CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. EC0-350

Free EC0-350 Exam Braindumps (page: 61)

Page 60 of 191
PDF with 878 Questions

There is some dispute between two network administrators at your company. Your boss asks you to come and meet with the administrators to set the record straight. Which of these are true about PKI and encryption?
Select the best answers.

  1. PKI provides data with encryption, compression, and restorability.
  2. Public-key encryption was invented in 1976 by Whitfield Diffie and Martin Hellman.
  3. When it comes to eCommerce, as long as you have authenticity, and authenticity, you do not need encryption.
  4. RSA is a type of encryption.

Answer(s): B,D

Explanation:

PKI provides confidentiality, integrity, and authenticity of the messages exchanged between these two types of systems. The 3rd party provides the public key and the receiver verifies the message with a combination of the private and public key. Public-key encryption WAS invented in 1976 by Whitfield Diffie and Martin Hellman. The famous hashing algorithm Diffie-Hellman was named after them. The RSA Algorithm is created by the RSA Security company that also has created other widely used encryption algorithms.



Access control is often implemented through the use of MAC address filtering on wireless Access Points. Why is this considered to be a very limited security measure?

  1. Vendors MAC address assignment is published on the Internet.
  2. The MAC address is not a real random number.
  3. The MAC address is broadcasted and can be captured by a sniffer.
  4. The MAC address is used properly only on Macintosh computers.

Answer(s): C



Jimmy, an attacker, knows that he can take advantage of poorly designed input validation routines to create or alter SQL commands to gain access to private data or execute commands in the database. What technique does Jimmy use to compromise a database?

  1. Jimmy can submit user input that executes an operating system command to compromise a target system
  2. Jimmy can utilize this particular database threat that is an SQL injection technique to penetrate a target system
  3. Jimmy can utilize an incorrect configuration that leads to access with higher-than-expected privilege of the database
  4. Jimmy can gain control of system to flood the target system with requests, preventing legitimate users from gaining access

Answer(s): B

Explanation:

SQL injection is a security vulnerability that occurs in the database layer of an application. The vulnerability is present when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and thereby unexpectedly executed. It is in fact an instance of a more general class of vulnerabilities that can occur whenever one programming or scripting language is embedded inside another.



You are the security administrator for a large network. You want to prevent attackers from running any sort of traceroute into your DMZ and discover the internal structure of publicly accessible areas of the network.
How can you achieve this?

  1. Block ICMP at the firewall.
  2. Block UDP at the firewall.
  3. Both A and B.
  4. There is no way to completely block doing a trace route into this area.

Answer(s): D

Explanation:

When you run a traceroute to a target network address, you send a UDP packet with one time to live (TTL) to the target address. The first router this packet hits decreases the TTL to 0 and rejects the packet. Now the TTL for the packet is expired. The router sends back an ICMP message type 11 (Exceeded) code 0 (TTL--Exceeded) packet to your system with a source address. Your system displays the round-trip time for that first hop and sends out the next UDP packet with a TTL of 2.
This process continues until you receive an ICMP message type 3 (Unreachable) code 3 (Port--Unreachable) from the destination system. Traceroute is completed when your machine receives a Port-Unreachable message.
If you receive a message with three asterisks [* * *] during the traceroute, a router in the path doesn't return ICMP messages. Traceroute will continue to send UDP packets until the destination is reached or the maximum number of hops is exceeded.






Post your Comments and Discuss EC-Council EC0-350 exam with other Community members:

EC0-350 Exam Discussions & Posts