New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

Full Access ECCouncil EC0-350 Tutorials

Page: 14 / 32
Question 56

You are programming a buffer overflow exploit and you want to create a NOP sled of 200 bytes in the program exploit.c

What is the hexadecimal value of NOP instruction?

Options:

A.

0x60

B.

0x80

C.

0x70

D.

0x90

Question 57

Which definition below best describes a covert channel?

Options:

A.

A server program using a port that is not well known

B.

Making use of a protocol in a way it was not intended to be used

C.

It is the multiplexing taking place on a communication link

D.

It is one of the weak channels used by WEP that makes it insecure

Question 58

When a normal TCP connection starts, a destination host receives a SYN (synchronize/start) packet from a source host and sends back a SYN/ACK (synchronize acknowledge). The destination host must then hear an ACK (acknowledge) of the SYN/ACK before the connection is established. This is referred to as the "TCP three-way handshake." While waiting for the ACK to the SYN ACK, a connection queue of finite size on the destination host keeps track of connections waiting to be completed. This queue typically empties quickly since the ACK is expected to arrive a few milliseconds after the SYN ACK. How would an attacker exploit this design by launching TCP SYN attack?

Options:

A.

Attacker generates TCP SYN packets with random destination addresses towards a victim host

B.

Attacker floods TCP SYN packets with random source addresses towards a victim host

C.

Attacker generates TCP ACK packets with random source addresses towards a victim host

D.

Attacker generates TCP RST packets with random source addresses towards a victim host

Question 59

You are trying to break into a highly classified top-secret mainframe computer with highest security system in place at Merclyn Barley Bank located in Los Angeles. You know that conventional hacking doesn't work in this case, because organizations such as banks are generally tight and secure when it comes to protecting their systems. In other words you are trying to penetrate an otherwise impenetrable system. How would you proceed?

Options:

A.

Look for "zero-day" exploits at various underground hacker websites in Russia and China and buy the necessary exploits from these hackers and target the bank's network

B.

Try to hang around the local pubs or restaurants near the bank, get talking to a poorly-paid or disgruntled employee, and offer them money if they'll abuse their access privileges by providing you with sensitive information

C.

Launch DDOS attacks against Merclyn Barley Bank's routers and firewall systems using 100, 000 or more "zombies" and "bots"

D.

Try to conduct Man-in-the-Middle (MiTM) attack and divert the network traffic going to the Merclyn Barley Bank's Webserver to that of your machine using DNS Cache Poisoning techniques

Page: 14 / 32
Exam Code: EC0-350
Exam Name: Ethical Hacking and Countermeasures V8
Last Update: Dec 27, 2024
Questions: 878
EC0-350 pdf

EC0-350 PDF

$25.5  $84.99
EC0-350 Engine

EC0-350 Testing Engine

$28.5  $94.99
EC0-350 PDF + Engine

EC0-350 PDF + Testing Engine

$40.5  $134.99