CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. EC0-350

Free EC0-350 Exam Braindumps (page: 42)

Page 41 of 191
PDF with 878 Questions

Which of the following best describes session key creation in SSL?

  1. It is created by the server after verifying theuser's identity
  2. It is created by the server upon connection by the client
  3. It is created by the client from the server's public key
  4. It is created by the client after verifying the server's identity

Answer(s): D

Explanation:

An SSL session always begins with an exchange of messages called the SSL handshake. The handshake allows the server to authenticate itself to the client using public-key techniques, then allows the client and the server to cooperate in the creation of symmetric keys used for rapid encryption, decryption, and tamper detection during the session that follows. Optionally, the handshake also allows the client to authenticate itself to the server.



June, a security analyst, understands that a polymorphic virus has the ability to mutate and can change its known viral signature and hide from signature-based antivirus programs. Can June use an antivirus program in this case and would it be effective against a polymorphic virus?

  1. No. June can't use an antivirus program since it compares the size of executable files to the database of known viral signatures and it is effective on a polymorphic virus
  2. Yes. June can use an antivirus program since it compares the parity bit of executable files to the database of known check sum counts and it is effective on a polymorphic virus
  3. Yes. June can use an antivirus program since it compares the signatures of executable files to the database of known viral signatures and it is very effective against a polymorphic virus
  4. No. June can't use an antivirus program since it compares the signatures of executable files to the database of known viral signatures and in the case the polymorphic viruses cannot be detected by a signature-based anti-virus program

Answer(s): D

Explanation:

Although there are functions like heuristic scanning and sandbox technology, the Antivirus program is still mainly depending of signature databases and can only find already known viruses.



Which of the following is true of the wireless Service Set ID (SSID)? (Select all that apply.)

  1. Identifies the wireless network
  2. Acts as a password for network access
  3. Should be left at the factory default setting
  4. Not broadcasting the SSID defeats NetStumbler and other wireless discovery tools

Answer(s): A,B



Carl has successfully compromised a web server from behind a firewall by exploiting a vulnerability in the web server program. He wants to proceed by installing a backdoor program. However, he is aware that not all inbound ports on the firewall are in the open state.
From the list given below, identify the port that is most likely to be open and allowed to reach the server that Carl has just compromised.

  1. 53
  2. 110
  3. 25
  4. 69

Answer(s): A

Explanation:

Port 53 is used by DNS and is almost always open, the problem is often that the port is opened for the hole world and not only for outside DNS servers.






Post your Comments and Discuss EC-Council EC0-350 exam with other Community members:

EC0-350 Discussions & Posts