CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. EC0-350

Free EC0-350 Exam Braindumps (page: 48)

Page 47 of 191
PDF with 878 Questions

John is discussing security with Jane. Jane had mentioned to John earlier that she suspects an LKM has been installed on her server. She believes this is the reason that the server has been acting erratically lately. LKM stands for Loadable Kernel Module.
What does this mean in the context of Linux Security?

  1. Loadable Kernel Modules are a mechanism for adding functionality to a file system without requiring a kernel recompilation.
  2. Loadable Kernel Modules are a mechanism for adding functionality to an operating-system kernel after it has been recompiled and the system rebooted.
  3. Loadable Kernel Modules are a mechanism for adding auditing to an operating-system kernel without requiring a kernel recompilation.
  4. Loadable Kernel Modules are a mechanism for adding functionality to an operating-system kernel without requiring a kernel recompilation.

Answer(s): D

Explanation:

Loadable Kernel Modules, or LKM, are object files that contain code to extend the running kernel, or so-called base kernel, without the need of a kernel recompilation. Operating systems other than Linux, such as BSD systems, also provide support for LKM's. However, the Linux kernel generally makes far greater and more versatile use of LKM's than other systems. LKM's are typically used to add support for new hardware, filesystems or for adding system calls. When the functionality provided by an LKM is no longer required, it can be unloaded, freeing memory.



What is the proper response for a NULL scan if the port is closed?

  1. SYN
  2. ACK
  3. FIN
  4. PSH
  5. RST
  6. No response

Answer(s): E

Explanation:

Closed ports respond to a NULL scan with a reset.



E-mail scams and mail fraud are regulated by which of the following?

  1. 18 U.S.C. par. 1030 Fraud and Related activity in connection with Computers
  2. 18 U.S.C. par. 1029 Fraud and Related activity in connection with Access Devices
  3. 18 U.S. par. 1362 Communication Lines, Stations, or Systems
  4. 18 U.S.C. par. 2510 Wire and Electronic Communications Interception and Interception of Oral Communication

Answer(s): A

Explanation:

http://www.law.cornell.edu/uscode/html/uscode18/usc_sec_18_00001030----000-.html



What type of port scan is shown below?

  1. Idle Scan
  2. Windows Scan
  3. XMAS Scan
  4. SYN Stealth Scan

Answer(s): C

Explanation:

An Xmas port scan is variant of TCP port scan. This type of scan tries to obtain information about the state of a target port by sending a packet which has multiple TCP flags set to 1 - "lit as an Xmas tree". The flags set for Xmas scan are FIN, URG and PSH. The purpose is to confuse and bypass simple firewalls. Some stateless firewalls only check against security policy those packets which have the SYN flag set (that is, packets that initiate connection according to the standards). Since Xmas scan packets are different, they can pass through these simple systems and reach the target host.






Post your Comments and Discuss EC-Council EC0-350 exam with other Community members:

EC0-350 Discussions & Posts