EC0-350 Exam Questions

Based on the following extract from the log of a compromised machine, what is the hacker really trying to steal?

As a securing consultant, what are some of the things you would recommend to a company to ensure DNS security? Select the best answers.

Why would you consider sending an email to an address that you know does not exist within the company you are performing a Penetration Test for?

What tool can crack Windows SMB passwords simply by listening to network traffic? Select the best answer.

A network admin contacts you. He is concerned that ARP spoofing or poisoning might occur on his network. What are some things he can do to prevent it? Select the best answers.

Peter, a Network Administrator, has come to you looking for advice on a tool that would help him perform SNMP enquires over the network. Which of these tools would do the SNMP enum...

If a token and 4-digit personal identification number (PIN) are used to access a computer system and the token performs off-line checking for the correct PIN, what type of attack i...

Bob is doing a password assessment for one of his clients. Bob suspects that security policies are not in place. He also suspects that weak passwords are probably the norm througho...

Study the snort rule given below: From the options below, choose the exploit against which this rule applies.

Which of the following algorithms can be used to guarantee the integrity of messages being sent, in transit, or stored? (Choose the best answer)

A user on your Windows 2000 network has discovered that he can use L0phtcrack to sniff the SMB exchanges which carry user logons. The user is plugged into a hub with 23 other syste...

You are attempting to crack LM Manager hashed from Windows 2000 SAM file. You will be using LM Brute force hacking tool for decryption. What encryption algorithm will you be decryp...

In the context of password security, a simple dictionary attack involves loading a dictionary file (a text file full of dictionary words) into a cracking application such as L0phtC...

What is the algorithm used by LM for Windows2000 SAM?

E-mail scams and mail fraud are regulated by which of the following?

Which of the following LM hashes represent a password of less than 8 characters? (Select 2)

Which of the following is the primary objective of a rootkit?

This kind of password cracking method uses word lists in combination with numbers and special characters:

_________ is a tool that can hide processes from the process list, can hide files, registry entries, and intercept keystrokes.

What is the BEST alternative if you discover that a rootkit has been installed on one of your computers?

What do Trinoo, TFN2k, WinTrinoo, T-Sight, and Stracheldraht have in common?

How can you determine if an LM hash you extracted contains a password that is less than 8 characters long?

When discussing passwords, what is considered a brute force attack?

Which of the following are well know password-cracking programs?(Choose all that apply.

Password cracking programs reverse the hashing process to recover passwords.(True/False.)

While examining audit logs, you discover that people are able to telnet into the SMTP server on port 25. You would like to block this, though you do not see any evidence of an atta...

Windows LAN Manager (LM) hashes are known to be weak. Which of the following are known weaknesses of LM? (Choose three)

You have retrieved the raw hash values from a Windows 2000 Domain Controller. Using social engineering, you come to know that they are enforcing strong passwords. You understand th...

An attacker runs netcat tool to transfer a secret file between two hosts. Machine A: netcat -l -p 1234 < secretfile Machine B: netcat 192.168.3.4 > 1234 He is worried about informa...

Fingerprinting an Operating System helps a cracker because:

In the context of Windows Security, what is a 'null' user?

What does the following command in netcat do? nc -l -u -p55555 < /etc/passwd

What hacking attack is challenge/response authentication used to prevent?

What file system vulnerability does the following command take advantage of? type c:\anyfile.exe > c:\winnt\system32\calc.exe:anyfile.exe

Attackers can potentially intercept and modify unsigned SMB packets, modify the traffic and forward it so that the server might perform undesirable actions. Alternatively, the atta...

LM authentication is not as strong as Windows NT authentication so you may want to disable its use, because an attacker eavesdropping on network traffic will attack the weaker prot...

Which of the following keyloggers cannot be detected by anti-virus or anti-spyware products?

_____ is the process of converting something from one representation to the simplest form. It deals with the way in which systems convert data from one form to another.

Which type of attack is port scanning?

You are a Administrator of Windows server. You want to find the port number for POP3. What file would you find the information in and where? Select the best answer.

One of your junior administrator is concerned with Windows LM hashes and password cracking. In your discussion with them, which of the following are true statements that you would...

In the following example, which of these is the "exploit"? Today, Microsoft Corporation released a security notice. It detailed how a person could bring down the Windows 2003 Serve...

Assuring two systems that are using IPSec to protect traffic over the internet, what type of general attack could compromise the data?

What is a Trojan Horse?

You want to use netcat to generate huge amount of useless network data continuously for various performance testing between 2 hosts. Which of the following commands accomplish this...

After an attacker has successfully compromised a remote computer, what would be one of the last steps that would be taken to ensure that the compromise is not traced back to the so...

You have hidden a Trojan file virus.exe inside another file readme.txt using NTFS streaming. Which command would you execute to extract the Trojan to a standalone file?

You suspect that your Windows machine has been compromised with a Trojan virus. When you run anti-virus software it does not pick of the Trojan. Next you run netstat command to loo...

In Linux, the three most common commands that hackers usually attempt to Trojan are:

John wishes to install a new application onto his Windows 2000 server. He wants to ensure that any application he uses has not been Trojaned. What can he do to help ensure this?