CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. EC0-350

Free EC0-350 Exam Braindumps (page: 79)

Page 78 of 191
PDF with 878 Questions

Stephanie, a security analyst, has just returned from a Black Hat conference in Las Vegas where she learned of many powerful tools used by hackers and security professionals alike. Stephanie is primarily worried about her Windows network because of all the legacy computers and servers that she must use, due to lack of funding.
Stephanie wrote down many of the tools she learned of in her notes and was particularly interested in one tool that could scan her network for vulnerabilities and return reports on her network's weak spots called SAINT. She remembered from her notes that SAINT is very flexible and can accomplish a number of tasks. Stephanie asks her supervisor, the CIO, if she can download and run SAINT on the network. Her boss said to not bother with it since it will not work for her at all.
Why did Stephanie's boss say that SAINT would not work?

  1. SAINT only works on Macintosh-based machines
  2. SAINT is too expensive and is not cost effective
  3. SAINT is too network bandwidth intensive
  4. SAINT only works on LINUX and UNIX machines

Answer(s): D

Explanation:

Works with Unix/Linux/BSD and MacOS X
http://www.saintcorporation.com/



What is a NULL scan?

  1. A scan in which all flags are turned off
  2. A scan in which certain flags are off
  3. A scan in which all flags are on
  4. A scan in which the packet size is set to zero
  5. A scan with a illegal packet size

Answer(s): A

Explanation:

A null scan has all flags turned off.



While footprinting a network, what port/service should you look for to attempt a zone transfer?

  1. 53 UDP
  2. 53 TCP
  3. 25 UDP
  4. 25 TCP
  5. 161 UDP
  6. 22 TCP
  7. 60 TCP

Answer(s): B

Explanation:

IF TCP port 53 is detected, the opportunity to attempt a zone transfer is there.



An Nmap scan shows the following open ports, and nmap also reports that the OS guessing results to match too many signatures hence it cannot reliably be identified:
21 ftp
23 telnet
80 http
443 https

What does this suggest ?

  1. This is a Windows Domain Controller
  2. The host is not firewalled
  3. The host is not a Linux or Solaris system
  4. The host is not properly patched

Answer(s): D

Explanation:

If the answer was A nmap would guess it, it holds the MS signature database, the host not being firewalled makes no difference. The host is not linux or solaris, well it very well could be. The host is not properly patched? That is the closest; nmaps OS detection architecture is based solely off the TCP ISN issued by the operating systems TCP/IP stack, if the stack is modified to show output from randomized ISN's or if your using a program to change the ISN then OS detection will fail. If the TCP/IP IP ID's are modified then os detection could also fail, because the machine would most likely come back as being down.






Post your Comments and Discuss EC-Council EC0-350 exam with other Community members:

EC0-350 Exam Discussions & Posts