CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. EC0-350

Free EC0-350 Exam Braindumps (page: 21)

Page 20 of 191
PDF with 878 Questions

In an attempt to secure his 802.11b wireless network, Bob decides to use strategic antenna positioning. He places the antenna for the access point near the center of the building. For those access points near the outer edge of the building he uses semi-directional antennas that face towards the buildings center. There is a large parking lot and outlying filed surrounding the building that extends out half a mile around the building. Bob figures that with this and his placement of antennas, his wireless network will be safe from attack. Which of he following statements is true?

  1. Bob’s network will not be safe until he also enables WEP
  2. With the 300-foot limit of a wireless signal, Bob’s network is safe
  3. Bob’s network will be sage but only if he doesn’t switch to 802.11a
  4. Wireless signals can be detected from miles away; Bob’s network is not safe

Answer(s): D

Explanation:

It’s all depending on the capacity of the antenna that a potential hacker will use in order to gain access to the wireless net.



You have just installed a new Linux file server at your office. This server is going to be used by several individuals in the organization, and unauthorized personnel must not be able to modify any data.
What kind of program can you use to track changes to files on the server?

  1. Network Based IDS (NIDS)
  2. Personal Firewall
  3. System Integrity Verifier (SIV)
  4. Linux IP Chains

Answer(s): C

Explanation:

System Integrity Verifiers like Tripwire aids system administrators and users in monitoring a designated set of files for any changes. Used with system files on a regular (e.g., daily) basis, Tripwire can notify system administrators of corrupted or tampered files, so damage control measures can be taken in a timely manner.



Bob has been hired to do a web application security test. Bob notices that the site is dynamic and infers that they mist be making use of a database at the application back end. Bob wants to validate whether SQL Injection would be possible.
What is the first character that Bob should use to attempt breaking valid SQL requests?

  1. Semi Column
  2. Double Quote
  3. Single Quote
  4. Exclamation Mark

Answer(s): C

Explanation:

In SQL single quotes are used around values in queries, by entering another single quote Bob tests if the application will submit a null value and probably returning an error.



Jess the hacker runs L0phtCrack’s built-in sniffer utility which grabs SMB password hashes and stores them for offline cracking. Once cracked, these passwords can provide easy access to whatever network resources the user account has access to.
But Jess is not picking up hashed from the network.
Why?

  1. The network protocol is configured to use SMB Signing.
  2. The physical network wire is on fibre optic cable.
  3. The network protocol is configured to use IPSE
  4. L0phtCrack SMB filtering only works through Switches and not Hubs.

Answer(s): A

Explanation:

To protect against SMB session hijacking, NT supports a cryptographic integrity mechanism, SMB Signing, to prevent active network taps from interjecting themselves into an already established session.






Post your Comments and Discuss EC-Council EC0-350 exam with other Community members:

EC0-350 Discussions & Posts