EC0-350試験無料問題集（878題）「EC-COUNCIL Ethical hacking and countermeasures 認定」

出題：1

Which Type of scan sends a packets with no flags set? Select the Answer

A. Half-Open Scan

B. Null Scan

C. Open Scan

D. Xmas Scan

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：2

You receive an e-mail with the following text message.
"Microsoft and HP today warned all customers that a new, highly dangerous virus has been discovered which will erase all your files at midnight. If there's a file called hidserv.exe on your computer, you have been infected and your computer is now running a hidden server that allows hackers to access your computer. Delete the file immediately. Please also pass this message to all your friends and colleagues as soon as possible." You launch your antivirus software and scan the suspicious looking file hidserv.exe located in c:\windows directory and the AV comes out clean meaning the file is not infected. You view the file signature and confirm that it is a legitimate Windows system file "Human Interface Device Service".
What category of virus is this?

A. Virus hoax

B. Spooky Virus

C. Polymorphic Virus

D. Stealth Virus

正解：A 解答を投票する

出題：3

Peter extracts the SIDs list from Windows 2000 Server machine using the hacking tool "SIDExtractor". Here is the output of the SIDs:

From the above list identify the user account with System Administrator privileges.

A. Sheela

B. Somia

C. Chang

D. Rebecca

E. Shawn

F. John

G. Micah

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：4

Rebecca has noted multiple entries in her logs about users attempting to connect on ports that are either not opened or ports that are not for public usage. How can she restrict this type of abuse by limiting access to only specific IP addresses that are trusted by using one of the built-in Linux Operating System tools?

A. Configure and enable portsentry on his server.

B. Configure rules using ipchains.

C. Install an intrusion detection system on her computer such as Snort.

D. Ensure all files have at least a 755 or more restrictive permissions.

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：5

What is the main difference between a "Normal" SQL Injection and a "Blind" SQL Injection vulnerability?

A. The request to the web server is not visible to the administrator of the vulnerable application.

B. The attack is called "Blind" because, although the application properly filters user input, it is still vulnerable to code injection.

C. The successful attack does not show an error message to the administrator of the affected application.

D. The vulnerable application does not display errors with information about the injection results to the attacker.

正解：D 解答を投票する

出題：6

Which of the following is one of the key features found in a worm but not seen in a virus?

A. The payload is very small, usually below 800 bytes.

B. It does not have the ability to propagate on its own.

C. It is self replicating without need for user intervention.

D. All of them cannot be detected by virus scanners.

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：7

Which tool is used to automate SQL injections and exploit a database by forcing a given web application to connect to another database controlled by a hacker?

A. DataThief

B. SQLInjector

C. NetCat

D. Cain and Abel

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：8

What makes web application vulnerabilities so aggravating? (Choose two)

A. They can be launched through an authorized port.

B. A firewall will not stop them.

C. They exist only on the Linux platform.

D. They are detectable by most leading antivirus software.

正解：A,B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：9

In the context of Trojans, what is the definition of a Wrapper?

A. A tool used to bind the Trojan with a legitimate file

B. A tool used to calculate bandwidth and CPU cycles wasted by the Trojan

C. A tool used to encapsulate packets within a new header and footer

D. An encryption tool to protect the Trojan

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：10

Use the traceroute results shown above to answer the following question:

The perimeter security at targetcorp.com does not permit ICMP TTL-expired packets out.

A. True

B. False

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：11

While scanning a network you observe that all of the web servers in the DMZ are responding to ACK packets on port 80.
What can you infer from this observation?

A. They are using UNIX based web servers.

B. They are using Windows based web servers.

C. They are not using a stateful inspection firewall.

D. They are not using an intrusion detection system.

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：12

What is the default Password Hash Algorithm used by NTLMv2?

A. DES

B. MD5

C. SHA-1

D. MD4

正解：B 解答を投票する

出題：13

A certified ethical hacker (CEH) is approached by a friend who believes her husband is cheating. She offers to pay to break into her husband's email account in order to find proof so she can take him to court. What is the ethical response?

A. Say no; make sure that the friend knows the risk she's asking the CEH to take.

B. Say yes; the friend needs help to gather evidence.

C. Say no; the friend is not the owner of the account.

D. Say yes; do the job for free.

正解：C 解答を投票する

出題：14

To send a PGP encrypted message, which piece of information from the recipient must the sender have before encrypting the message?

A. Recipient's private key

B. Recipient's public key

C. Sender's public key

D. Master encryption key

正解：B 解答を投票する

出題：15

_________ is a tool that can hide processes from the process list, can hide files, registry entries, and intercept keystrokes.

A. Trojan

B. Scanner

C. RootKit

D. Backdoor

E. DoS tool

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：16

Which of the following encryption is NOT based on block cipher?

A. DES

B. RC4

C. Blowfish

D. AES (Rijndael)

正解：B 解答を投票する

出題：17

A tester is attempting to capture and analyze the traffic on a given network and realizes that the network has several switches. What could be used to successfully sniff the traffic on this switched network? (Choose three.)

A. ARP broadcasting

B. MAC duplication

C. MAC flooding

D. Reverse smurf attack

E. SYN flood

F. ARP spoofing

正解：B,C,F 解答を投票する

出題：18

Windows LAN Manager (LM) hashes are known to be weak. Which of the following are known weaknesses of LM? (Choose three)

A. Converts passwords to uppercase.

B. Makes use of only 32 bit encryption.

C. Effective length is 7 characters.

D. Hashes are sent in clear text over the network.

正解：A,C,D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：19

Ron has configured his network to provide strong perimeter security. As part of his network architecture, he has included a host that is fully exposed to attack. The system is on the public side of the demilitarized zone, unprotected by a firewall or filtering router. What would you call such a host?

A. Bastion Host

B. DMZ host

C. DWZ host

D. Honeypot

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

EC0-350試験無料問題集「EC-COUNCIL Ethical hacking and countermeasures 認定」