Most Recent GIAC GCIH Exam Questions & Answers

Prepare for the GIAC Certified Incident Handler exam with our extensive collection of questions and answers. These practice Q&A are updated according to the latest syllabus, providing you with the tools needed to review and test your knowledge.

QA4Exam focus on the latest syllabus and exam objectives, our practice Q&A are designed to help you identify key topics and solidify your understanding. By focusing on the core curriculum, These Questions & Answers helps you cover all the essential topics, ensuring you're well-prepared for every section of the exam. Each question comes with a detailed explanation, offering valuable insights and helping you to learn from your mistakes. Whether you're looking to assess your progress or dive deeper into complex topics, our updated Q&A will provide the support you need to confidently approach the GIAC GCIH exam and achieve success.

The questions for GCIH were last updated on Nov 16, 2024.

Viewing page 1 out of 67 pages.
Viewing questions 1-5 out of 335 questions

Get All 335 Questions & Answers

Question No. 1

Many organizations create network maps of their network system to visualize the network and understand the relationship between the end devices and the transport layer that provide services.

Which of the following are the techniques used for network mapping by large organizations?

Each correct answer represents a complete solution. Choose three.

APacket crafting

BRoute analytics

CSNMP-based approaches

DActive Probing

Show Answer

Correct Answer: B, C, D

Question No. 2

When you conduct the XMAS scanning using Nmap, you find that most of the ports scanned do not give a response. What can be the state of these ports?

AFiltered

BOpen

CClosed

Show Answer

Correct Answer: B

Question No. 3

You discover that all available network bandwidth is being used by some unknown service. You discover that UDP packets are being used to connect the echo service on one machine to the chargen service on another machine. What kind of attack is this?

ASmurf

BDenial of Service

CEvil Twin

DVirus

Show Answer

Correct Answer: B

Question No. 4

Which of the following statements are true about firewalking?

Each correct answer represents a complete solution. Choose all that apply.

ATo use firewalking, the attacker needs the IP address of the last known gateway before the firewall and the IP address of a host located behind the firewall.

BIn this technique, an attacker sends a crafted packet with a TTL value that is set to expire one hop past the firewall.

CA malicious attacker can use firewalking to determine the types of ports/protocols that can bypass the firewall.

DFirewalking works on the UDP packets.

Show Answer

Correct Answer: A, B, C

Question No. 5

Adam works as an Incident Handler for Umbrella Inc. He is informed by the senior authorities that the server of the marketing department has been affected by a malicious hacking attack. Supervisors are also claiming that some sensitive data are also stolen.

Adam immediately arrived to the server room of the marketing department and identified the event as an incident. He isolated the infected network from the remaining part of the network and started preparing to image the entire system. He captures volatile data, such as running process, ram, and network connections.

Which of the following steps of the incident handling process is being performed by Adam?

ARecovery

BEradication

CIdentification

DContainment

Show Answer

Correct Answer: D

Unlock All Questions for GIAC GCIH Exam

Full Exam Access, Actual Exam Questions, Validated Answers, Anytime Anywhere, No Download Limits, No Practice Limits

Get All 335 Questions & Answers