EC-COUNCIL EC0-350 Online Practice Questions and Exam Preparation

EC-COUNCIL EC0-350 Online Questions & Answers

• Question 1:

  Pandora is used to attack __________ network operating systems.

  A. Windows
  B. UNIX
  C. Linux
  D. Netware
  E. MAC OS
  D. Netware

• Question 2:

  In an attempt to secure his wireless network, Bob turns off broadcasting of the SSID. He concludes that since his access points require the client computer to have the proper SSID, it would prevent others from connecting to the wireless network. Unfortunately unauthorized users are still able to connect to the wireless network.

  Why do you think this is possible?

  A. Bob forgot to turn off DHCP.
  B. All access points are shipped with a default SSID.
  C. The SSID is still sent inside both client and AP packets.
  D. Bob's solution only works in ad-hoc mode.
  B. All access points are shipped with a default SSID.

• Question 3:

  Which of the following is NOT a valid NetWare access level?

  A. Not Logged in
  B. Logged in
  C. Console Access
  D. Administrator
  D. Administrator

• Question 4:

  What makes web application vulnerabilities so aggravating? (Choose two)

  A. They can be launched through an authorized port.
  B. A firewall will not stop them.
  C. They exist only on the Linux platform.
  D. They are detectable by most leading antivirus software.
  A. They can be launched through an authorized port.
  B. A firewall will not stop them.

• Question 5:

  On a backdoored Linux box there is a possibility that legitimate programs are modified or trojaned. How is it possible to list processes and uids associated with them in a more reliable manner?

  A. Use "Is"
  B. Use "lsof"
  C. Use "echo"
  D. Use "netstat"
  B. Use "lsof"

• Question 6:

  There are two types of honeypots- high and low interaction. Which of these describes a low interaction honeypot? Select the best answers.

  A. Emulators of vulnerable programs
  B. More likely to be penetrated
  C. Easier to deploy and maintain
  D. Tend to be used for production
  E. More detectable
  F. Tend to be used for research
  A. Emulators of vulnerable programs
  C. Easier to deploy and maintain
  D. Tend to be used for production
  E. More detectable

• Question 7:

  A client has approached you with a penetration test requirements. They are concerned with the possibility of external threat, and have invested considerable resources in protecting their Internet exposure. However, their main concern is the possibility of an employee elevating his/her privileges and gaining access to information outside of their respective department.

  What kind of penetration test would you recommend that would best address the client's concern?

  A. A Black Box test
  B. A Black Hat test
  C. A Grey Box test
  D. A Grey Hat test
  E. A White Box test
  F. A White Hat test
  C. A Grey Box test

• Question 8:

  In order to attack a wireless network, you put up an access point and override the signal of the real access point. As users send authentication data, you are able to capture it. What kind of attack is this?

  A. WEP attack
  B. Drive by hacking
  C. Rogue access point attack
  D. Unauthorized access point attack
  C. Rogue access point attack

• Question 9:

  What type of cookies can be generated while visiting different web sites on the Internet?

  A. Permanent and long term cookies.
  B. Session and permanent cookies.
  C. Session and external cookies.
  D. Cookies are all the same, there is no such thing as different type of cookies.
  B. Session and permanent cookies.

• Question 10:

  On wireless networks, SSID is used to identify the network. Why are SSID not considered to be a good security mechanism to protect a wireless networks?

  A. The SSID is only 32 bits in length.
  B. The SSID is transmitted in clear text.
  C. The SSID is the same as the MAC address for all vendors.
  D. The SSID is to identify a station, not a network.
  B. The SSID is transmitted in clear text.