Latest ECCouncil 312-50v8 Real Exam Download 841-850

EnsurepassQUESTION 841 What type of attack changes its signature and/or payload to avoid detection by antivirus programs?   A. Polymorphic B. Rootkit C. Boot sector D. File infecting   Answer: A  In computer terminology,polymorphic code is code that mutates while keeping the original algorithm intact. This technique is sometimes used by computer viruses,shellcodes and computer worms to hide their presence.     QUESTION 842 You may be able to identify Read more [...]

Latest ECCouncil 312-50v8 Real Exam Download 831-840

EnsurepassQUESTION 831 Bill has successfully executed a buffer overflow against a Windows IIS web server. He has been able to spawn an interactive shell and plans to deface the main web page. He first attempts to use the pEchoq command to simply overwrite index.html and remains unsuccessful. He then attempts to delete the page and achieves no progress. Finally, he tries to overwrite it with another page again in vain. What is the probable cause of Billos problem?   A. The system is a Read more [...]

Latest ECCouncil 312-50v8 Real Exam Download 821-830

EnsurepassQUESTION 821 Which one of the following attacks will pass through a network layer intrusion detection system undetected?   A. A teardrop attack B. A SYN flood attack C. A DNS spoofing attack D. A test.cgi attack   Answer: D  Because a network-based IDS reviews packets and headers,it can also detect denial of service (DoS) attacks Not A or B: The following sections discuss some of the possible DoS attacks available. Smurf Fraggle SYN Flood Teardrop DNS DoS Read more [...]

Latest ECCouncil 312-50v8 Real Exam Download 811-820

EnsurepassQUESTION 811 Rebecca is a security analyst and knows of a local root exploit that has the ability to enable local users to use available exploits to gain root privileges. This vulnerability exploits a condition in the Linux kernel within the execve() system call. There is no known workaround that exists for this vulnerability. What is the correct action to be taken by Rebecca in this situation as a recommendation to management?   A. Rebecca should make a recommendation to disable Read more [...]

Latest ECCouncil 312-50v8 Real Exam Download 801-810

EnsurepassQUESTION 801 Joe the Hacker breaks into XYZos Linux system and plants a wiretap program in order to sniff passwords and user accounts off the wire. The wiretap program is embedded as a Trojan horse in one of the network utilities. Joe is worried that network administrator might detect the wiretap program by querying the interfaces to see if they are running in promiscuous mode. What can Joe do to hide the wiretap program from being detected by ifconfig command?   A. Block Read more [...]

Latest ECCouncil 312-50v8 Real Exam Download 791-800

EnsurepassQUESTION 791 You find the following entries in your web log. Each shows attempted access to either root.exe or cmd.exe. What caused this? A. The Morris worm B. The PIF virus C. Trinoo D. Nimda E. Code Red F. Ping of Death   Answer: D  The Nimda worm modifies all web content files it finds. As a result,any user browsing web content on the system,whether via the file system or via a web server,may download a copy of the worm. Some browsers may automatically Read more [...]

Latest ECCouncil 312-50v8 Real Exam Download 781-790

EnsurepassQUESTION 781 Derek has stumbled upon a wireless network and wants to assess its security. However, he does not find enough traffic for a good capture. He intends to use AirSnort on the captured traffic to crack the WEP key and does not know the IP address range or the AP. How can he generate traffic on the network so that he can capture enough packets to crack the WEP key?   A. Use any ARP requests found in the capture B. Derek can use a session replay on the packets captured Read more [...]

Latest ECCouncil 312-50v8 Real Exam Download 771-780

EnsurepassQUESTION 771 802.11b is considered a ____________ protocol.   A. Connectionless B. Secure C. Unsecure D. Token ring based E. Unreliable   Answer: C  802.11b is an insecure protocol. It has many weaknesses that can be used by a hacker.     QUESTION 772 While probing an organization you discover that they have a wireless network. From your attempts to connect to the WLAN you determine that they have deployed MAC filtering by using ACL on the Read more [...]

Latest ECCouncil 312-50v8 Real Exam Download 761-770

EnsurepassQUESTION 761 Look at the following SQL query. SELECT * FROM product WHERE PCategory='computers' or 1=1--' What will it return? Select the best answer.   A. All computers and all 1's B. All computers C. All computers and everything else D. Everything except computers   Answer: C  The 1=1 tells the SQL database to return everything,a simplified statement would be SELECT * FROM product WHERE 1=1 (which will always be true for all columns). Thus,this query Read more [...]

Latest ECCouncil 312-50v8 Real Exam Download 751-760

EnsurepassQUESTION 751 _________ ensures that the enforcement of organizational security policy does not rely on voluntary web application user compliance. It secures information by assigning sensitivity labels on information and comparing this to the level of security a user is operating at.   A. Mandatory Access Control B. Authorized Access Control C. Role-based Access Control D. Discretionary Access Control   Answer: A  In computer security,mandatory access control Read more [...]

Latest ECCouncil 312-50v8 Real Exam Download 741-750

EnsurepassQUESTION 741 Clive has been hired to perform a Black-Box test by one of his clients. How much information will Clive obtain from the client before commencing his test?   A. IP Range,OS,and patches installed. B. Only the IP address range. C. Nothing but corporate name. D. All that is available from the client site.   Answer: C  Penetration tests can be conducted in one of two ways: black-box (with no prior knowledge the infrastructure to be tested) or white-box Read more [...]

Latest ECCouncil 312-50v8 Real Exam Download 731-740

EnsurepassQUESTION 731 This kind of attack will let you assume a users identity at a dynamically generated web page or site:   A. SQL Injection B. Cross Site Scripting C. Session Hijacking D. Zone Transfer   Answer: B  Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications which allow code injection by malicious web users into the web pages viewed by other users. Examples of such code include HTML code and client-side Read more [...]

Latest ECCouncil 312-50v8 Real Exam Download 721-730

EnsurepassQUESTION 721 You have successfully run a buffer overflow attack against a default IIS installation running on a Windows 2000 Server. The server allows you to spawn a shell. In order to perform the actions you intend to do, you need elevated permission. You need to know what your current privileges are within the shell. Which of the following options would be your current privileges?   A. Administrator B. IUSR_COMPUTERNAME C. LOCAL_SYSTEM D. Whatever account IIS was installed Read more [...]

Latest ECCouncil 312-50v8 Real Exam Download 711-720

EnsurepassQUESTION 711 Peter is a Network Admin. He is concerned that his network is vulnerable to a smurf attack. What should Peter do to prevent a smurf attack? Select the best answer.   A. He should disable unicast on all routers B. Disable multicast on the router C. Turn off fragmentation on his router D. Make sure all anti-virus protection is updated on all systems E. Make sure his router won't take a directed broadcast   Answer: E  Explanations: Unicasts are Read more [...]

Latest ECCouncil 312-50v8 Real Exam Download 701-710

EnsurepassQUESTION 701 What do you call a system where users need to remember only one username and password, and be authenticated for multiple services?   A. Simple Sign-on B. Unique Sign-on C. Single Sign-on D. Digital Certificate   Answer: C  Single sign-on (SSO) is a specialized form of software authentication that enables a user to authenticate once and gain access to the resources of multiple software systems.     QUESTION 702 Clive has been monitoring Read more [...]

Latest ECCouncil 312-50v8 Real Exam Download 691-700

EnsurepassQUESTION 691 Exhibit: You have captured some packets in Ethereal. You want to view only packets sent from 10.0.0.22. What filter will you apply?   A. ip = 10.0.0.22 B. ip.src == 10.0.0.22 C. ip.equals 10.0.0.22 D. ip.address = 10.0.0.22   Answer: B  ip.src tells the filter to only show packets with 10.0.0.22 as the source.     QUESTION 692 Tess King, the evil hacker, is purposely sending fragmented ICMP packets to a remote target. The total Read more [...]

Latest ECCouncil 312-50v8 Real Exam Download 681-690

EnsurepassQUESTION 681 Samantha was hired to perform an internal security test of XYZ. She quickly realized that all networks are making use of switches instead of traditional hubs. This greatly limits her ability to gather information through network sniffing. Which of the following techniques can she use to gather information from the switched network or to disable some of the traffic isolation features of the switch? (Choose two)   A. Ethernet Zapping B. MAC Flooding C. Sniffing Read more [...]

Latest ECCouncil 312-50v8 Real Exam Download 671-680

EnsurepassQUESTION 671 In Linux, the three most common commands that hackers usually attempt to Trojan are:   A. car,xterm,grep B. netstat,ps,top C. vmware,sed,less D. xterm,ps,nc   Answer: B  The easiest programs to trojan and the smartest ones to trojan are ones commonly run by administrators and users,in this case netstat,ps,and top,for a complete list of commonly trojaned and rootkited software please reference this URL: http://www.usenix.org/publications/login/1999-9/features/rootkits.html Read more [...]