CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. EC0-350

Free EC0-350 Exam Braindumps (page: 83)

Page 82 of 191
PDF with 878 Questions

An SNMP scanner is a program that sends SNMP requests to multiple IP addresses, trying different community strings and waiting for a reply. Unfortunately SNMP servers don't respond to requests with invalid community strings and the underlying protocol does not reliably report closed ports. This means that 'no response' from the probed IP address can mean which of the following:
(Select up to 3)

  1. Invalid community string
  2. S-AUTH protocol is running on the SNMP server
  3. Machine unreachable
  4. SNMP server not running

Answer(s): A,C,D

Explanation:

http://en.wikipedia.org/wiki/Simple_Network_Management_Protocol



What is the proper response for a NULL scan if the port is open?

  1. SYN
  2. ACK
  3. FIN
  4. PSH
  5. RST
  6. No response

Answer(s): F

Explanation:

A NULL scan will have no response if the port is open.



Your lab partner is trying to find out more information about a competitors web site. The site has a .com extension. She has decided to use some online whois tools and look in one of the regional Internet registrys. Which one would you suggest she looks in first?

  1. LACNIC
  2. ARIN
  3. APNIC
  4. RIPE
  5. AfriNIC

Answer(s): B

Explanation:

Regional registries maintain records from the areas from which they govern. ARIN is responsible for domains served within North and South America and therefore, would be a good starting point for a .com domain.



What port scanning method involves sending spoofed packets to a target system and then looking for adjustments to the IPID on a zombie system?

  1. Blind Port Scanning
  2. Idle Scanning
  3. Bounce Scanning
  4. Stealth Scanning
  5. UDP Scanning

Answer(s): B

Explanation:

from NMAP:
-sI <zombie host[:probeport]> Idlescan: This advanced scan method allows for
a truly blind TCP port scan of the target (meaning no packets are sent to
the tar- get from your real IP address). Instead, a unique side-channel
attack exploits predictable "IP fragmentation ID" sequence generation on
the zombie host to glean information about the open ports on the target.






Post your Comments and Discuss EC-Council EC0-350 exam with other Community members:

EC0-350 Exam Discussions & Posts