EC0-350 Exam Questions

What is the correct command to run Netcat on a server using port 56 that spawns command shell when connected?

SNMP is a connectionless protocol that uses UDP instead of TCP packets (True or False)

TCP/IP Session Hijacking is carried out in which OSI layer?

In which part of OSI layer, ARP Poisoning occurs?

You want to hide a secret.txt document inside c:\windows\system32\tcpip.dll kernel library using ADS streams. How will you accomplish this?

You just purchased the latest DELL computer, which comes pre-installed with Windows 7, McAfee antivirus software and a host of other applications. You want to connect Ethernet wire...

In the context of Trojans, what is the definition of a Wrapper?

Your computer is infected by E-mail tracking and spying Trojan. This Trojan infects the computer with a single file - emos.sys. Which step would you perform to detect this type of...

Which type of hacker represents the highest risk to your network?

Shayla is an IT security consultant, specializing in social engineering and external penetration tests. Shayla has been hired on by Treks Avionics, a subcontractor for the Departme...

What port number is used by Kerberos protocol?

What does FIN in TCP flag define?

Annie has just succeeded in stealing a secure cookie via a XSS attack. She is able to replay the cookie even while the session is invalid on the server. Why do you think this is po...

This attack technique is used when a Web application is vulnerable to an SQL Injection but the results of the Injection are not visible to the attacker.

A common technique for luring e-mail users into opening virus-launching attachments is to send messages that would appear to be relevant or important to many of their potential rec...

What file system vulnerability does the following command take advantage of? type c:\anyfile.exe > c:\winnt\system32\calc.exe:anyfile.exe

You are the Security Administrator of Xtrinity, Inc. You write security policies and conduct assessments to protect the company's network. During one of your periodic checks to see...

In what stage of Virus life does a stealth virus gets activated with the user performing certain actions such as running an infected program?

What is a sniffing performed on a switched network called?

A rootkit is a collection of tools (programs) that enable administrator-level access to a computer. This program hides itself deep into an operating system for malicious activity a...

Which Steganography technique uses Whitespace to hide secret messages?

Cyber Criminals have long employed the tactic of masking their true identity. In IP spoofing, an attacker gains unauthorized access to a computer or a network by making it appear t...

An organization contacts you to perform a security assessment of their network. They want you to focus more on the possible vulnerabilities of the infrastructure as opposed to havi...

You are in the process of conducting a security asessment against targetcompany.com. You suspect that there may be errors in their DNS server configuration and you want to use nslo...

You have been hired to perform a security assessment on an organization's network. You feel as though you have gained enough preliminary information and you are ready to begin scan...

Judy has been hired to perform a penetration test on a large network. She has already performed reconnaissance on the network, she now needs to find a point of entry. She begins by...

You and a colleague are performing password auditing for a company. After gathering all of the password hashes, he informs you that he has encountered multiple hashes in which the...

What type of program is commonly used to bind a Trojan horse to a legitimate file?

You deploy a network sniffer on a target network and plan to check the progress a couple of days later. Assuming all of the following protocols are used in the network, what types...

Based on the following command for Cisco routers, which type of attack is being prevented? No ip directed-broadcasts

A user at an organization receives a phone call in which the caller introduces himself as a member of the IT department. He explains that he received an alert that there may be a v...

During the TCP three way handshake, the client sends a SYN along with the ISN he will begin using. The server then responds with a SYN and ACK. After this step, before the client s...

You are the administrator for a medium sized network and are in charge of maintaining the company's web servers. While reviewing the logs, you come across some unusual entries that...

You are the administrator for a network. An employee comes to you and says that they were checking their email and something strange happened. They were navigating their Inbox when...

Which of the following authentication methods is based on a challenge-response model and uses the MD5 algorithm?

Based on the following error, which has taken place? "Microsoft OLE DB Provider for ODBC Drivers (0x80040E14)"

You have been put in charge of securing a small wireless network for a hotel. They want to use open authentication, but they want you to setup the network so people in adjacent bui...

A user on your network calls you and says that Microsoft Word is acting funny. You investigate the situation and eventually decide to run a virus scan, which shows the user's pc is...

You are in charge of the mail servers for your network. Due to security concerns, you have been asked to find and implement an encryption algorithm that can be used to encrypt outg...

You almost have your Linux machine up and running, but you need to install one last program before finishing. You run 'tar -xzvf', which creates a directory called 'New Program'. I...

You work for a very security-conscious company. You have recently been informed of a technique known as 'firewalking' and you want to prohibit anyone from being able to use it agai...

Which of the following pairs is correctly associated with the stack segment of memory?