EC-COUNCIL EC-COUNCIL Certifications 312-50V8 Questions & Answers

• Question 861:

  Several of your co-workers are having a discussion over the etc/passwd file. They are at odds over what types of encryption are used to secure Linux passwords. (Choose all that apply.)

  A. Linux passwords can be encrypted with MD5

  B. Linux passwords can be encrypted with SHA

  C. Linux passwords can be encrypted with DES

  D. Linux passwords can be encrypted with Blowfish

  E. Linux passwords are encrypted with asymmetric algrothims

  Correct Answer: ACD

• Question 862:

  WinDump is a popular sniffer which results from the porting to Windows of TcpDump for Linux. What library does it use?

  A. LibPcap

  B. WinPcap

  C. Wincap

  D. None of the above

  Correct Answer: B

• Question 863:

  Jim's organization has just completed a major Linux roll out and now all of the organization's systems are running the Linux 2.5 kernel. The roll out expenses has posed constraints on purchasing other essential security equipment and software. The organization requires an option to control network traffic and also perform stateful inspection of traffic going into and out of the DMZ.

  Which built-in functionality of Linux can achieve this?

  A. IP Tables

  B. IP Chains

  C. IP Sniffer

  D. IP ICMP

  Correct Answer: A

• Question 864:

  You have just installed a new Linux file server at your office. This server is going to be used by several individuals in the organization, and unauthorized personnel must not be able to modify any data.

  What kind of program can you use to track changes to files on the server?

  A. Network Based IDS (NIDS)

  B. Personal Firewall

  C. System Integrity Verifier (SIV)

  D. Linux IP Chains

  Correct Answer: C

• Question 865:

  What is the expected result of the following exploit?

  

  A. Opens up a telnet listener that requires no username or password.

  B. Create a FTP server with write permissions enabled.

  C. Creates a share called "sasfile" on the target system.

  D. Creates an account with a user name of Anonymous and a password of [email protected].

  Correct Answer: A

• Question 866:

  Joe the Hacker breaks into XYZ's Linux system and plants a wiretap program in order to sniff passwords and user accounts off the wire. The wiretap program is embedded as a Trojan horse in one of the network utilities. Joe is worried that network administrator might detect the wiretap program by querying the interfaces to see if they are running in promiscuous mode.

  

  What can Joe do to hide the wiretap program from being detected by ifconfig command?

  A. Block output to the console whenever the user runs ifconfig command by running screen capture utiliyu

  B. Run the wiretap program in stealth mode from being detected by the ifconfig command.

  C. Replace original ifconfig utility with the rootkit version of ifconfig hiding Promiscuous information being displayed on the console.

  D. You cannot disable Promiscuous mode detection on Linux systems.

  Correct Answer: C

• Question 867:

  Windump is the windows port of the famous TCPDump packet sniffer available on a variety of platforms. In order to use this tool on the Windows platform you must install a packet capture library.

  What is the name of this library?

  A. NTPCAP

  B. LibPCAP

  C. WinPCAP

  D. PCAP

  Correct Answer: C

• Question 868:

  Which of the following is NOT a valid NetWare access level?

  A. Not Logged in

  B. Logged in

  C. Console Access

  D. Administrator

  Correct Answer: D

• Question 869:

  What is the name of the software tool used to crack a single account on Netware Servers using a dictionary attack?

  A. NPWCrack

  B. NWPCrack

  C. NovCrack

  D. CrackNov

  E. GetCrack

  Correct Answer: B

• Question 870:

  If you receive a RST packet while doing an ACK scan, it indicates that the port is open.

  A. True

  B. False

  Correct Answer: A