• Home
  • Articles
  • [Oct-2022] GPEN Free Sample Questions to Practice One Year Update [Q166-Q186]

[Oct-2022] GPEN Free Sample Questions to Practice One Year Update [Q166-Q186]

Share

[Oct-2022] GPEN Free Sample Questions to Practice One Year Update

Download GPEN exam with GIAC GPEN Real Exam Questions


How to Prepare For GPEN Certification Exam

Preparation Guide for GPEN Certification Exam

GPEN: Tips to survive if you don't have time to read all the page

if you wish to demonstrate your ability to perform IT system security activities, you should consult the GSEC. The certification will help you demonstrate your knowledge of IT security, as well as the store's only passwords in cybersecurity. Certification requires that you pass a 180-question exam with a 73% score in five hours. This exam costs $ 1,699, so you may need to save some money or find out how to present it to your boss. Although the GIAC indicates that there are no specific experience requirements, those who expect to include GSEC in their curriculum must first request the certification attempt. Although it depends on factors such as job title, years of experience and position, those with GSEC certification can expect to earn, on average, salaries ranging between $ 67,000 and $ 108,000 per year.

GIAC certifications as GPEN must be renewed every four years. Registration is activated for the brand two years before the expiration date of the certification.

GPEN owners must accumulate 36 credits of continuous professional experience (CPE) to maintain their certifications. CPE information and documents must be submitted before the certification expires. You must also allow a processing time of 30 days from the complete shipment date. The sending and monitoring of CPE credits and the attribution of CPE credits to specific certification renewals such as GPEN are done through the board of your online GIAC account.

The certification maintenance fee is a non-refundable payment of $ 429, payable every four years at the time of registration. If multiple renewals are made during the two-year period, each is entitled to a discount, the initial renewal fees are $ 429 and subsequent renewals are $ 219 each.

The GIAC penetration tester certification requires a practical approach and is one of the most requested technical certifications for IT security. Certification is granted to penetration assessors who have demonstrated their ability to perform pen-testing in a wide range of infrastructure.

Obtaining and maintaining a GPEN certification or other pen testing certification helps demonstrate your technical ability and verify that you are up to date with the latest technologies.

There are no specific prerequisites for GPEN certification. However, it is necessary to have a good knowledge of the Windows operating system, using the Windows and Linux command line, computer networks and TCP / IP protocols and a basic knowledge of cryptographic concepts.

Numerous courses of piracy and penetration tests are available, as well as training in GPEN certification.

 

NEW QUESTION 166
Which TCP and UDP ports can be used to start a NULL session attack in NT and 2000 operating systems?

  • A. 139 and 445
  • B. 198 and 173
  • C. 203 and 333
  • D. 149 and 133

Answer: A

 

NEW QUESTION 167
Which of the following tools can be used to enumerate networks that have blocked ICMP Echo packets, however, failed to block timestamp or information packet or not performing sniffing of trusted addresses, and it also supports spoofing and promiscuous listening for reply packets?

  • A. Icmpenum
  • B. Zenmap
  • C. Nessus
  • D. Nmap

Answer: A

 

NEW QUESTION 168
Which of the following is a method of gathering user names from a Linux system?

  • A. Displaying the owner information of system-specific binaries
  • B. Reviewing the contents of the system log files
  • C. Extracting text strings from the system password file
  • D. Gathering listening services from the xinetd configuration files

Answer: D

Explanation:
Section: Volume A
Explanation/Reference:
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/pdf/Security_Guide/ Red_Hat_Enterprise_Linux-6-Security_Guide-en-US.pdf

 

NEW QUESTION 169
What concept do Rainbow Tables use to speed up password cracking?

  • A. Fast Lookup Crack Tables
  • B. Disk Recall Cracking
  • C. Time-Memory Trade-off
  • D. Memory Swap Trades

Answer: C

Explanation:
Reference:
http://en.wikipedia.org/wiki/Space%E2%80%93time_tradeoff

 

NEW QUESTION 170
Which of following tasks can be performed when Nikto Web scanner is using a mutation technique?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Enumerating user names via Apache.
  • B. Testing all files with all root directories.
  • C. Guessing for password file names.
  • D. Sending mutation payload for Trojan attack.

Answer: A,B,C

 

NEW QUESTION 171
Which of the following tools is based on the SATAN tool?

  • A. GFI LANguard
  • B. Internet scanner
  • C. SAINT
  • D. Retina

Answer: C

 

NEW QUESTION 172
John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we- are-secure.com. On the We-are-secure login page, he enters ='or''=' as a username and successfully logs in to the user page of the Web site. The We-are-secure login page is vulnerable to a __________.

  • A. SQL injection attack
  • B. Replay attack
  • C. Dictionary attack
  • D. Land attack

Answer: A

Explanation:
Section: Volume C

 

NEW QUESTION 173
During a penetration test you discover a valid set of SSH credentials to a remote system. How can this be used to your advantage in a Nessus scan?

  • A. The "SSH' box can be checked to let Nessus know the remote system is running
  • B. This information can be entered under the 'credentials' tab to allow Nessus to log into the system
  • C. There isn't an advantage as Nessus will ultimately discover this information.
  • D. This information can be entered under the 'Hydra' tab to launch a brute-forcepassword attack.

Answer: A

Explanation:
Section: Volume A

 

NEW QUESTION 174
John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He is using the Linux operating system. He wants to use a wireless sniffer to sniff the We-are-secure network. Which of the following tools will he use to accomplish his task?

  • A. Snadboy's Revelation
  • B. NetStumbler
  • C. Kismet
  • D. WEPCrack

Answer: C

 

NEW QUESTION 175
A penetration tester wishes to stop the Windows Firewall process on a remote host running Windows Vista She issues the following commands:

A check of the remote host indicates that Windows Firewall is still running. Why did the command fail?

  • A. The user does not have the access level needed to stop the firewall.
  • B. The kernel prevented the command from being executed.
  • C. The sc command needs to be passed the IP address of the target.
  • D. The remote server timed out and did not complete the command.

Answer: C

Explanation:
Section: Volume A

 

NEW QUESTION 176
You enter the following URL on your Web browser:
http://www.we-are-secure.com/scripts/..%co%af../..%co%
af../windows/system32/cmd.exe?/c+dir+c:\
What kind of attack are you performing?

  • A. URL obfuscating
  • B. Replay
  • C. Session hijacking
  • D. Directory traversal

Answer: D

 

NEW QUESTION 177
You work as a Penetration Tester for the Infosec Inc. Your company takes the projects of security auditing.
Recently, your company has assigned you a project to test the security of the we-aresecure. com network.
Now, when you have finished your penetration testing, you find that the weare- secure.com server is highly vulnerable to SNMP enumeration. You advise the we-are-secure Inc. to turn off SNMP; however, this is not possible as the company is using various SNMP services on its remote nodes. What other step can you suggest to remove SNMP vulnerability?
Each correct answer represents a complete solution. Choose two.

  • A. Install antivirus.
  • B. Upgrade SNMP Version 1 with the latest version.
  • C. Close port TCP 53.
  • D. Change the default community string names.

Answer: B,D

Explanation:
Section: Volume C
Explanation

 

NEW QUESTION 178
Adam works as a professional Computer Hacking Forensic Investigator. He wants to investigate a suspicious email that is sent using a Microsoft Exchange server. Which of the following files will he review to accomplish the task?
Each correct answer represents a part of the solution. Choose all that apply.

  • A. cookie files
  • B. Temporary files
  • C. Checkpoint files
  • D. EDB and STM database files

Answer: B,C,D

Explanation:
Section: Volume B
Explanation

 

NEW QUESTION 179
You have connected to a Windows system remotely and have shell access via netcat. While connected to the remote system you notice that some Windows commands work normally while others do not An example of this is shown in the picture below Which of the following best describes why tins is happening?

  • A. Another application is already running on the port Netcat is listening on.
  • B. The listener executed command.com instead of cmd.exe.
  • C. Netcat cannot properly interpret certain control characters or Unicode sequences.
  • D. TheNetcat listener is running with system level privileges.

Answer: D

Explanation:
Section: Volume A

 

NEW QUESTION 180
John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we-are-secure.com. He performs Web vulnerability scanning on the We-are-secure server.
The output of the scanning test is as follows:
C:\whisker.pl -h target_IP_address
-- whisker / v1.4.0 / rain forest puppy / www.wiretrip.net -- = - = - = - = -
= Host: target_IP_address
= Server: Apache/1.3.12 (Win32) ApacheJServ/1.1
mod_ssl/2.6.4 OpenSSL/0.9.5a mod_perl/1.22
+ 200 OK: HEAD /cgi-bin/printenv
John recognizes /cgi-bin/printenv vulnerability ('Printenv' vulnerability) in the We_are_secure server. Which of the following statements about 'Printenv' vulnerability are true?
Each correct answer represents a complete solution. Choose all that apply.

  • A. The countermeasure to 'printenv' vulnerability is to remove the CGI script.
  • B. 'Printenv' vulnerability maintains a log file of user activities on the Website, which may be useful for the attacker.
  • C. This vulnerability helps in a cross site scripting attack.
  • D. With the help of 'printenv' vulnerability, an attacker can input specially crafted links and/or other malicious scripts.

Answer: A,C,D

 

NEW QUESTION 181
You work as a Network Security Analyzer. You got a suspicious email while working on a forensic project. Now, you want to know the IP address of the sender so that you can analyze various information such as the actual location, domain information, operating system being used, contact information, etc. of the email sender with the help of various tools and resources. You also want to check whether this email is fake or real. You know that analysis of email headers is a good starting point in such cases. The email header of the suspicious email is given below:

What is the IP address of the sender of this email?

  • A. 209.191.91.180
  • B. 141.1.1.1
  • C. 172.16.10.90
  • D. 216.168.54.25

Answer: D

Explanation:
Section: Volume C

 

NEW QUESTION 182
Which of the following are the drawbacks of the NTLM Web authentication scheme?
Each correct answer represents a complete solution. Choose all that apply.

  • A. The password is sent in hashed format to the Web server.
  • B. The password is sent in clear text format to the Web server.
  • C. It works only with Microsoft Internet Explorer.
  • D. It can be brute forced easily.

Answer: C,D

 

NEW QUESTION 183
Mark works as a Network Administrator for NetTech Inc. Several employees of the company work from the remote locations. The company provides a dial-up connection to employees to connect to the company's network using remote access service. Mark wants to implement call back feature for the employees who are dialing for long distance. Which of the following protocols will he use for remote access services to accomplish the task?

  • A. WEP
  • B. PPP
  • C. SLIP
  • D. UDP

Answer: B

 

NEW QUESTION 184
Analyze the command output below. What information can the tester infer directly from the information shown?

  • A. Null sessions are enabled on the target
  • B. Account lockouts must be reset by the Administrator
  • C. The administrator account has no password
  • D. The target host is running Linux with Samba services

Answer: D

Explanation:
Section: Volume A

 

NEW QUESTION 185
If the privacy bit is set in the 802.11 header, what does it indicate?

  • A. Some form of encryption is In use.
  • B. Some form of PEAP is being used.
  • C. SSID cloaking is being used.
  • D. WAP is being used.

Answer: D

 

NEW QUESTION 186
......


How much GPEN Exam cost

The price of the GPEN exam is $1,699.


Conclusion

Being successful in the GIAC GPEN certification exam is not complicated as long as you are organized when it comes to training. Apart from carefully reading the test blueprint, you should also explore different training materials. For example, you can use the books and study guides available on Amazon or enroll in the training courses developed by the vendor and its official partners.

 

Real exam questions are provided for GIAC Information Security tests, which can make sure you 100% pass: https://examcollection.actualcollection.com/GPEN-exam-questions.html

Related Articles

more
GIAC GPEN Certification Practice Exam

Copyright © 2026 ActualCollection NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy