GPEN Online Practice Questions and Answers

You are conducting a penetration test for a private company located in Canada. The scope extends to all internal-facing hosts controlled by the company. You have gathered necessary hold-harmless and non-disclosure agreements. Which action by your group can incur criminal liability under Criminal Code of Canada Sections 184 and 542 CC 184?

A. Analyzing internal firewall router software for vulnerabilities

B. Exploiting application vulnerabilities on end-user workstations

C. Attempting to crack passwords on a development server

D. Capturing a VoIP call to a third party without prior notice

You want to run the nmap command that includes the host specification of 202.176.56-57.*. How many hosts will you scan?

A. 512

B. 64

C. 1024

D. 256

You want to search the Apache Web server having version 2.0 using google hacking. Which of the following search queries will you use?

A. intitle:"Test Page for Apache Installation" "You are free"

B. intitle:"Test Page for Apache Installation" "It worked!"

C. intitle:test.page "Hey, it worked !" "SSl/TLS aware"

D. intitle:Sample.page.for.Apache Apache.Hook.Function

One of the sales people in your company complains that sometimes he gets a lot of unsolicited messages on his PDA. After asking a few questions, you determine that the issue only occurs in crowded areas like airports. What is the most likely problem?

A. Blue snarfing

B. Blue jacking

C. A virus

D. Spam

You are concerned about attackers simply passing by your office, discovering your wireless network, and getting into your network via the wireless connection. Which of the following are NOT steps in securing your wireless connection? Each correct answer represents a complete solution. Choose two.

A. Not broadcasting SSID

B. MAC filtering on the router

C. Strong password policies on workstations.

D. Using either WEP or WPA encryption

E. Hardening the server OS

Which of the following statements are true about the Enum tool?

Each correct answer represents a complete solution. Choose all that apply.

A. It is capable of performing brute force and dictionary attacks on individual accounts of Windows NT/2000.

B. One of the countermeasures against the Enum tool is to disable TCP port 139/445.

C. It is a console-based Win32 information enumeration utility.

D. It uses NULL and User sessions to retrieve user lists, machine lists, LSA policy information, etc.

John works as a Professional Ethical Hacker for we-are-secure Inc. The company is using a Wireless network. John has been assigned the work to check the security of WLAN of we-aresecure. For this, he tries to capture the traffic, however, he does not find a good traffic to analyze data. He has already discovered the network using the ettercap tool. Which of the following tools can he use to generate traffic so that he can crack the Wep keys and enter into the network?

A. ICMP ping flood tool

B. Kismet

C. Netstumbler

D. AirSnort

Fill in the blank with the appropriate act name.

The ____act gives consumers the right to ask emailers to stop spamming them.

A. CAN-SPAM