New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

Certified Ethical Hacker EC0-350 Reddit Questions

Page: 26 / 32
Question 104

Bill is attempting a series of SQL queries in order to map out the tables within the database that he is trying to exploit.

Choose the attack type from the choices given below.

Options:

A.

Database Fingerprinting

B.

Database Enumeration

C.

SQL Fingerprinting

D.

SQL Enumeration

Question 105

Neil is closely monitoring his firewall rules and logs on a regular basis. Some of the users have complained to Neil that there are a few employees who are visiting offensive web site during work hours, without any consideration for others. Neil knows that he has an up-to-date content filtering system and such access should not be authorized. What type of technique might be used by these offenders to access the Internet without restriction?

Options:

A.

They are using UDP that is always authorized at the firewall

B.

They are using an older version of Internet Explorer that allow them to bypass the proxy server

C.

They have been able to compromise the firewall, modify the rules, and give themselves proper access

D.

They are using tunneling software that allows them to communicate with protocols in a way it was not intended

Question 106

Access control is often implemented through the use of MAC address filtering on wireless Access Points. Why is this considered to be a very limited security measure?

Options:

A.

Vendors MAC address assignment is published on the Internet.

B.

The MAC address is not a real random number.

C.

The MAC address is broadcasted and can be captured by a sniffer.

D.

The MAC address is used properly only on Macintosh computers.

Question 107

Clive is conducting a pen-test and has just port scanned a system on the network. He has identified the operating system as Linux and been able to elicit responses from ports 23, 25 and 53. He infers port 23 as running Telnet service, port 25 as running SMTP service and port 53 as running DNS service. The client confirms these findings and attests to the current availability of the services. When he tries to telnet to port 23 or 25, he gets a blank screen in response. On typing other commands, he sees only blank spaces or underscores symbols on the screen. What are you most likely to infer from this?

Options:

A.

The services are protected by TCP wrappers

B.

There is a honeypot running on the scanned machine

C.

An attacker has replaced the services with trojaned ones

D.

This indicates that the telnet and SMTP server have crashed

Page: 26 / 32
Exam Code: EC0-350
Exam Name: Ethical Hacking and Countermeasures V8
Last Update: Dec 22, 2024
Questions: 878
EC0-350 pdf

EC0-350 PDF

$25.5  $84.99
EC0-350 Engine

EC0-350 Testing Engine

$28.5  $94.99
EC0-350 PDF + Engine

EC0-350 PDF + Testing Engine

$40.5  $134.99