Assuring two systems that are using IPSec to protect traffic over the internet, what type of general attack could compromise the data?
Answer(s): D,E
To compromise the data, the attack would need to be executed before the encryption takes place at either end of the tunnel. Trojan Horse and Back Orifice attacks both allow for potential data manipulation on host computers. In both cases, the data would be compromised either before encryption or after decryption, so IPsec is not preventing the attack.
The evil hacker, is purposely sending fragmented ICMP packets to a remote target. The total size of this ICMP packet once reconstructed is over 65, 536 bytes. From the information given, what type of attack is attempting to perform?
Answer(s): C
http://insecure.org/sploits/ping-o-death.html
Exhibit:ettercap –NCLzs --quietWhat does the command in the exhibit do in “Ettercap”?
-N = NON interactive mode (without ncurses)-C = collect all users and passwords-L = if used with -C (collector) it creates a file with all the password sniffed in the session in the form "YYYYMMDD-collected-pass.log"-z = start in silent mode (no arp storm on start up)-s = IP BASED sniffing--quiet = "demonize" ettercap. Useful if you want to log all data in background.
You have been using the msadc.pl attack script to execute arbitrary commands on an NT4 web server. While it is effective, you find it tedious to perform extended functions. On further research you come across a perl script that runs the following msadc functions:What kind of exploit is indicated by this script?
Answer(s): D
A client has approached you with a penetration test requirements. They are concerned with the possibility of external threat, and have invested considerable resources in protecting their Internet exposure. However, their main concern is the possibility of an employee elevating his/her privileges and gaining access to information outside of their respective department.What kind of penetration test would you recommend that would best address the client’s concern?
Share your comments for EC-Council EC0-350 exam with other users:
Delayed the exam until December 29th.
A and D are True
good one with explanation
This is one of the most useful study guides I have ever used.