EC0-350試験無料問題集（878題）「EC-COUNCIL Ethical hacking and countermeasures 認定」

出題：1

What will the following command produce on a website's login page if executed successfully? SELECT email, passwd, login_id, full_name FROM members WHERE email = '[email protected]'; DROP TABLE members; --'

A. This command will not produce anything since the syntax is incorrect.

B. This command will delete the entire members table.

C. This code will insert the [email protected] email address into the members table.

D. It retrieves the password for the first user in the members table.

正解：B 解答を投票する

出題：2

WinDump is a popular sniffer which results from the porting to Windows of TcpDump for Linux. What library does it use?

A. Wincap

B. None of the above

C. WinPcap

D. LibPcap

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：3

In Buffer Overflow exploit, which of the following registers gets overwritten with return address of the exploit code?

A. EAP

B. EEP

C. EIP

D. ESP

正解：C 解答を投票する

出題：4

Joel and her team have been going through tons of garbage, recycled paper, and other rubbish in order to find some information about the target they are attempting to penetrate. How would you call this type of activity?

A. CI Gathering

B. Scanning

C. Garbage Scooping

D. Dumpster Diving

正解：D 解答を投票する

出題：5

What is a primary advantage a hacker gains by using encryption or programs such as Loki?

A. Traffic will not be modified in transit

B. IDS systems are unable to decrypt it

C. It slows down the effective response of an IDS

D. It is effective against Windows computers

E. It allows an easy way to gain administrator rights

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：6

The follows is an email header. What address is that of the true originator of the message?

A. 215.52.220.122

B. 168.150.84.123

C. 8.10.2/8.10.2

D. 19.25.19.10

E. 51.32.123.21

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：7

Bob wants to prevent attackers from sniffing his passwords on the wired network. Which of the following lists the best options?

A. RSA, LSA, POP

B. SMB, SMTP, Smart card

C. SSID, WEP, Kerberos

D. Kerberos, Smart card, Stanford SRP

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：8

While investigating a claim of a user downloading illegal material, the investigator goes through the files on the suspect's workstation. He comes across a file that is just called "file.txt" but when he opens it, he finds the following:

What can he infer from this file?

A. A buffer overflow

B. An encrypted file

C. An encoded file

D. A picture that has been renamed with a .txt extension

正解：A 解答を投票する

出題：9

Study the snort rule given below and interpret the rule.
alert tcp any any --> 192.168.1.0/24 111 (content:"|00 01 86 a5|"; msG. "mountd access";)

A. An alert is generated when a TCP packet originating from any IP address is seen on the network and destined for any IP address on the 192.168.1.0 subnet on port 111

B. An alert is generated when a TCP packet is originated from port 111 of any IP address to the 192.168.1.0 subnet

C. An alert is generated when a TCP packet is generated from any IP on the 192.168.1.0 subnet and destined to any IP on port 111

D. An alert is generated when any packet other than a TCP packet is seen on the network and destined for the 192.168.1.0 subnet

正解：A 解答を投票する

出題：10

You are doing IP spoofing while you scan your target. You find that the target has port 23 open. Anyway you are unable to connect. Why?

A. The OS does not reply to telnet even if port 23 is open

B. You need an automated telnet tool

C. You cannot spoof + TCP

D. A firewall is blocking port 23

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：11

__________ is found in all versions of NTFS and is described as the ability to fork file data into existing files without affecting their functionality, size, or display to traditional file browsing utilities like dir or Windows Explorer

A. Steganography

B. Merge Streams

C. Alternate Data Streams

D. NetBIOS vulnerability

正解：C 解答を投票する

出題：12

Which of the following attacks takes best advantage of an existing authenticated connection?

A. Session Hijacking

B. Spoofing

C. Password Guessing

D. Password Sniffing

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：13

This attack uses social engineering techniques to trick users into accessing a fake Web site and divulging personal information. Attackers send a legitimate-looking e-mail asking users to update their information on the company's Web site, but the URLs in the e-mail actually point to a false Web site.

A. Man-in-the-Middle attack

B. Switch and bait attack

C. Phishing attack

D. Wiresharp attack

正解：C 解答を投票する

出題：14

You find the following entries in your web log. Each shows attempted access to either root.exe or cmd.exe.
What caused this?

A. The Morris worm

B. The PIF virus

C. Nimda

D. Code Red

E. Ping of Death

F. Trinoo

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：15

Which protocol and port number might be needed in order to send log messages to a log analysis tool that resides behind a firewall?

A. UDP 541

B. UDP 123

C. UDP 415

D. UDP 514

正解：D 解答を投票する

出題：16

Which of the following can take an arbitrary length of input and produce a message digest output of 160 bit?

A. MD5

B. SHA-1

C. HAVAL

D. MD4

正解：B 解答を投票する

出題：17

You receive an e-mail with the following text message.
"Microsoft and HP today warned all customers that a new, highly dangerous virus has been discovered which will erase all your files at midnight. If there's a file called hidserv.exe on your computer, you have been infected and your computer is now running a hidden server that allows hackers to access your computer. Delete the file immediately. Please also pass this message to all your friends and colleagues as soon as possible." You launch your antivirus software and scan the suspicious looking file hidserv.exe located in c:\windows directory and the AV comes out clean meaning the file is not infected. You view the file signature and confirm that it is a legitimate Windows system file "Human Interface Device Service".
What category of virus is this?

A. Virus hoax

B. Spooky Virus

C. Polymorphic Virus

D. Stealth Virus

正解：A 解答を投票する

出題：18

Which solution can be used to emulate computer services, such as mail and ftp, and to capture information related to logins or actions?

A. Firewall

B. Layer 4 switch

C. Honeypot

D. Core server

正解：C 解答を投票する

出題：19

On wireless networks, SSID is used to identify the network. Why are SSID not considered to be a good security mechanism to protect a wireless networks?

A. The SSID is only 32 bits in length.

B. The SSID is transmitted in clear text.

C. The SSID is the same as the MAC address for all vendors.

D. The SSID is to identify a station, not a network.

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

EC0-350試験無料問題集「EC-COUNCIL Ethical hacking and countermeasures 認定」