GIAC GCIH - GIAC Certified Incident Handler Exam

Page:    1 / 169   
Total 842 questions

Adam works as an Incident Handler for Umbrella Inc. He has been sent to the California unit to train the members of the incident response team. As a demo project he asked members of the incident response team to perform the following actions:
✑ Remove the network cable wires.
✑ Isolate the system on a separate VLAN
✑ Use a firewall or access lists to prevent communication into or out of the system.
✑ Change DNS entries to direct traffic away from compromised system
Which of the following steps of the incident handling process includes the above actions?

  • A. Identification
  • B. Containment
  • C. Eradication
  • D. Recovery


Answer : B

Adam, a novice computer user, works primarily from home as a medical professional. He just bought a brand new Dual Core Pentium computer with over 3 GB of
RAM. After about two months of working on his new computer, he notices that it is not running nearly as fast as it used to. Adam uses antivirus software, anti- spyware software, and keeps the computer up-to-date with Microsoft patches. After another month of working on the computer, Adam finds that his computer is even more noticeably slow. He also notices a window or two pop-up on his screen, but they quickly disappear. He has seen these windows show up, even when he has not been on the Internet. Adam notices that his computer only has about 10 GB of free space available. Since his hard drive is a 200 GB hard drive, Adam thinks this is very odd.
Which of the following is the mostly likely the cause of the problem?

  • A. Computer is infected with the stealth kernel level rootkit.
  • B. Computer is infected with stealth virus.
  • C. Computer is infected with the Stealth Trojan Virus.
  • D. Computer is infected with the Self-Replication Worm.


Answer : A

Which of the following types of attacks is only intended to make a computer resource unavailable to its users?

  • A. Denial of Service attack
  • B. Replay attack
  • C. Teardrop attack
  • D. Land attack


Answer : A

Which of the following types of attack can guess a hashed password?

  • A. Brute force attack
  • B. Evasion attack
  • C. Denial of Service attack
  • D. Teardrop attack


Answer : A

In which of the following DoS attacks does an attacker send an ICMP packet larger than 65,536 bytes to the target system?

  • A. Ping of death
  • B. Jolt
  • C. Fraggle
  • D. Teardrop


Answer : A

Page:    1 / 169   
Total 842 questions