Want to pass your GIAC Certified Incident Handler GCIH exam in the very first attempt? Try Pass2lead! It is equally effective for both starters and IT professionals.
VCE
Which of the following functions can be used as a countermeasure to a Shell Injection attack? Each correct answer represents a complete solution. (Choose all that apply.)
A. escapeshellarg()
B. mysql_real_escape_string()
C. regenerateid()
D. escapeshellcmd()
An analyst ran a Nessus scan with Dangerous plugins enabled for performing a vulnerability scan against a business critical system running on the production network. This brought down the target host, without alerting on it while the scan was occurring. How could the scan have avoided crashing the target host?
A. Never scan production networks, since they are business critical at all times
B. Scan the business critical systems, after you disable dangerous plugins
C. Do not scan any business critical systems, since they have other priorities
D. Use a different vulnerability scanner, since Nessus is dangerous in this situation
Where would an incident handler search for autostart extensibility points (ASEPs) on a Windows host?
A. Firewall configuration control panel
B. Local machine registry hive
C. Windows Temp Directory
D. Security event logs