EC0-350 Exam Questions

Access control is often implemented through the use of MAC address filtering on wireless Access Points. Why is this considered to be a very limited security measure?

In order to attack a wireless network, you put up an access point and override the signal of the real access point. As users send authentication data, you are able to capture it. W...

On wireless networks, SSID is used to identify the network. Why are SSID not considered to be a good security mechanism to protect a wireless networks?

Bob reads an article about how insecure wireless networks can be. He gets approval from his management to implement a policy of not allowing any wireless devices on the network. Wh...

Jackson discovers that the wireless AP transmits 128 bytes of plaintext, and the station responds by encrypting the plaintext. It then transmits the resulting ciphertext using the...

Jacob would like your advice on using a wireless hacking tool that can save him time and get him better results with lesser packets. You would like to recommend a tool that uses Ko...

In order to attack a wireless network, you put up an access point and override the signal of the real access point. As users send authentication data, you are able to capture it. W...

Matthew re-injects a captured wireless packet back onto the network. He does this hundreds of times within a second. The packet is correctly encrypted and Matthew assumes it is an...

Derek has stumbled upon a wireless network and wants to assess its security. However, he does not find enough traffic for a good capture. He intends to use AirSnort on the captured...

Why do you need to capture five to ten million packets in order to crack WEP with AirSnort?

Sally is a network admin for a small company. She was asked to install wireless accesspoints in the building. In looking at the specifications for the access-points, she sees that...

Joe Hacker is going wardriving. He is going to use PrismStumbler and wants it to go to a GPS mapping software application. What is the recommended and well-known GPS mapping packag...

Virus Scrubbers and other malware detection program can only detect items that they are aware of. Which of the following tools would allow you to detect unauthorized changes or mod...

What are the main drawbacks for anti-virus software?

What is the best means of prevention against viruses?

Melissa is a virus that attacks Microsoft Windows platforms. To which category does this virus belong?

The Slammer Worm exploits a stack-based overflow that occurs in a DLL implementing the Resolution Service. Which of the following Database Server was targeted by the slammer worm?

You find the following entries in your web log. Each shows attempted access to either root.exe or cmd.exe. What caused this?

Which of the following is one of the key features found in a worm but not seen in a virus?

Which are true statements concerning the BugBear and Pretty Park worms? Select the best answers.

One of the better features of NetWare is the use of packet signature that includes cryptographic signatures. The packet signature mechanism has four levels from 0 to 3. In the list...

Which is the Novell Netware Packet signature level used to sign all packets ?

If you receive a RST packet while doing an ACK scan, it indicates that the port is open.(True/False).

If you perform a port scan with a TCP ACK packet, what should an OPEN port return?

Pandora is used to attack __________ network operating systems.

What is the name of the software tool used to crack a single account on Netware Servers using a dictionary attack?

Which of the following is NOT a valid NetWare access level?

Windump is the windows port of the famous TCPDump packet sniffer available on a variety of platforms. In order to use this tool on the Windows platform you must install a packet ca...

Joe the Hacker breaks into XYZ's Linux system and plants a wiretap program in order to sniff passwords and user accounts off the wire. The wiretap program is embedded as a Trojan h...

What is the expected result of the following exploit?

You have just installed a new Linux file server at your office. This server is going to be used by several individuals in the organization, and unauthorized personnel must not be a...

Jim's organization has just completed a major Linux roll out and now all of the organization's systems are running the Linux 2.5 kernel. The roll out expenses has posed constraints...

WinDump is a popular sniffer which results from the porting to Windows of TcpDump for Linux. What library does it use?

Several of your co-workers are having a discussion over the etc/passwd file. They are at odds over what types of encryption are used to secure Linux passwords.(Choose all that appl...

Rebecca has noted multiple entries in her logs about users attempting to connect on ports that are either not opened or ports that are not for public usage. How can she restrict th...

John is discussing security with Jane. Jane had mentioned to John earlier that she suspects an LKM has been installed on her server. She believes this is the reason that the server...

Which of the following snort rules look for FTP root login attempts?

After studying the following log entries, how many user IDs can you identify that the attacker has tampered with? 1. mkdir -p /etc/X11/applnk/Internet/.etc 2. mkdir -p /etc/X11/app...

Rebecca is a security analyst and knows of a local root exploit that has the ability to enable local users to use available exploits to gain root privileges. This vulnerability exp...

What is Cygwin?

Ron has configured his network to provide strong perimeter security. As part of his network architecture, he has included a host that is fully exposed to attack. The system is on t...

After studying the following log entries, what is the attacker ultimately trying to achieve as inferred from the log sequence? 1. mkdir -p /etc/X11/applnk/Internet/.etc 2. mkdir -p...

Clive is conducting a pen-test and has just port scanned a system on the network. He has identified the operating system as Linux and been able to elicit responses from ports 23, 2...

On a backdoored Linux box there is a possibility that legitimate programs are modified or trojaned. How is it possible to list processes and uids associated with them in a more rel...

Peter is a Linux network admin. As a knowledgeable security consultant, he turns to you to look for help on a firewall. He wants to use Linux as his firewall and use the latest fre...

Study the log given in the exhibit, Precautionary measures to prevent this attack would include writing firewall rules. Of these firewall rules, which among the following would be...

You are attempting to map out the firewall policy for an organization. You discover your target system is one hop beyond the firewall. Using hping2, you send SYN packets with the e...

Once an intruder has gained access to a remote system with a valid username and password, the attacker will attempt to increase his privileges by escalating the used account to one...

Which one of the following attacks will pass through a network layer intrusion detection system undetected?

Why would an ethical hacker use the technique of firewalking?