Most Recent GIAC GPEN Exam Dumps

Prepare for the GIAC Certified Penetration Tester exam with our extensive collection of questions and answers. These practice Q&A are updated according to the latest syllabus, providing you with the tools needed to review and test your knowledge.

QA4Exam focus on the latest syllabus and exam objectives, our practice Q&A are designed to help you identify key topics and solidify your understanding. By focusing on the core curriculum, These Questions & Answers helps you cover all the essential topics, ensuring you're well-prepared for every section of the exam. Each question comes with a detailed explanation, offering valuable insights and helping you to learn from your mistakes. Whether you're looking to assess your progress or dive deeper into complex topics, our updated Q&A will provide the support you need to confidently approach the GIAC GPEN exam and achieve success.

The questions for GPEN were last updated on Mar 30, 2025.

Viewing page 1 out of 78 pages.
Viewing questions 1-5 out of 391 questions

Get All 391 Questions & Answers

Question No. 1

Which of the following methods can be used to detect session hijacking attack?

Antop

BBrutus

Cnmap

Dsniffer

Show Answer

Correct Answer: D

Question No. 2

John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. In order to do so, he performs the following steps of the preattack phase successfully:

Information gathering

Determination of network range

Identification of active systems

Location of open ports and applications

Now, which of the following tasks should he perform next?

APerform OS fingerprinting on the We-are-secure network.

BMap the network of We-are-secure Inc.

CFingerprint the services running on the we-are-secure network.

DInstall a backdoor to log in remotely on the We-are-secure server.

Show Answer

Correct Answer: A

Question No. 3

In the DNS Zone transfer enumeration, an attacker attempts to retrieve a copy of the entire zone file for a domain from a DNS server. The information provided by the DNS zone can help an attacker gather user names, passwords, and other valuable information. To attempt a zone transfer, an attacker must be connected to a DNS server that is the authoritative server for that zone. Besides this, an attacker can launch a Denial of Service attack against the zone's DNS servers by flooding them with a lot of requests. Which of the following tools can an attacker use to perform a DNS zone transfer?

Each correct answer represents a complete solution. Choose all that apply.

ANSLookup

BHost

CDSniff

DDig

Show Answer

Correct Answer: A, B, D

Question No. 4

Which of the following statutes is enacted in the U.S., which prohibits creditors from collecting data from applicants, such as national origin, caste, religion etc?

AThe Electronic Communications Privacy Act

BThe Equal Credit Opportunity Act (ECOA)

CThe Fair Credit Reporting Act (FCRA)

DThe Privacy Act

Show Answer

Correct Answer: B

Question No. 5

John visits an online shop that stores the IDs and prices of the items to buy in a cookie. After selecting the items that he wants to buy, the attacker changes the price of the item to 1.

Original cookie values:

ItemID1=2

ItemPrice1=900

ItemID2=1

ItemPrice2=200

Modified cookie values:

ItemID1=2

ItemPrice1=1

ItemID2=1

ItemPrice2=1

Now, he clicks the Buy button, and the prices are sent to the server that calculates the total price.

Which of the following hacking techniques is John performing?

ACross site scripting

BComputer-based social engineering

CMan-in-the-middle attack

DCookie poisoning

Show Answer

Correct Answer: D

Unlock All Questions for GIAC GPEN Exam

Full Exam Access, Actual Exam Questions, Validated Answers, Anytime Anywhere, No Download Limits, No Practice Limits

Get All 391 Questions & Answers