CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. EC0-350

Free EC0-350 Exam Braindumps (page: 49)

Page 48 of 191
PDF with 878 Questions

Steven works as a security consultant and frequently performs penetration tests for Fortune 500 companies. Steven runs external and internal tests and then creates reports to show the companies where their weak areas are. Steven always signs a non-disclosure agreement before performing his tests. What would Steven be considered?

  1. Whitehat Hacker
  2. BlackHat Hacker
  3. Grayhat Hacker
  4. Bluehat Hacker

Answer(s): A

Explanation:

A white hat hacker, also rendered as ethical hacker, is, in the realm of information technology, a person who is ethically opposed to the abuse of computer systems. Realization that the Internet now represents human voices from around the world has made the defense of its integrity an important pastime for many. A white hat generally focuses on securing IT systems, whereas a black hat (the opposite) would like to break into them.



Snort has been used to capture packets on the network. On studying the packets, the penetration tester finds it to be abnormal. If you were the penetration tester, why would you find this abnormal?
(Note: The student is being tested on concept learnt during passive OS fingerprinting, basic TCP/IP connection concepts and the ability to read packet signatures from a sniff dumo.)
05/20-17:06:45.061034 192.160.13.4:31337 -> 172.16.1.101:1
TCP TTL:44 TOS:0x10 ID:242
***FRP** Seq: 0XA1D95 Ack: 0x53 Win: 0x400
.
.
.
05/20-17:06:58.685879 192.160.13.4:31337 -> 172.16.1.101:1024
TCP TTL:44 TOS:0x10 ID:242
***FRP** Seg: 0XA1D95 Ack: 0x53 Win: 0x400
What is odd about this attack? (Choose the most appropriate statement)

  1. This is not a spoofed packet as the IP stack has increasing numbers for the three flags.
  2. This is back orifice activity as the scan comes from port 31337.
  3. The attacker wants to avoid creating a sub-carrier connection that is not normally valid.
  4. There packets were created by a tool; they were not created by a standard IP stack.

Answer(s): B

Explanation:

Port 31337 is normally used by Back Orifice. Note that 31337 is hackers spelling of ‘elite’, meaning ‘elite hackers’.



Which of the following attacks takes best advantage of an existing authenticated connection

  1. Spoofing
  2. Session Hijacking
  3. Password Sniffing
  4. Password Guessing

Answer(s): B

Explanation:

Session hijacking is the act of taking control of a user session after successfully obtaining or generating an authentication session ID. Session hijacking involves an attacker using captured, brute forced or reverse-engineered session IDs to seize control of a legitimate user's Web application session while that session is still in progress.



Within the context of Computer Security, which of the following statements best describe Social Engineering?

  1. Social Engineering is the act of publicly disclosing information.
  2. Social Engineering is the act of getting needed information from a person rather than breaking into a system.
  3. Social Engineering is the means put in place by human resource to perform time accounting.
  4. Social Engineering is a training program within sociology studies.

Answer(s): B

Explanation:

Social engineering is a collection of techniques used to manipulate people into performing actions or divulging confidential information.






Post your Comments and Discuss EC-Council EC0-350 exam with other Community members:

EC0-350 Discussions & Posts