GIAC GPEN Exam - Topic 1 Question 22 Discussion

Actual exam question for GIAC's GPEN exam

Question #: 22
Topic #: 1

[All GPEN Questions]

Victor wants to use Wireless Zero Configuration (WZC) to establish a wireless network connection using his computer running on Windows XP operating system. Which of the following are the most likely threats to his computer?

Each correct answer represents a complete solution. Choose two.

AAttacker can use the Ping Flood DoS attack if WZC is used.

BAttacker by creating a fake wireless network with high power antenna cause Victor's computer to associate with his network to gain access.

CInformation of probing for networks can be viewed using a wireless analyzer and may be used to gain access.

DIt will not allow the configuration of encryption and MAC filtering. Sending information is not secure on wireless network.

Show Suggested Answer

Suggested Answer: B, C

by Johnna at May 08, 2022, 03:21 PM

Limited Time Offer

25%

Off

Get Premium GPEN Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Carmelina

4 months ago

Yeah, fake networks are super common these days, watch out!

upvoted 0 times

...

Graciela

4 months ago

A is a bit of a stretch, not sure about that one.

upvoted 0 times

...

Jerilyn

4 months ago

Wait, can WZC really be that insecure? Sounds sketchy!

upvoted 0 times

...

Tamala

4 months ago

I think D is also a valid concern, encryption is crucial.

upvoted 0 times

...

Tawanna

5 months ago

Definitely B and C, those are big threats!

upvoted 0 times

...

Salome

5 months ago

I'm a bit confused about option A. I don't remember if WZC specifically makes systems vulnerable to DoS attacks.

upvoted 0 times

...

Mammie

5 months ago

I practiced a question similar to this, and I think D is also a valid threat because unsecured networks can lead to data exposure.

upvoted 0 times

...

Carmelina

5 months ago

I think option C is definitely a concern since probing can expose information. I just can't recall if the Ping Flood is relevant here.

upvoted 0 times

...

Carlee

5 months ago

I remember studying about how fake networks can trick devices into connecting, so option B seems likely. But I'm not sure if that's the only threat.

upvoted 0 times

...

Bok

5 months ago

I'm a bit confused on this one. I know Splunk can handle various character encodings, but I'm not sure what the default is. I'll have to make an educated guess.

upvoted 0 times

...

Geoffrey

5 months ago

I'm a little stuck on this one. The options don't seem to directly match the concepts of quality management that we covered. I'll have to review my notes and see if I can figure out the key differences.

upvoted 0 times

...

Margart

5 months ago

I'm a little confused by the wording of this question. Is it asking about the overall valuation approach, or a specific method within that approach? I'll need to re-read it carefully and make sure I understand the nuance before answering.

upvoted 0 times

...

Michel

5 months ago

Okay, let's see. The notes need to be visible to other team members, so I'm thinking option C might be the best choice - placing the notes before the first line of code with a blank line in between.

upvoted 0 times

...