CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. EC0-350

Free EC0-350 Exam Braindumps (page: 28)

Page 27 of 191
PDF with 878 Questions

A user on your Windows 2000 network has discovered that he can use L0phtcrack to sniff the SMB exchanges which carry user logons. The user is plugged into a hub with 23 other systems. However, he is unable to capture any logons though he knows that other users are logging in.
What do you think is the most likely reason behind this?

  1. There is a NIDS present on that segment.
  2. Kerberos is preventing it.
  3. Windows logons cannot be sniffed.
  4. L0phtcrack only sniffs logons to web servers.

Answer(s): B

Explanation:

In a Windows 2000 network using Kerberos you normally use pre-authentication and the user password never leaves the local machine so it is never exposed to the network so it should not be able to be sniffed.



Bob has been hired to perform a penetration test on ABC.com. He begins by looking at IP address ranges owned by the company and details of domain name registration. He then goes to News Groups and financial web sites to see if they are leaking any sensitive information of have any technical details online.
Within the context of penetration testing methodology, what phase is Bob involved with?

  1. Passive information gathering
  2. Active information gathering
  3. Attack phase
  4. Vulnerability Mapping

Answer(s): A

Explanation:

He is gathering information and as long as he doesn’t make contact with any of the targets systems he is considered gathering this information in a passive mode.



Where should a security tester be looking for information that could be used by an attacker against an organization? (Select all that apply)

  1. CHAT rooms
  2. WHOIS database
  3. News groups
  4. Web sites
  5. Search engines
  6. Organization’s own web site

Answer(s): A,B,C,D,E,F

Explanation:

A Security tester should search for information everywhere that he/she can access. You never know where you find that small piece of information that could penetrate a strong defense.



You are footprinting an organization to gather competitive intelligence. You visit the company’s website for contact information and telephone numbers but do not find it listed there. You know that they had the entire staff directory listed on their website 12 months ago but not it is not there.
How would it be possible for you to retrieve information from the website that is outdated?

  1. Visit google’s search engine and view the cached copy.
  2. Visit Archive.org web site to retrieve the Internet archive of the company’s website.
  3. Crawl the entire website and store them into your computer.
  4. Visit the company’s partners and customers website for this information.

Answer(s): B

Explanation:

Archive.org mirrors websites and categorizes them by date and month depending on the crawl time. Archive.org dates back to 1996, Google is incorrect because the cache is only as recent as the latest crawl, the cache is over-written on each subsequent crawl. Download the website is incorrect because that's the same as what you see online. Visiting customer partners websites is just bogus. The answer is then Firmly, C, archive.org






Post your Comments and Discuss EC-Council EC0-350 exam with other Community members:

EC0-350 Discussions & Posts