CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. EC0-350

Free EC0-350 Exam Braindumps (page: 16)

Page 15 of 191
PDF with 878 Questions

John is a keen administrator, and has followed all of the best practices as he could find on securing his Windows Server. He has renamed the Administrator account to a new name that he is sure cannot be easily guessed. However, there are people who already attempt to compromise his newly renamed administrator account.
How is it possible for a remote attacker to decipher the name of the administrator account if it has been renamed?

  1. The attacker used the user2sid program.
  2. The attacker used the sid2user program.
  3. The attacker used nmap with the –V switch.
  4. The attacker guessed the new name.

Answer(s): B

Explanation:

User2sid.exe can retrieve a SID from the SAM (Security Accounts Manager) from the local or a remote machine Sid2user.exe can then be used to retrieve the names of all the user accounts and more. These utilities do not exploit a bug but call the functions LookupAccountName and LookupAccountSid respectively. What is more these can be called against a remote machine without providing logon credentials save those needed for a null session connection.



Study the snort rule given below:

From the options below, choose the exploit against which this rule applies.

  1. WebDav
  2. SQL Slammer
  3. MS Blaster
  4. MyDoom

Answer(s): C

Explanation:

MS Blaster scans the Internet for computers that are vulnerable to its attack. Once found, it tries to enter the system through the port 135 to create a buffer overflow. TCP ports 139 and 445 may also provide attack vectors.



While performing a ping sweep of a subnet you receive an ICMP reply of Code 3/Type 13 for all the pings sent out.
What is the most likely cause behind this response?

  1. The firewall is dropping the packets.
  2. An in-line IDS is dropping the packets.
  3. A router is blocking ICMP.
  4. The host does not respond to ICMP packets.

Answer(s): C

Explanation:

Type 3 message = Destination Unreachable [RFC792], Code 13 (cause) = Communication Administratively Prohibited [RFC1812]



Who is an Ethical Hacker?

  1. A person who hacks for ethical reasons
  2. A person who hacks for an ethical cause
  3. A person who hacks for defensive purposes
  4. A person who hacks for offensive purposes

Answer(s): C

Explanation:

The Ethical hacker is a security professional who applies his hacking skills for defensive purposes.






Post your Comments and Discuss EC-Council EC0-350 exam with other Community members:

EC0-350 Discussions & Posts