GIAC GPEN Certification Sample Questions

GPEN Dumps, GPEN PDF, GPEN VCE, GIAC Penetration Tester VCE, GIAC GPEN PDFThe purpose of this Sample Question Set is to provide you with information about the GIAC Penetration Tester (GPEN) exam. These sample questions will make you very familiar with both the type and the difficulty level of the questions on the GPEN certification test. To get familiar with real exam environment, we suggest you try our Sample GIAC GPEN Certification Practice Exam. This sample practice exam gives you the feeling of reality and is a clue to the questions asked in the actual GIAC Penetration Tester (GPEN) certification exam.

These sample questions are simple and basic questions that represent likeness to the real GIAC Penetration Tester exam questions. To assess your readiness and performance with real-time scenario based questions, we suggest you prepare with our Premium GIAC GPEN Certification Practice Exam. When you solve real time scenario based questions practically, you come across many difficulties that give you an opportunity to improve.

GIAC GPEN Sample Questions:

01. You want to start capturing a target user’s clipboard activity on a Windows target. Which Metasploit extension will you need to load inside your meterpreter session in order to make use of the clipboard commands?
a) load kiwi
b) load clipboard
c) load extapi
d) load clipbrd
 
02. __________ is the process of researching, collecting, and analyzing data that is available from public or open sources of information.
a) OSINT gathering
b) Fingerprinting
c) Active scanning
d) Web scraping
 
03. Which two key elements will help to properly scope a penetration test?
a) Areas of concern
b) Rules of engagement
c) Statement of work
d) Type of test
e) Status meetings
 
04. Which two commands can you use on a Windows system to list known Layer 2 addresses?
a) arp --all-neighbors
b) arp -a
c) Get-NetNeighbor
d) Get-ArpNeighbor
 
05. Which of the following protocols can offer a secure transport mechanism for delivering the report to the customer?
(Select all that apply.)
a) HTTP
b) SFTP
c) FTP
d) HTTPS
 
06. You are running the SharpHound ingestor with the Default collection method. Which of the following sets of data will not be collected?
(Select all that apply.)
a) Session information
b) RDP information
c) DCOM data
d) Group membership
e) Domain trust information
 
07. From a computer security perspective, which of the following are benefits of password hashing with a salt value?
(Select all that apply.)
a) No two users will have the same password hash.
b) Confidentiality of the password is ensured.
c) No two users will have the same password.
d) The password cannot be cracked.
 
08. NTLM offers a family of security protocols that can provide which of the following for authenticating users and computers based on a challenge-response mechanism?
(Select all that apply.)
a) Integrity
b) Authentication
c) Confidentiality
d) All of the above
 
09. During a web application penetration test, you find a possible blind SQL injection point in a form. You are limited in time and need an automated way of gathering data from the back-end database.
Which tool can help you accomplish this task?
a) sqldump
b) masscan
c) sqlmap
d) dbmapper
 
10. In a meterpreter session, which of the following commands dumps the keystroke buffer from a Windows 7 target?
a) keyscan_dump
b) keyboard_send
c) keyevent
d) keyscan_stop

Answers:

Question: 01
Answer: c
Question: 02
Answer: a
Question: 03
Answer: a, d
Question: 04
Answer: b, c
Question: 05
Answer: b, d
Question: 06
Answer: b, c
Question: 07
Answer: a, b
Question: 08
Answer: d
Question: 09
Answer: c
Question: 10
Answer: a

Note: For any error in GIAC Penetration Tester (GPEN) certification exam sample questions, please update us by writing an email on feedback@edusum.com.

Rating: 4.8 / 5 (151 votes)