Latest ECCouncil 312-50v8 Real Exam Download 841-850

EnsurepassQUESTION 841 What type of attack changes its signature and/or payload to avoid detection by antivirus programs?   A. Polymorphic B. Rootkit C. Boot sector D. File infecting   Answer: A  In computer terminology,polymorphic code is code that mutates while keeping the original algorithm intact. This technique is sometimes used by computer viruses,shellcodes and computer worms to hide their presence.     QUESTION 842 You may be able to identify Read more [...]

Latest ECCouncil 312-50v8 Real Exam Download 831-840

EnsurepassQUESTION 831 Bill has successfully executed a buffer overflow against a Windows IIS web server. He has been able to spawn an interactive shell and plans to deface the main web page. He first attempts to use the pEchoq command to simply overwrite index.html and remains unsuccessful. He then attempts to delete the page and achieves no progress. Finally, he tries to overwrite it with another page again in vain. What is the probable cause of Billos problem?   A. The system is a Read more [...]

Latest ECCouncil 312-50v8 Real Exam Download 821-830

EnsurepassQUESTION 821 Which one of the following attacks will pass through a network layer intrusion detection system undetected?   A. A teardrop attack B. A SYN flood attack C. A DNS spoofing attack D. A test.cgi attack   Answer: D  Because a network-based IDS reviews packets and headers,it can also detect denial of service (DoS) attacks Not A or B: The following sections discuss some of the possible DoS attacks available. Smurf Fraggle SYN Flood Teardrop DNS DoS Read more [...]

Latest ECCouncil 312-50v8 Real Exam Download 811-820

EnsurepassQUESTION 811 Rebecca is a security analyst and knows of a local root exploit that has the ability to enable local users to use available exploits to gain root privileges. This vulnerability exploits a condition in the Linux kernel within the execve() system call. There is no known workaround that exists for this vulnerability. What is the correct action to be taken by Rebecca in this situation as a recommendation to management?   A. Rebecca should make a recommendation to disable Read more [...]

Latest ECCouncil 312-50v8 Real Exam Download 801-810

EnsurepassQUESTION 801 Joe the Hacker breaks into XYZos Linux system and plants a wiretap program in order to sniff passwords and user accounts off the wire. The wiretap program is embedded as a Trojan horse in one of the network utilities. Joe is worried that network administrator might detect the wiretap program by querying the interfaces to see if they are running in promiscuous mode. What can Joe do to hide the wiretap program from being detected by ifconfig command?   A. Block Read more [...]

Latest ECCouncil 312-50v8 Real Exam Download 791-800

EnsurepassQUESTION 791 You find the following entries in your web log. Each shows attempted access to either root.exe or cmd.exe. What caused this? A. The Morris worm B. The PIF virus C. Trinoo D. Nimda E. Code Red F. Ping of Death   Answer: D  The Nimda worm modifies all web content files it finds. As a result,any user browsing web content on the system,whether via the file system or via a web server,may download a copy of the worm. Some browsers may automatically Read more [...]

Latest ECCouncil 312-50v8 Real Exam Download 781-790

EnsurepassQUESTION 781 Derek has stumbled upon a wireless network and wants to assess its security. However, he does not find enough traffic for a good capture. He intends to use AirSnort on the captured traffic to crack the WEP key and does not know the IP address range or the AP. How can he generate traffic on the network so that he can capture enough packets to crack the WEP key?   A. Use any ARP requests found in the capture B. Derek can use a session replay on the packets captured Read more [...]