EC0-350 Exam Dumps - Ethical Hacking and Countermeasures V8

Go to page:

<< First
Prev
2
3
4
5
6
7
8
9
10
11
Next
Last >>

Question # 49

You are trying to hijack a telnet session from a victim machine with IP address 10.0.0.5 to Cisco router at 10.0.0.1. You sniff the traffic and attempt to predict the sequence and acknowledgement numbers to successfully hijack the telnet session.

Here is the captured data in tcpdump.

What are the next sequence and acknowledgement numbers that the router will send to the victim machine?

Sequence number: 82980070 Acknowledgement number: 17768885A.

Sequence number: 17768729 Acknowledgement number: 82980070B.

Sequence number: 87000070 Acknowledgement number: 85320085C.

Sequence number: 82980010 Acknowledgement number: 17768885D.

Full Access

Question # 50

Which of the following Exclusive OR transforms bits is NOT correct?

0 xor 0 = 0

1 xor 0 = 1

1 xor 1 = 1

0 xor 1 = 1

Full Access

Question # 51

How do you defend against DHCP Starvation attack?

Enable ARP-Block on the switch

Enable DHCP snooping on the switch

Configure DHCP-BLOCK to 1 on the switch

Install DHCP filters on the switch to block this attack

Full Access

Question # 52

What does FIN in TCP flag define?

Used to abort a TCP connection abruptly

Used to close a TCP connection

Used to acknowledge receipt of a previous packet or transmission

Used to indicate the beginning of a TCP connection

Full Access

Question # 53

You are the Security Administrator of Xtrinity, Inc. You write security policies and conduct assessments to protect the company's network. During one of your periodic checks to see how well policy is being observed by the employees, you discover an employee has attached cell phone 3G modem to his telephone line and workstation. He has used this cell phone 3G modem to dial in to his workstation, thereby bypassing your firewall. A security breach has occurred as a direct result of this activity. The employee explains that he used the modem because he had to download software for a department project. How would you resolve this situation?

Reconfigure the firewall

Enforce the corporate security policy

Install a network-based IDS

Conduct a needs analysis

Full Access

Question # 54

Steven the hacker realizes the network administrator of Acme Corporation is using syskey in Windows 2008 Server to protect his resources in the organization. Syskey independently encrypts the hashes so that physical access to the server, tapes, or ERDs is only first step to cracking the passwords. Steven must break through the encryption used by syskey before he can attempt to use brute force dictionary attacks on the hashes. Steven runs a program called "SysCracker" targeting the Windows 2008 Server machine in attempting to crack the hash used by Syskey. He needs to configure the encryption level before he can launch the attack. How many bits does Syskey use for encryption?

40-bit encryption

128-bit encryption

256-bit encryption

64-bit encryption

Full Access

Question # 55

TCP SYN Flood attack uses the three-way handshake mechanism.

1. An attacker at system A sends a SYN packet to victim at system B.

2. System B sends a SYN/ACK packet to victim A.

3. As a normal three-way handshake mechanism system A should send an ACK packet to system B, however, system A does not send an ACK packet to system B. In this case client B is waiting for an ACK packet from client A.

This status of client B is called _________________

"half-closed"

"half open"

"full-open"

"xmas-open"

Full Access

Question # 56

While performing a ping sweep of a local subnet you receive an ICMP reply of Code 3/Type 13 for all the pings you have sent out. What is the most likely cause of this?

The firewall is dropping the packets

An in-line IDS is dropping the packets

A router is blocking ICMP

The host does not respond to ICMP packets

Full Access

Go to page: