Summer Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ecus65

ECCouncil EC0-350 - Ethical Hacking and Countermeasures V8

ECCouncil EC0-350 Premium Access     Download Demo    
Page: 2 / 14
Total 878 questions

A Trojan horse is a destructive program that masquerades as a benign application. The software initially appears to perform a desirable function for the user prior to installation and/or execution, but in addition to the expected function steals information or harms the system.

The challenge for an attacker is to send a convincing file attachment to the victim, which gets easily executed on the victim machine without raising any suspicion. Today's end users are quite knowledgeable about malwares and viruses. Instead of sending games and fun executables, Hackers today are quite successful in spreading the Trojans using Rogue security software.

What is Rogue security software?

A.

A flash file extension to Firefox that gets automatically installed when a victim visits rogue software disabling websites

B.

A Fake AV program that claims to rid a computer of malware, but instead installs spyware or other malware onto the computer. This kind of software is known as rogue security software.

C.

Rogue security software is based on social engineering technique in which the attackers lures victim to visit spear phishing websites

D.

This software disables firewalls and establishes reverse connecting tunnel between the victim's machine and that of the attacker

You have successfully gained access to a victim's computer using Windows 2003 Server SMB Vulnerability. Which command will you run to disable auditing from the cmd?

A.

stoplog stoplog ?

B.

EnterPol /nolog

C.

EventViewer o service

D.

auditpol.exe /disable

Bob was frustrated with his competitor, Brownies Inc., and decided to launch an attack that would result in serious financial losses. He planned the attack carefully and carried out the attack at the appropriate moment.

Meanwhile, Trent, an administrator at Brownies Inc., realized that their main financial transaction server had been attacked. As a result of the attack, the server crashed and Trent needed to reboot the system, as no one was able to access the resources of the company. This process involves human interaction to fix it.

What kind of Denial of Service attack was best illustrated in the scenario above?

A.

Simple DDoS attack

B.

DoS attacks which involves flooding a network or system

C.

DoS attacks which involves crashing a network or system

D.

DoS attacks which is done accidentally or deliberately

You establish a new Web browser connection to Google. Since a 3-way handshake is required for any TCP connection, the following actions will take place.

    DNS query is sent to the DNS server to resolve www.google.com

    DNS server replies with the IP address for Google?

    SYN packet is sent to Google.

    Google sends back a SYN/ACK packet

    Your computer completes the handshake by sending an ACK

    The connection is established and the transfer of data commences

Which of the following packets represent completion of the 3-way handshake?

A.

4th packet

B.

3rdpacket

C.

6th packet

D.

5th packet

In this type of Man-in-the-Middle attack, packets and authentication tokens are captured using a sniffer. Once the relevant information is extracted, the tokens are placed back on the network to gain access.

A.

Token Injection Replay attacks

B.

Shoulder surfing attack

C.

Rainbow and Hash generation attack

D.

Dumpster diving attack

Which of the following encryption is NOT based on block cipher?

A.

DES

B.

Blowfish

C.

AES (Rijndael)

D.

RC4

You are gathering competitive intelligence on an organization. You notice that they have jobs listed on a few Internet job-hunting sites. There are two jobs for network and system administrators. How can this help you in foot printing the organization?

A.

To learn about the IP range used by the target network

B.

To identify the number of employees working for the company

C.

To test the limits of the corporate security policy enforced in the company

D.

To learn about the operating systems, services and applications used on the network

Frederickson Security Consultants is currently conducting a security audit on the networks of Hawthorn Enterprises, a contractor for the Department of Defense. Since Hawthorn Enterprises conducts business daily with the federal government, they must abide by very stringent security policies. Frederickson is testing all of Hawthorn's physical and logical security measures including biometrics, passwords, and permissions. The federal government requires that all users must utilize random, non-dictionary passwords that must take at least 30 days to crack. Frederickson has confirmed that all Hawthorn employees use a random password generator for their network passwords. The Frederickson consultants have saved off numerous SAM files from Hawthorn's servers using Pwdump6 and are going to try and crack the network passwords. What method of attack is best suited to crack these passwords in the shortest amount of time?

A.

Brute force attack

B.

Birthday attack

C.

Dictionary attack

D.

Brute service attack

What is the default Password Hash Algorithm used by NTLMv2?

A.

MD4

B.

DES

C.

SHA-1

D.

MD5

Within the context of Computer Security, which of the following statements describes Social Engineering best?

A.

Social Engineering is the act of publicly disclosing information

B.

Social Engineering is the means put in place by human resource to perform time accounting

C.

Social Engineering is the act of getting needed information from a person rather than breaking into a system

D.

Social Engineering is a training program within sociology studies

What port number is used by LDAP protocol?

A.

110

B.

389

C.

464

D.

445

While testing web applications, you attempt to insert the following test script into the search area on the company's web site:

Later, when you press the search button, a pop up box appears on your screen with the text "Testing Testing Testing". What vulnerability is detected in the web application here?

A.

Cross Site Scripting

B.

Password attacks

C.

A Buffer Overflow

D.

A hybrid attack

Your company has blocked all the ports via external firewall and only allows port 80/443 to connect to the Internet. You want to use FTP to connect to some remote server on the Internet. How would you accomplish this?

A.

Use HTTP Tunneling

B.

Use Proxy Chaining

C.

Use TOR Network

D.

Use Reverse Chaining

John the hacker is sniffing the network to inject ARP packets. He injects broadcast frames onto the wire to conduct MiTM attack. What is the destination MAC address of a broadcast frame?

A.

0xFFFFFFFFFFFF

B.

0xDDDDDDDDDDDD

C.

0xAAAAAAAAAAAA

D.

0xBBBBBBBBBBBB

How do you defend against MAC attacks on a switch?

A.

Disable SPAN port on the switch

B.

Enable SNMP Trap on the switch

C.

Configure IP security on the switch

D.

Enable Port Security on the switch

Which of the following Trojans would be considered 'Botnet Command Control Center'?

A.

YouKill DOOM

B.

Damen Rock

C.

Poison Ivy

D.

Matten Kit

Joseph has just been hired on to a contractor company of the Department of Defense as their Senior Security Analyst. Joseph has been instructed on the company's strict security policies that have been implemented, and the policies that have yet to be put in place. Per the Department of Defense, all DoD users and the users of their contractors must use two-factor authentication to access their networks. Joseph has been delegated the task of researching and implementing the best two-factor authentication method for his company. Joseph's supervisor has told him that they would like to use some type of hardware device in tandem with a security or identifying pin number. Joseph's company has already researched using smart cards and all the resources needed to implement them, but found the smart cards to not be cost effective. What type of device should Joseph use for two-factor authentication?

A.

Biometric device

B.

OTP

C.

Proximity cards

D.

Security token

In TCP communications there are 8 flags; FIN, SYN, RST, PSH, ACK, URG, ECE, CWR. These flags have decimal numbers assigned to them:

FIN = 1

SYN = 2

RST = 4

PSH = 8

ACK = 16

URG = 32

ECE = 64

CWR =128

Example: To calculate SYN/ACK flag decimal value, add 2 (which is the decimal value of the SYN flag) to 16 (which is the decimal value of the ACK flag), so the result would be 18.

Based on the above calculation, what is the decimal value for XMAS scan?

A.

23

B.

24

C.

41

D.

64

Charlie is the network administrator for his company. Charlie just received a new Cisco router and wants to test its capabilities out and to see if it might be susceptible to a DoS attack resulting in its locking up. The IP address of the Cisco switch is 172.16.0.45. What command can Charlie use to attempt this task?

A.

Charlie can use the commanD. ping -l 56550 172.16.0.45 -t.

B.

Charlie can try using the commanD. ping 56550 172.16.0.45.

C.

By using the command ping 172.16.0.45 Charlie would be able to lockup the router

D.

He could use the commanD. ping -4 56550 172.16.0.45.

You are the CIO for Avantes Finance International, a global finance company based in Geneva. You are responsible for network functions and logical security throughout the entire corporation. Your company has over 250 servers running Windows Server, 5000 workstations running Windows Vista, and 200 mobile users working from laptops on Windows 7.

Last week, 10 of your company's laptops were stolen from salesmen while at a conference in Amsterdam. These laptops contained proprietary company information. While doing damage assessment on the possible public relations nightmare this may become, a news story leaks about the stolen laptops and also that sensitive information from those computers was posted to a blog online.

What built-in Windows feature could you have implemented to protect the sensitive information on these laptops?

A.

You should have used 3DES which is built into Windows

B.

If you would have implemented Pretty Good Privacy (PGP) which is built into Windows, the sensitive information on the laptops would not have leaked out

C.

You should have utilized the built-in feature of Distributed File System (DFS) to protect the sensitive information on the laptops

D.

You could have implemented Encrypted File System (EFS) to encrypt the sensitive files on the laptops