FREE GIAC Incident Handler Questions and Answers
Your Windows XP professional PC has a virtualized Internet browser set up. Which of the following can you shield your operating system from using the virtualized Internet browser?
By using a virtualized Internet browser, you can reduce the possibility of malware entering your actual operating system by creating a controlled and segregated environment. By keeping any potential risks inside the virtual machine, it adds an extra layer of security and stops them from harming your host system or compromising your data.
In order to overload a network's resources and break up connections so that services cannot communicate with one another, a user sends a lot of protocol packets to it. Which attack type is this?
Your scenario is an illustration of a Denial-of-Service (DoS) attack. A DoS attack seeks to stop a network, system, or service from operating normally by overloading it with traffic or by taking advantage of security flaws to drain its resources.
Which of the following attack types is only meant to prevent users from using a computer resource?
Attacks known as denial of service (DoS) attempts are designed to render a computer resource—such as a website, network, or service—inaccessible to its intended users. The main objective of a DoS attack is to prevent the target system from responding to legitimate user requests by flooding it with malicious traffic or resource-intensive requests.
The database of a Web server can be accessed by an attacker using which of the following attacks?
A type of web application vulnerability known as SQL injection allows an attacker to manipulate web application input fields to run arbitrary SQL commands. An attacker can insert malicious SQL queries that can obtain, edit, or delete data from the web server's database if a web application is not properly protected against SQL injection.
Which of the following attacks involves information gathering by the attacker in preparation for an access attack?
The first stage of a cyber attack, known as reconnaissance, information collecting, or footprinting, involves the attacker acquiring data about a target system or network. The goal of reconnaissance is to gather important information about the infrastructure, weaknesses, and potential entry points of the target so that subsequent attacks can be planned and launched.
Which of the following programs generates cryptographic hashes of all important system files that need to be checked for changes automatically?
Security technologies called Tripwire programs assist track and spotting unwanted changes to crucial system files and directories. The use of cryptographic hashes to check the validity of files is one of Tripwire's primary features.
When changes are found, Tripwire can send out alerts or notifications, giving administrators time to look at the situation and address any security issues. In addition to adding an extra layer of security for seeing and addressing potential threats, it aids in maintaining the integrity of crucial system files.
Which of the following attack strategies involves the attacker disseminating a false IP address?
The malicious assault known as DNS poisoning, often referred to as DNS cache poisoning or DNS spoofing, affects the Domain Name System (DNS). The DNS is in charge of converting domain names used by computers to interact over the internet (such as www.example.com) into the appropriate IP addresses (such as 192.168.0.1).
In DNS poisoning, an attacker tricks DNS resolution to drive visitors to nefarious or unexpected websites. Typically, the attack entails adding erroneous or harmful DNS records to the DNS cache of a DNS server or client.