CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. EC0-350

Free EC0-350 Exam Braindumps (page: 70)

Page 69 of 191
PDF with 878 Questions

What is the problem with this ASP script (login.asp)?
<%
Set objConn = CreateObject("ADODB.Connection")
objConn.Open Application("WebUsersConnection")
sSQL="SELECT * FROM Users where Username=? & Request("user") & _
"?and Password=? & Request("pwd") & "?
Set RS = objConn.Execute(sSQL)
If RS.EOF then
Response.Redirect("login.asp?msg=Invalid Login")
Else
Session.Authorized = True
Set RS = nothing
Set objConn = nothing Response.Redirect("mainpage.asp")
End If
%>

  1. The ASP script is vulnerable to XSS attack
  2. The ASP script is vulnerable to SQL Injection attack
  3. The ASP script is vulnerable to Session Splice attack
  4. The ASP script is vulnerable to Cross Site Scripting attack

Answer(s): B



Network Intrusion Detection systems can monitor traffic in real time on networks.
Which one of the following techniques can be very effective at avoiding proper detection?

  1. Fragmentation of packets.
  2. Use of only TCP based protocols.
  3. Use of only UDP based protocols.
  4. Use of fragmented ICMP traffic only.

Answer(s): A

Explanation:

If the default fragmentation reassembly timeout is set to higher on the client than on the IDS then the it is possible to send an attack in fragments that will never be reassembled in the IDS but they will be reassembled and read on the client computer acting victim.



What is Cygwin?

  1. Cygwin is a free C++ compiler that runs on Windows
  2. Cygwin is a free Unix subsystem that runs on top of Windows
  3. Cygwin is a free Windows subsystem that runs on top of Linux
  4. Cygwin is a X Windows GUI subsytem that runs on top of Linux GNOME environment

Answer(s): B

Explanation:

Cygwin is a Linux-like environment for Windows. It consists of two parts:
A DLL (cygwin1.dll) which acts as a Linux API emulation layer providing substantial Linux API functionality.
A collection of tools which provide Linux look and feel.
The Cygwin DLL works with all non-beta, non "release candidate", ix86 32 bit versions of Windows since Windows 95, with the exception of Windows CE.



Justine is the systems administrator for her company, an international shipping company with offices all over the world. Recent US regulations have forced the company to implement stronger and more secure means of communication. Justine and other administrators have been put in charge of securing the company's digital communication lines. After implementing email encryption, Justine now needs to implement robust digital signatures to ensure data authenticity and reliability. Justine has decided to implement digital signatures which are a variant of DSA and that operate on elliptical curve groups. These signatures are more efficient than DSA and are not vulnerable to a number field sieve attacks.
What type of signature has Justine decided to implement?

  1. She has decided to implement ElGamal signatures since they offer more reliability than the typical DSA signatures
  2. Justine has decided to use ECDSA signatures since they are more efficient than DSA signatures
  3. Justine is now utilizing SHA-1 with RSA signatures to help ensure data reliability
  4. These types of signatures that Justine has decided to use are called RSA-PSS signatures

Answer(s): B

Explanation:

The Elliptic Curve Digital Signature Algorithm (ECDSA) is a variant of the Digital Signature Algorithm (DSA) which uses Elliptic curve cryptography. http://en.wikipedia.org/wiki/Elliptic_Curve_DSA






Post your Comments and Discuss EC-Council EC0-350 exam with other Community members:

EC0-350 Exam Discussions & Posts