EC-Council
EC0-350 · Question #735
EC0-350 Question #735: Real Exam Question with Answer & Explanation
Sign in or unlock EC0-350 to reveal the answer and full explanation for question #735. The question stem and answer options stay visible for context.
Question
Joe the Hacker breaks into XYZ's Linux system and plants a wiretap program in order to sniff passwords and user accounts off the wire. The wiretap program is embedded as a Trojan horse in one of the network utilities. Joe is worried that network administrator might detect the wiretap program by querying the interfaces to see if they are running in promiscuous mode. What can Joe do to hide the wiretap program from being detected by ifconfig command?
Exhibit
Options
- ABlock output to the console whenever the user runs ifconfig command by running screen capture utiliyu
- BRun the wiretap program in stealth mode from being detected by the ifconfig command.
- CReplace original ifconfig utility with the rootkit version of ifconfig hiding Promiscuous information being
- DYou cannot disable Promiscuous mode detection on Linux systems.
Unlock EC0-350 to see the answer
You've previewed enough free EC0-350 questions. Unlock EC0-350 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.