CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. EC0-350

Free EC0-350 Exam Braindumps (page: 71)

Page 70 of 191
PDF with 878 Questions

Under what conditions does a secondary name server request a zone transfer from a primary name server?

  1. When a primary SOA is higher that a secondary SOA
  2. When a secondary SOA is higher that a primary SOA
  3. When a primary name server has had its service restarted
  4. When a secondary name server has had its service restarted
  5. When the TTL falls to zero

Answer(s): A

Explanation:

Understanding DNS is critical to meeting the requirements of the CEH. When the serial number that is within the SOA record of the primary server is higher than the Serial number within the SOA record of the secondary DNS server, a zone transfer will take place.



_________ is a tool that can hide processes from the process list, can hide files, registry entries, and intercept keystrokes.

  1. Trojan
  2. RootKit
  3. DoS tool
  4. Scanner
  5. Backdoor

Answer(s): B

Explanation:

Rootkits are tools that can hide processes from the process list, can hide files, registry entries, and intercept keystrokes.



According to the CEH methodology, what is the next step to be performed after footprinting?

  1. Enumeration
  2. Scanning
  3. System Hacking
  4. Social Engineering
  5. Expanding Influence

Answer(s): B

Explanation:

Once footprinting has been completed, scanning should be attempted next. Scanning should take place on two distinct levels: network and host.



You are having problems while retrieving results after performing port scanning during internal testing. You verify that there are no security devices between you and the target system. When both stealth and connect scanning do not work, you decide to perform a NULL scan with NMAP. The first few systems scanned shows all ports open.
Which one of the following statements is probably true?

  1. The systems have all ports open.
  2. The systems are running a host based IDS.
  3. The systems are web servers.
  4. The systems are running Windows.

Answer(s): D

Explanation:

The null scan turns off all flags, creating a lack of TCP flags that should never occur in the real world. If the port is closed, a RST frame should be returned and a null scan to an open port results in no response. Unfortunately Microsoft (like usual) decided to completely ignore the standard and do things their own way. Thus this scan type will not work against systems running Windows as they choose not to response at all. This is a good way to distinguish that the system being scanned is running Microsoft Windows.






Post your Comments and Discuss EC-Council EC0-350 exam with other Community members:

EC0-350 Exam Discussions & Posts