Forensic Investigator in a law firm. He has been assigned with his first project. Adam collected all required evidences and clues. He is now required to write an investigative report to present before court
for further prosecution of the case. He needs guidelines to write an investigative report for expressing an opinion. Which of the following are the guidelines to write an investigative report in an efficient way?
Each correct answer represents a complete solution. Choose all that apply.
A. All ideas present in the investigative report should flow logically from facts to conclusions.
B. Opinion of a lay witness should be included in the investigative report.
C. The investigative report should be understandable by any reader.
D. There should not be any assumptions made about any facts while writing the investigative report.
Which of the following can be applied as countermeasures against DDoS attacks? Each correct answer represents a complete solution. Choose all that apply.
A. Limiting the amount of network bandwidth.
B. Blocking IP address.
C. Using LM hashes for passwords.
D. Using Intrusion detection systems.
E. Using the network-ingress filtering.
Peter works as a Technical Representative in a CSIRT for SecureEnet Inc. His team is called to investigate the computer of an employee, who is suspected for classified data theft. Suspect's computer runs on Windows operating system. Peter wants to collect data and evidences for further analysis. He knows that in Windows operating system, the data is searched in pre-defined steps for proper and efficient analysis. Which of the following is the correct order for searching data on a Windows based system?
A. Volatile data, file slack, registry, memory dumps, file system, system state backup, interne t traces
B. Volatile data, file slack, file system, registry, memory dumps, system state backup, interne t traces
C. Volatile data, file slack, internet traces, registry, memory dumps, system state backup, file system
D. Volatile data, file slack, registry, system state backup, internet traces, file system, memory dumps
You are the Network Administrator for a large corporate network. You want to monitor all network traffic on your local network for suspicious activities and receive a notification when a possible attack is in process. Which of the following actions will you take for this?
A. Enable verbose logging on the firewall
B. Install a network-based IDS
C. Install a DMZ firewall
D. Install a host-based IDS
John, a novice web user, makes a new E-mail account and keeps his password as "apple", his favorite fruit. John's password is vulnerable to which of the following password cracking attacks? Each correct answer represents a complete solution. Choose all that apply.
A. Dictionary attack
B. Hybrid attack
C. Brute Force attack
D. Rule based attack
Which of the following proxy servers is also referred to as transparent proxies or forced proxies?
A. Tunneling proxy server
B. Reverse proxy server
C. Anonymous proxy server
D. Intercepting proxy server
Which of the following statements about a host-based intrusion prevention system (HIPS) are true? Each correct answer represents a complete solution. Choose two.
A. It can detect events scattered over the network.
B. It can handle encrypted and unencrypted traffic equally.
C. It cannot detect events scattered over the network.
D. It is a technique that allows multiple computers to share one or more IP addresses.
Victor works as a network administrator for DataSecu Inc. He uses a dual firewall Demilitarized Zone (DMZ) to insulate the rest of the network from the portions that is available to the Internet. Which of the following security threats may occur if DMZ protocol attacks are performed? Each correct answer represents a complete solution. Choose all that apply.
A. Attacker can perform Zero Day attack by delivering a malicious payload that is not a part of the intrusion detection/prevention systems guarding the network.
B. Attacker can gain access to the Web server in a DMZ and exploit the database.
C. Attacker managing to break the first firewall defense can access the internal network without breaking the second firewall if it is different.
D. Attacker can exploit any protocol used to go into the internal network or intranet of the com pany
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only GIAC exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your GCIA exam preparations and GIAC certification application, do not hesitate to visit our Vcedump.com to find your solutions here.