What is the outcome of the command below?
hashcat -m 3000 -a 3 ntds.dat --potfile-path ntds.potfile -1 ?u?d?s --increment ?1?1?1?1?1?1
A. Add new users from a potfile to a Windows Domain Controller
B. Crack six digit LANMAN passwords
C. Remove the encryption from the ntds.dat file
D. Create a dictionary of 3000 usernames
How can an adversary use a hash that was stolen from a Windows account to compromise a Linux server?
A. Access the server using SSH
B. Log in directly to the server
C. Become a man-in-the-middle between the Windows and Linux hosts
D. Access a SAMBA share on the server
Where would an incident handler search for autostart extensibility points (ASEPs) on a Windows host?
A. Firewall configuration control panel
B. Local machine registry hive
C. Windows Temp Directory
D. Security event logs
Which of the following is the most effective technique for identifying live client systems on a LAN?
A. ICMP Echo Requests
B. TCP FIN scanning
C. Traceroute
D. DNS Zone Transfer
Which of the following would be exposed to an attacker as a result of a remote employee attempting to connect to company resources without a VPN?
A. The employee's private key
B. The employee's domain credentials
C. The laptop's private key
D. The laptop's encryption password
A security auditor is using John the Ripper to review password strength on Windows machines. The auditor knows that the company requires a 15-character minimum in their passwords. In this scenario, what format parameter must be passed to John (with Jumbo Patch) to crack the passwords?
A. --format=LANMAN
B. --format=UNIX
C. --format=NT
D. --format=SHA256
Which of the following occurs when a penetration tester attempts to connect to a host with the following command?
net use \\192.168.44.213
A. Guest user account permissions will be granted
B. Local logon credentials will be sent to 192.168.44.213
C. IPC$ share returns a list of running processes
D. Host at 192.168.44.213 will exchange a temporary authentication key
What hash type is being cracked in the command below?
hashcat -m 1000 -a 0 customer.ntds wordlist.txt --potfile-path ./hashcat.potfile
A. SHA-1
B. LANMAN
C. Kerberos 5
D. NT hashes
Which of the following is a normal finding that an incident handler would expect to see while reviewing the squid proxy logs for a small business with a single office?
A. Incrementing protocol numbers
B. Consistent set of user agents
C. Sequential protocol methods
D. Predictable set of session identifiers
Which of the following commands will enumerate a list of shares on a Windows target machine?
A. net share \\192.168.99.133
B. net view \\192.168.99.133
C. net use \\192.168.99.133
D. net session \\192.168.99.133
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only GIAC exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your GCIH exam preparations and GIAC certification application, do not hesitate to visit our Vcedump.com to find your solutions here.