Weekend Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

GPEN Exam Dumps - GIAC Security Administration Questions and Answers

Question # 54

Which of the following is the feature that separates the use of Rainbow Tables from other applications such as Cain or John the Ripper?

Options:

A.

Salts are used to create massive password databases for comparison.

B.

Applications take advantage of 64-bit CPU processor and multithread the crackingprocess.

C.

Data Is aligned efficiently in the rainbow tables making the search process quicker

D.

Raw hashed passwords are compared to pre-calculated hash tables.

Buy Now
Question # 55

You've been asked to test a non-transparent proxy lo make sure it is working. After confirming the browser is correctly pointed at the proxy, you try to browse a web site. The browser indicates it is "loading" but never displays any part the page. Checking the proxy, you see a valid request in the proxy from your browser. Checking the response to the proxy, you see the results displayed in the accompanying screenshot. Which of the following answers is the most likely reason the browser hasn't displayed the page yet?

Options:

A.

The proxy is likely hung and must be restarted.

B.

The proxy is configured to trap responses.

C.

The proxy is configured to trap requests.

D.

The site you are trying to reach is currently down.

Buy Now
Question # 56

Which of the following TCP packet sequences are common during a SYN (or half-open) scan?

Options:

A.

The source computer sends SYN and the destination computer responds with RST

B.

The source computer sends SYN-ACK and no response Is received from the destination computer

C.

The source computer sends SYN and no response is received from the destination computer

D.

The source computer sends SYN-ACK and the destination computer responds with RST-ACK

E.

A,B and C

F.

A and C

G.

C and D

Buy Now
Question # 57

Which of the following is the JavaScript variable used to store a cookie?

Options:

A.

Browsercookie

B.

Windowcookie

C.

Document cookie

D.

Session cookie

Buy Now
Question # 58

A penetration tester used a client-side browser exploit from metasploit to get an unprivileged shell prompt on the target Windows desktop. The penetration tester then tried using the getsystem command to perform a local privilege escalation which failed. Which of the following could resolve the problem?

Options:

A.

Load priv module and try getsystem again

B.

Run getuid command, then getpriv command, and try getsystem again

C.

Run getuid command and try getsystem again

D.

Use getprivs command instead of getsystem

Buy Now
Question # 59

You are pen testing a network and have shell access to a machine via Netcat. You try to use ssh to access another machine from the first machine. What is the expected result?

Options:

A.

The ssh connection will succeed If you have root access on the intermediate

machine

B.

The ssh connection will fail

C.

The ssh connection will succeed

D.

The ssh connection will succeed if no password required

Buy Now
Question # 60

Which Metasploit payload includes simple upload and download functionality for moving files to and from compromised systems?

Options:

A.

DLL inject

B.

Upexec

C.

Meterpreter

D.

Vncinject

Buy Now
Exam Code: GPEN
Exam Name: GIAC Penetration Tester
Last Update: Aug 24, 2025
Questions: 385
GPEN pdf

GPEN PDF

$25.5  $84.99
 Add to Cart
GPEN Engine

GPEN Testing Engine

$28.5  $94.99
 Add to Cart
GPEN PDF + Engine

GPEN PDF + Testing Engine

$40.5  $134.99
 Add to Cart