4/6/25, 1:10 PM SEC401 Workbook, SANS 401 GSEC Exam 2025 update| comprehensive questions and verified answers (complete solutions) …
SEC401 Workbook, SANS 401 GSEC Exam 2025
update| comprehensive questions and verified
answers (complete solutions) Exam |GRADE A+!!
Save
Terms in this set (253)
What tcpdump flag -XX
displays hex, ASCII, and
the Ethernet header?
What tcpdump flag -nn
allows us to turn off
hostname and port
resolution?
What TCP flag is the only SYN
one set when initiating a
connection?
Which tool from the airodump-ng
aircrack-ng suite
captures wireless frames?
To crack WPA, you must True
capture a valid WPA
handshake?
What is the keyspace 2^
associated with WEP IVs?
What user account is part TrustedInstaller
of Windows Resource
Protection?
https://quizlet.com/1027671765/sec401-workbook-sans-401-gsec-exam-2025-update-comprehensive-questions-and-verified-answers-complete-… 1/19
,4/6/25, 1:10 PM SEC401 Workbook, SANS 401 GSEC Exam 2025 update| comprehensive questions and verified answers (complete solutions) …
What is the file system System32
location where DLL files
are stored?
What command is used powershell_ise.exe
to launch the graphical
PowerShell ISE editor?
What keyboard do we Mismatch
look for in secedit.exe
log files to find
mismatches?
What command is used ise
to open a text file in the
PowerShell ISE editor?
What PowerShell Get-Process and Get-Service
commands show
processes and services
What PowerShell Export-Csv
command can export
objects to a CSV text file?
What PowerShell Select-Object
command strips away
properties we don't care
about?
What is the file used by john.pot
John the Ripper to store
cracked passwords?
What password cracking Single
method uses GECOS
information?
True or False: John the False
Ripper can crack any
password within 2 days?
What Cisco password Type-7
type were we easily able
to decode with Cain?
https://quizlet.com/1027671765/sec401-workbook-sans-401-gsec-exam-2025-update-comprehensive-questions-and-verified-answers-complete-… 2/19
, 4/6/25, 1:10 PM SEC401 Workbook, SANS 401 GSEC Exam 2025 update| comprehensive questions and verified answers (complete solutions) …
What is the name of the SAM Database
password database on
Windows?
What Windows hash type NT or NTLM
did we crack with Cain
and Abel?
What Nmap option -oX
enables you to write
results in XML format?
Which Nmap scan type -sS
performs a Stealth Scan?
In what language are Lua
NSE scripts written?
What is the name of the strings
tool we used to display
text from the program?
What message did we Segmentation fault
get during the buffer
overflow?
What do we prepend to a ./
program to ensure it runs
from the current folder?
What is the name of the system
function enabling this
command injection bug?
True or False? You need False
to use the | symbol to
append on an additional
command?
What command did you rbash
use to go to the
restricted shell?
https://quizlet.com/1027671765/sec401-workbook-sans-401-gsec-exam-2025-update-comprehensive-questions-and-verified-answers-complete-… 3/19
SEC401 Workbook, SANS 401 GSEC Exam 2025
update| comprehensive questions and verified
answers (complete solutions) Exam |GRADE A+!!
Save
Terms in this set (253)
What tcpdump flag -XX
displays hex, ASCII, and
the Ethernet header?
What tcpdump flag -nn
allows us to turn off
hostname and port
resolution?
What TCP flag is the only SYN
one set when initiating a
connection?
Which tool from the airodump-ng
aircrack-ng suite
captures wireless frames?
To crack WPA, you must True
capture a valid WPA
handshake?
What is the keyspace 2^
associated with WEP IVs?
What user account is part TrustedInstaller
of Windows Resource
Protection?
https://quizlet.com/1027671765/sec401-workbook-sans-401-gsec-exam-2025-update-comprehensive-questions-and-verified-answers-complete-… 1/19
,4/6/25, 1:10 PM SEC401 Workbook, SANS 401 GSEC Exam 2025 update| comprehensive questions and verified answers (complete solutions) …
What is the file system System32
location where DLL files
are stored?
What command is used powershell_ise.exe
to launch the graphical
PowerShell ISE editor?
What keyboard do we Mismatch
look for in secedit.exe
log files to find
mismatches?
What command is used ise
to open a text file in the
PowerShell ISE editor?
What PowerShell Get-Process and Get-Service
commands show
processes and services
What PowerShell Export-Csv
command can export
objects to a CSV text file?
What PowerShell Select-Object
command strips away
properties we don't care
about?
What is the file used by john.pot
John the Ripper to store
cracked passwords?
What password cracking Single
method uses GECOS
information?
True or False: John the False
Ripper can crack any
password within 2 days?
What Cisco password Type-7
type were we easily able
to decode with Cain?
https://quizlet.com/1027671765/sec401-workbook-sans-401-gsec-exam-2025-update-comprehensive-questions-and-verified-answers-complete-… 2/19
, 4/6/25, 1:10 PM SEC401 Workbook, SANS 401 GSEC Exam 2025 update| comprehensive questions and verified answers (complete solutions) …
What is the name of the SAM Database
password database on
Windows?
What Windows hash type NT or NTLM
did we crack with Cain
and Abel?
What Nmap option -oX
enables you to write
results in XML format?
Which Nmap scan type -sS
performs a Stealth Scan?
In what language are Lua
NSE scripts written?
What is the name of the strings
tool we used to display
text from the program?
What message did we Segmentation fault
get during the buffer
overflow?
What do we prepend to a ./
program to ensure it runs
from the current folder?
What is the name of the system
function enabling this
command injection bug?
True or False? You need False
to use the | symbol to
append on an additional
command?
What command did you rbash
use to go to the
restricted shell?
https://quizlet.com/1027671765/sec401-workbook-sans-401-gsec-exam-2025-update-comprehensive-questions-and-verified-answers-complete-… 3/19
