GIAC

GPEN Certified Penetration Tester

Use original educational practice content, randomized simulator sessions, score history and explanation review for GPEN.

Les questions d’entraînement sont fournies en anglais afin de rester proches de la langue couramment utilisée dans les certifications IT.

QZ9 est une plateforme de formation indépendante. Toutes les questions d’entraînement sont originales et créées uniquement à des fins éducatives. Nous ne fournissons pas de contenu d’examen réel ni de contenu non autorisé. Microsoft, AWS, Cisco, CompTIA, PMI et les autres marques appartiennent à leurs propriétaires respectifs.

FournisseurGIAC
CodeGPEN
Duration3 hours
Questions82-115
Informations examen

Une préparation basée sur les objectifs, sans contenu non autorisé

Certification metadata is preserved from the legacy QZ9 catalog. Questions remain English-only.

Commencer le test pratique
1Trouvez votre examen
2Démarrez le simulateur
3Consultez les résultats
QZ9Plateforme de formation indépendante
Aperçu gratuit des questions

Simulateur d’examen

Les questions d’entraînement sont fournies en anglais afin de rester proches de la langue couramment utilisée dans les certifications IT.

Question 1

You execute the following netcat command: c:\target\nc -1 -p 53 -d -e cmd.exe What action do you want to perform by issuing the above command?

Question 2

TCP FIN scanning is a type of stealth scanning through which the attacker sends a FIN packet to the target port. If the port is closed, the victim assumes that this packet was sent mistakenly by the attacker and sends the RST packet to the attacker. If the port is open, the FIN packet will be ignored and the port will drop the packet. Which of the following operating systems can be easily identified with the help of TCP FIN scanning?

Question 3

You work as a professional Ethical Hacker. You are assigned a project to perform blackhat testing on www.we-are-secure.com. You visit the office of we-are-secure.com as an air-condition mechanic. You claim that someone from the office called you saying that there is some fault in the air-conditioner of the server room. After some inquiries/arguments, the Security Administrator allows you to repair the air-conditioner of the server room. When you get into the room, you found the server is Linux-based. You press the reboot button of the server after inserting knoppix Live CD in the CD drive of the server. Now, the server promptly boots backup into Knoppix. You mount the root partition of the server after replacing the root password in the /etc/shadow file with a known password hash and salt. Further, you copy the netcat tool on the server and install its startup files to create a reverse tunnel and move a shell to a remote server whenever the server is restarted. You simply restart the server, pull out the Knoppix Live CD from the server, and inform that the air-conditioner is working properly. After completing this attack process, you create a security auditing report in which you mention various threats such as social engineering threat, boot from Live CD, etc. and suggest the countermeasures to stop booting from the external media and retrieving sensitive data. Which of the following steps have you suggested to stop booting from the external media and retrieving sensitive data with regard to the above scenario? Each correct answer represents a complete solution. Choose two.

Question 4

Which of the following statements are true about KisMAC?

Question 5

A Web developer with your company wants to have wireless access for contractors that come in to work on various projects. The process of getting this approved takes time. So rather than wait, he has put his own wireless router attached to one of the network ports in his department. What security risk does this present?