Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. EC0-350

EC-Council EC0-350 Exam
Ethical Hacking and Countermeasures (Page 36 )

Updated On: 9-Feb-2026
Page 30 of 153
PDF with 878 Questions

You find the following entries in your web log. Each shows attempted access to either root.exe or cmd.exe. What caused this?
GET /scripts/root.exe?/c+dir
GET /MSADC/root.exe?/c+dir
GET /c/winnt/system32/cmd.exe?/c+dir
GET /d/winnt/system32/cmd.exe?/c+dir
GET /scripts/..%5c../winnt/system32/cmd.exe?/c+dir
GET /_vti_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir
GET /_mem_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe?/c+dir
GET /msadc/..%5c../..%5c../..%5c/..xc1x1c../..xc1x1c../..xc1x1c../winnt/system32/cmd.exe?/c+dir
GET /scripts/..xc1x1c../winnt/system32/cmd.exe?/c+dir
GET /scripts/..xc0/../winnt/system32/cmd.exe?/c+dir
GET /scripts/..xc0xaf../winnt/system32/cmd.exe?/c+dir
GET /scripts/..xc1x9c../winnt/system32/cmd.exe?/c+dir
GET /scripts/..%35c../winnt/system32/cmd.exe?/c+dir
GET /scripts/..%35c../winnt/system32/cmd.exe?/c+dir
GET /scripts/..%5c../winnt/system32/cmd.exe?/c+dir
GET /scripts/..%2f../winnt/system32/cmd.exe?/c+dir

  1. The Morris worm
  2. The PIF virus
  3. Trinoo
  4. Nimda
  5. Code Red
  6. Ping of Death

Answer(s): D

Explanation:

The Nimda worm modifies all web content files it finds. As a result, any user browsing web content on the system, whether via the file system or via a web server, may download a copy of the worm. Some browsers may automatically execute the downloaded copy, thereby, infecting the browsing system. The high scanning rate of the Nimda worm may also cause bandwidth denial-of-service conditions on networks with infected machines and allow intruders the ability to execute arbitrary commands within the Local System security context on machines running the unpatched versions of IIS.



When a malicious hacker identifies a target and wants to eventually compromise this target, what would be among the first steps that he would perform? (Choose the best answer)

  1. Cover his tracks by eradicating the log files and audit trails.
  2. Gain access to the remote computer in order to conceal the venue of attacks.
  3. Perform a reconnaissance of the remote target for identical of venue of attacks.
  4. Always begin with a scan in order to quickly identify venue of attacks.

Answer(s): C

Explanation:

A hacker always starts with a preparatory phase (Reconnaissance) where he seeks to gather as much information as possible about the target of evaluation prior to launching an attack. The reconnaissance can be either passive or active (or both).



Which of the following is NOT a reason 802.11 WEP encryption is vulnerable?

  1. There is no mutual authentication between wireless clients and access points
  2. Automated tools like AirSnort are available to discover WEP keys
  3. The standard does not provide for centralized key management
  4. The 24 bit Initialization Vector (IV) field is too small

Answer(s): C

Explanation:

The lack of centralized key management in itself is not a reason that the WEP encryption is vulnerable, it is the people setting the user shared key that makes it unsecure.



An employee wants to defeat detection by a network-based IDS application. He does not want to attack the system containing the IDS application.
Which of the following strategies can be used to defeat detection by a network-based IDS application? (Choose the best answer)

  1. Create a network tunnel.
  2. Create a multiple false positives.
  3. Create a SYN flood.
  4. Create a ping flood.

Answer(s): A

Explanation:

Certain types of encryption presents challenges to network-based intrusion detection and may leave the IDS blind to certain attacks, where a host-based IDS analyzes the data after it has been decrypted.



Several of your co-workers are having a discussion over the etc/passwd file. They are at odds over what types of encryption are used to secure Linux passwords.(Choose all that apply.

  1. Linux passwords can be encrypted with MD5
  2. Linux passwords can be encrypted with SHA
  3. Linux passwords can be encrypted with DES
  4. Linux passwords can be encrypted with Blowfish
  5. Linux passwords are encrypted with asymmetric algrothims

Answer(s): A,C,D

Explanation:

Linux passwords are enrcypted using MD5, DES, and the NEW addition Blowfish. The default on most linux systems is dependant on the distribution, RedHat uses MD5, while slackware uses DES. The blowfish option is there for those who wish to use it. The encryption algorithm in use can be determined by authconfig on RedHat-based systems, or by reviewing one of two locations, on PAM-based systems (Pluggable Authentication Module) it can be found in /etc/pam.d/, the system-auth file or authconfig files. In other systems it can be found in /etc/security/ directory.






Post your Comments and Discuss EC-Council EC0-350 exam prep with other Community members:

Join the EC0-350 Discussion