CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Mile2
  5. ML0-320

Free ML0-320 Exam Braindumps (page: 17)

Page 16 of 62
PDF with 247 Questions

A Windows computer that has not been hardened properly might allow NULL connection from a remote host. Which of the following commands would be used by a remote attacker to attempt connecting using NULL session?

  1. net use \\servername\ipc$NULL/u
  2. net use \\servername\ipc$u
  3. net share \\servername\ipc$/u
  4. net use \\servername\ipc$/uNULL

Answer(s): B



What sniffer program is capable of reconstructing associated TCP packets into a sessions showing application layer data from the client to the server and vice-versa? Choose the best 2

  1. Packetyzer
  2. Etherape
  3. Ethereal
  4. ARPwatch

Answer(s): A,C



Which of the following commands would capture all packets going to and from IP address 192.168.1.2 using tcpdump?

  1. tcpdump host 192.168.1.2
  2. tcpdump dest 192.168.1.2
  3. tcpdump any 192.168.1.2/32
  4. tcpdump all 192.168.1.2/24

Answer(s): A



Why is passive sniffing much harder to detect, if not impossible, compared to active sniffing? Choose the best

  1. Passive sniffing injects fewer packets into the switch
  2. Passive sniffing can be done only via software and not hardware
  3. A device that only receives packets and never transmits packets is truly undetectable.
  4. It is difficult to obtain software that passively sniffs

Answer(s): C






Post your Comments and Discuss Mile2 ML0-320 exam with other Community members:

ML0-320 Exam Discussions & Posts