CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. EC0-350

Free EC0-350 Exam Braindumps (page: 75)

Page 74 of 191
PDF with 878 Questions

Giles is the network administrator for his company, a graphics design company based in Dallas. Most of the network is comprised of Windows servers and workstations, except for some designers that prefer to use MACs. These MAC users are running on the MAC OS X operating system. These MAC users also utilize iChat to talk between each other. Tommy, one of these MAC users, calls Giles and says that his computer is running very slow. Giles then gets more calls from the other MAC users saying they are receiving instant messages from Tommy even when he says he is not on his computer. Giles immediately unplugs Tommy's computer from the network to take a closer look. He opens iChat on Tommy's computer and it says that it sent a file called latestpics.tgz to all the other MAC users. Tommy says he never sent those files. Giles also sees that many of the computer's applications appear to be altered. The path where the files should be has an altered file and the original application is stored in the file's resource fork.
What has Giles discovered on Tommy's computer?

  1. He has discovered OSX/Chat-burner virus on Tommy's computer
  2. Giles has found the OSX/Leap-A virus on Tommy's computer
  3. This behavior is indicative of the OSX/Inqtana.A virus
  4. On Tommy's computer, Giles has discovered an apparent infection of the OSX/Transmitter.B virus

Answer(s): B

Explanation:

OSX.Leap.A is a worm that targets installs of Macintosh OS X and spreads via iChat Instant Messenger program.
http://www.symantec.com/security_response/writeup.jsp?docid=2006-021614-4006-99



What ports should be blocked on the firewall to prevent NetBIOS traffic from not coming through the firewall if your network is comprised of Windows NT, 2000, and XP?(Choose all that apply.

  1. 110
  2. 135
  3. 139
  4. 161
  5. 445
  6. 1024

Answer(s): B,C,E

Explanation:

NetBIOS traffic can quickly be used to enumerate and attack Windows computers. Ports 135, 139, and 445 should be blocked.



NSLookup is a good tool to use to gain additional information about a target network. What does the following command accomplish?
nslookup

> server <ipaddress>
> set type =any
> ls -d <target.com>

  1. Enables DNS spoofing
  2. Loads bogus entries into the DNS table
  3. Verifies zone security
  4. Performs a zone transfer
  5. Resets the DNS cache

Answer(s): D

Explanation:

If DNS has not been properly secured, the command sequence displayed above will perform a zone transfer.



John has scanned the web server with NMAP. However, he could not gather enough information to help him identify the operating system running on the remote host accurately.
What would you suggest to John to help identify the OS that is being used on the remote web server?

  1. Connect to the web server with a browser and look at the web page.
  2. Connect to the web server with an FTP client.
  3. Telnet to port 8080 on the web server and look at the default page code.
  4. Telnet to an open port and grab the banner.

Answer(s): D

Explanation:

Most people don’t care about changing the banners presented by applications listening to open ports and therefore you should get fairly accurate information when grabbing banners from open ports with, for example, a telnet application.






Post your Comments and Discuss EC-Council EC0-350 exam with other Community members:

EC0-350 Exam Discussions & Posts