Leads4pass > GIAC > GIAC Certifications > GPEN > GPEN Online Practice Questions and Answers

GPEN Online Practice Questions and Answers

Questions 4

Analyze the screenshot below. What type of vulnerability is being attacked?

A. Windows Server service

B. Internet Explorer

C. Windows Powershell

D. Local Security Authority

Buy Now
Questions 5

Why is it important to have a cheat sheet reference of database system tables when performing SQL Injection?

A. This is where sites typically store sensitive information such as credit card numbers.

B. These tables contain a list of allowed database applications

C. The information in these tables will reveal details about the web application's code.

D. These tables contain metadata that can be queried to gain additional helpful information.

Buy Now
Questions 6

What is the main difference between LAN MAN and NTLMv1 challenge/responses?

A. NTLMv1 only pads IS bytes, whereas LANMAN pads to 21 bytes

B. NTLMv1 starts with the NT hash, whereas LANMAN starts with the LANMAN hash

C. NTLMv1utilizes DES, whereas LANMAN utilizes MD4

D. NTLMv1 splits the hash into 3 eight-byte pieces, whereas LAN MAN splits the hash Into 3 seven-byte pieces

Buy Now
Questions 7

Which of the following United States laws protects stored electronic information?

A. Title 18, Section 1029

B. Title 18, Section 1362

C. Title 18, Section 2701

D. Title 18, Section 2510

Buy Now
Questions 8

You have just set up a wireless network for customers at a coffee shop. Which of the following are good security measures to implement? Each correct answer represents a complete solution. Choose two.

A. MAC filtering the router

B. Using WPA encryption

C. Using WEP encryption

D. Not broadcasting SSID

Buy Now
Questions 9

You work as a Web developer in the IBM Inc. Your area of proficiency is PHP. Since you have proper knowledge of security, you have bewared from rainbow attack. For mitigating this attack, you design the PHP code based on the following

algorithm:

key = hash(password + salt)

for 1 to 65000 do

key = hash(key + salt)

Which of the following techniques are you implementing in the above algorithm?

A. Key strengthening

B. Hashing

C. Sniffing

D. Salting

Buy Now
Questions 10

You send SYN packets with the exact TTL of the target system starting at port 1 and going up to port 1024 using hping2 utility. This attack is known as __________.

A. Port scanning

B. Spoofing

C. Cloaking

D. Firewalking

Buy Now
Questions 11

Which of the following tools can be used to enumerate networks that have blocked ICMP Echo packets, however, failed to block timestamp or information packet or not performing sniffing of trusted addresses, and it also supports spoofing and promiscuous listening for reply packets?

A. Nmap

B. Zenmap

C. Icmpenum

D. Nessus

Buy Now
Questions 12

One of the sales people in your company complains that sometimes he gets a lot of unsolicited messages on his PDA. After asking a few questions, you determine that the issue only occurs in crowded areas like airports. What is the most likely problem?

A. A virus

B. Spam

C. Blue jacking

D. Blue snarfing

Buy Now
Questions 13

Which of the following tools is NOT used for wireless sniffing?

A. AirMagnet

B. Sniffer Wireless

C. AiroPeek

D. MiniStumbler

Buy Now
Exam Code: GPEN
Exam Name: GIAC Certified Penetration Tester (GPEN)
Last Update: Jul 08, 2026
Questions: 385
10%OFF Coupon Code: SAVE10

PDF (Q&A)

$49.99

VCE

$55.99

PDF + VCE

$65.99