CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. EC0-350

Free EC0-350 Exam Braindumps (page: 44)

Page 43 of 191
PDF with 878 Questions

Which of the following best describes Vulnerability?

  1. The loss potential of a threat
  2. An action or event that might prejudice security
  3. An agent that could take advantage of a weakness
  4. A weakness or error that can lead to compromise

Answer(s): D

Explanation:

A vulnerability is a flaw or weakness in system security procedures, design or implementation that could be exercised (accidentally triggered or intentionally exploited) and result in a harm to an IT system or activity.



How does Traceroute map the route that a packet travels from point A to point B?

  1. It uses a TCP Timestamp packet that will elicit a time exceed in transit message.
  2. It uses a protocol that will be rejected at the gateways on its way to its destination.
  3. It manipulates the value of time to live (TTL) parameter packet to elicit a time exceeded in transit message.
  4. It manipulated flags within packets to force gateways into generating error messages.

Answer(s): C

Explanation:

Traceroute works by increasing the "time-to-live" value of each successive batch of packets sent. The first three packets have a time-to-live (TTL) value of one (implying that they make a single hop). The next three packets have a TTL value of 2, and so on. When a packet passes through a host, normally the host decrements the TTL value by one, and forwards the packet to the next host. When a packet with a TTL of one reaches a host, the host discards the packet and sends an ICMP time exceeded (type 11) packet to the sender. The traceroute utility uses these returning packets to produce a list of hosts that the packets have traversed en route to the destination.



How would you prevent session hijacking attacks?

  1. Using biometrics access tokens secures sessions against hijacking
  2. Using non-Internet protocols like http secures sessions against hijacking
  3. Using hardware-based authentication secures sessions against hijacking
  4. Using unpredictable sequence numbers secures sessions against hijacking

Answer(s): D

Explanation:

Protection of a session needs to focus on the unique session identifier because it is the only thing that distinguishes users. If the session ID is compromised, attackers can impersonate other users on the system. The first thing is to ensure that the sequence of identification numbers issued by the session management system is unpredictable; otherwise, it's trivial to hijack another user's session. Having a large number of possible session IDs (meaning that they should be very long) means that there are a lot more permutations for an attacker to try.



What does the following command achieve?
Telnet <IP Address> <Port 80>
HEAD /HTTP/1.0
<Return>
<Return>

  1. This command returns the home page for the IP address specified
  2. This command opens a backdoor Telnet session to the IP address specified
  3. This command returns the banner of the website specified by IP address
  4. This command allows a hacker to determine the sites security
  5. This command is bogus and will accomplish nothing

Answer(s): C

Explanation:

This command is used for banner grabbing. Banner grabbing helps identify the service and version of web server running.






Post your Comments and Discuss EC-Council EC0-350 exam with other Community members:

EC0-350 Discussions & Posts