GCIH Exam Question 236
Firekiller 2000 is an example of a __________.
GCIH Exam Question 237
Which of the following tools uses common UNIX/Linux tools like the strings and grep commands to search core system programs for signatures of the rootkits?
GCIH Exam Question 238
Which of the following methods can be used to detect session hijacking attack?
GCIH Exam Question 239
Which of the following techniques does an attacker use to sniff data frames on a local area network and modify the traffic?
GCIH Exam Question 240
John works as a Network Administrator for We-are-secure Inc. He finds that TCP port 7597 of the Weare- secure
server is open. He suspects that it may be open due to a Trojan installed on the server. He presents a report to the
company describing the symptoms of the Trojan. A summary of the report is given below:
Once this Trojan has been installed on the computer, it searches Notpad.exe, renames it Note.com, and then copies
itself to the computer as Notepad.exe. Each time Notepad.exe is executed, the Trojan executes and calls the original
Notepad to avoid being noticed.
Which of the following Trojans has the symptoms as the one described above?
server is open. He suspects that it may be open due to a Trojan installed on the server. He presents a report to the
company describing the symptoms of the Trojan. A summary of the report is given below:
Once this Trojan has been installed on the computer, it searches Notpad.exe, renames it Note.com, and then copies
itself to the computer as Notepad.exe. Each time Notepad.exe is executed, the Trojan executes and calls the original
Notepad to avoid being noticed.
Which of the following Trojans has the symptoms as the one described above?