ECCouncil 312-49 Computer Hacking Forensic Investigator Exam Set 4

Terri works for a security consulting firm that is currently performing a penetration test on First National Bank in Tokyo. Terri's duties include bypassing firewalls and switches to gain access to the network. Terri sends an IP packet to one of the company's switches with ACK bit and the source address of her machine set. What is Terri trying to accomplish by sending this IP packet?


Options are :

  • Poison the switch's MAC address table by flooding it with ACK bits
  • Enable tunneling feature on the switch
  • Trick the switch into thinking it already has a session with Terri's computer (Correct)
  • Crash the switch with a DoS attack since switches cannot send ACK bits

Answer : Trick the switch into thinking it already has a session with Terri's computer

ECCouncil ECSS Certified Security Specialist Practice Exam Set 11

George is a senior security analyst working for a state agency in Florida. His state's congress just passed a bill mandating every state agency to undergo a security audit annually. After learning what will be required, George needs to implement an IDS as soon as possible before the first audit occurs. The state bill requires that an IDS with a "time-based induction machine" be used. What IDS feature must George implement to meet this requirement?


Options are :

  • Signature-based anomaly detection
  • Pattern matching
  • Real-time anomaly detection (Correct)
  • Statistical-based anomaly detection

Answer : Real-time anomaly detection

George is performing security analysis for Hammond and Sons LLC. He is testing security vulnerabilities of their wireless network. He plans on remaining as "stealthy" as possible during the scan. Why would a scanner like Nessus is not recommended in this situation?


Options are :

  • Nessus is too loud (Correct)
  • Nessus is not a network scanner
  • There are no ways of performing a "stealthy" wireless scan
  • Nessus cannot perform wireless testing

Answer : Nessus is too loud

What is kept in the following directory? HKLM\SECURITY\Policy\Secrets


Options are :

  • IAS account names and passwords
  • Service account passwords in plain text (Correct)
  • Cached password hashes for the past 20 users
  • Local store PKI Kerberos certificates

Answer : Service account passwords in plain text

ECCouncil 312-38 Network Security Administrator (ENSA) Exam Set 1

You just passed your ECSA exam and are about to start your first consulting job running security audits for a financial institution in Los Angeles. The IT manager of the company you will be working for tries to see if you remember your ECSA class. He asks about the methodology you will be using to test the company's network. How would you answer?


Options are :

  • Microsoft Methodology
  • LPT Methodology (Correct)
  • IBM Methodology
  • Google Methodology

Answer : LPT Methodology

You are a security analyst performing reconnaissance on a company you will be carrying out a penetration test for. You conduct a search for IT jobs on Dice.com and find the following information for an open position: 7+ years experience in Windows Server environment 5+ years experience in Exchange 2000/2003 environment Experience with Cisco Pix Firewall, Linksys 1376 router, Oracle 11i and MYOB v3.4 Accounting software are required MCSA desired, MCSE, CEH preferred No Unix/Linux Experience needed What is this information posted on the job website considered?


Options are :

  • Social engineering exploit
  • Information vulnerability (Correct)
  • Competitive exploit
  • Trade secret

Answer : Information vulnerability

What will the following URL produce in an unpatched IIS Web Server?


Options are :

  • Directory listing of the C:\windows\system32 folder on the web server
  • Insert a Trojan horse into the C: drive of the web server
  • Directory listing of C: drive on the web server (Correct)
  • Execute a buffer flowin the C: drive of the web server

Answer : Directory listing of C: drive on the web server

ECCouncil EC0-232 ec0-232 E-Commerce Architect Practice Exam Set 3

You are conducting an investigation of fraudulent claims in an insurance company that involves complex text searches through large numbers of documents. Which of the following tools would allow you to quickly and efficiently search for a string within a file on the bitmap image of the target computer?


Options are :

  • grep (Correct)
  • dir
  • Stringsearch
  • vim

Answer : grep

Paul's company is in the process of undergoing a complete security audit including logical and physical security testing. After all logical tests were performed; it is now time for the physical round to begin. None of the employees are made aware of this round of testing. The securityauditing firm sends in a technician dressed as an electrician. He waits outside in the lobby for some employees to get to work and follows behind them when they access the restricted areas. After entering the main office, he is able to get into the server room telling the IT manager that there is a problem with the outlets in that room. What type of attack has the technician performed?


Options are :

  • Fuzzing
  • Man trap attack
  • Backtrapping
  • Tailgating (Correct)

Answer : Tailgating

Bill is the accounting manager for Grummon and Sons LLC in Chicago. On a regular basis, he needs to send PDF documents containing sensitive information through E-mail to his customers. Bill protects the PDF documents with a password and sends them to their intended recipients. Why PDF passwords do not offer maximum protection?


Options are :

  • When sent through E-mail, PDF passwords are stripped from the document completely
  • PDF passwords can easily be cracked by software brute force tools (Correct)
  • PDF passwords are not considered safe by Sarbanes-Oxley
  • PDF passwords are converted to clear text when sent through E-mail

Answer : PDF passwords can easily be cracked by software brute force tools

ECCouncil EC0-349 Computer Hack Forensic Investigator Exam Set 9

You are assisting a Department of Defense contract company to become compliant with the stringent security policies set by the DoD. One such strict rule is that firewalls must only allow incoming connections that were first initiated by internal computers. What type of firewall must you implement to abide by this policy?


Options are :

  • Circuit-level proxy firewall
  • Packet filtering firewall
  • Stateful firewall (Correct)
  • Application-level proxy firewall

Answer : Stateful firewall

On Linux/Unix based Web servers, what privilege should the daemon service be run under?


Options are :

  • Root
  • You cannot determine what privilege runs the daemon service
  • Something other than root (Correct)
  • Guest

Answer : Something other than root

Why are Linux/Unix based computers better to use than Windows computers for idle scanning?


Options are :

  • Windows computers are constantlytalking (Correct)
  • Windows computers will not respond to idle scans
  • Linux/Unix computers are easier to compromise
  • Linux/Unix computers are constantly talking

Answer : Windows computers are constantlytalking

EC0-232 EC-Council E-Commerce Architect Exam Set 4

After passing her CEH exam, Carol wants to ensure that her network is completely secure. She implements a DMZ, stateful firewall, NAT, IPSEC, and a packet filtering firewall. Since all security measures were taken, none of the hosts on her network can reach the Internet. Why is that?


Options are :

  • NAT does not work with stateful firewalls
  • Stateful firewalls do not work with packet filtering firewalls
  • IPSEC does not work with packet filtering firewalls
  • NAT does not work with IPSEC (Correct)

Answer : NAT does not work with IPSEC

Simon is a former employee of Trinitron XML Inc. He feels he was wrongly terminated and wants to hack into his former company's network. Since Simon remembers some of the server names, he attempts to run the axfr and ixfr commands using DIG. What is Simon trying to accomplish here?


Options are :

  • Enumerate all the users in the domain
  • Perform DNS poisoning
  • Send DOS commands to crash the DNS servers
  • Perform a zone transfer (Correct)

Answer : Perform a zone transfer

Microsoft Outlook maintains email messages in a proprietary format in what type of file?


Options are :

  • .email
  • .doc
  • .mail
  • .pst (Correct)

Answer : .pst

ECCouncil EC0-479 Certified Security Analyst (ECSA) Exam Set 6

Frank is working on a vulnerability assessment for a company on the West coast. The company hired Frank to assess its network security through scanning, pen tests, and vulnerability assessments. After discovering numerous known vulnerabilities detected by a temporary IDS he set up, he notices a number of items that show up as unknown but Questionable in the logs. He looks up the behavior on the Internet, but cannot find anything related. What organization should Frank submit the log to find out if it is a new vulnerability or not?


Options are :

  • CVE (Correct)
  • RIPE
  • IANA
  • APIPA

Answer : CVE

As a CHFI professional, which of the following is the most important to your professional reputation?


Options are :

  • The free that you charge
  • The correct, successful management ofeach and every case (Correct)
  • The friendship of local law enforcement officers
  • Your Certifications

Answer : The correct, successful management ofeach and every case

The rule of thumb when shutting down a system is to pull the power plug. However, it has certain drawbacks. Which of the following would that be?


Options are :

  • The /tmp directory will be flushed
  • Power interruption will corrupt the pagefile
  • Any data not yet flushed to the system will be lost (Correct)
  • All running processes will be lost

Answer : Any data not yet flushed to the system will be lost

ECCouncil 312-38 Network Security Administrator (ENSA) Exam Set 8

Michael works for Kimball Construction Company as senior security analyst. As part of yearly security audit, Michael scans his network for vulnerabilities. Using Nmap, Michael conducts XMAS scan and most of the ports scanned do not give a response. In what state are these ports?


Options are :

  • Closed
  • Stealth
  • Filtered
  • Open (Correct)

Answer : Open

Hackers can gain access to Windows Registry and manipulate user passwords, DNS settings, access rights or others features that they may need in order to accomplish their objectives. One simple method for loading an application at startup is to add an entry (Key) to the following Registry Hive:


Options are :

  • HKEY_LOCAL_MACHINE\hardware\windows\start
  • HKEY_LOCAL_USERS\Software\Microsoft\old\Version\Load
  • HKEY_LOCAL_MACHINE\Software\Microsoft\CurrentVersion\Run (Correct)
  • HKEY_CURRENT_USER\Microsoft\Default

Answer : HKEY_LOCAL_MACHINE\Software\Microsoft\CurrentVersion\Run

Your company uses Cisco routers exclusively throughout the network. After securing the routers to the best of your knowledge, an outside security firm is brought in to assess the network security. Although they found very few issues, they were able to enumerate the model, OS version, and capabilities for all your Cisco routers with very little effort. Which feature will you disable to eliminate the ability to enumerate this information on your Cisco routers?


Options are :

  • Border GatewayProtocol
  • Cisco Discovery Protocol (Correct)
  • Broadcast System Protocol
  • Simple Network Management Protocol

Answer : Cisco Discovery Protocol

ECCouncil EC0-479 Certified Security Analyst (ECSA) Exam Set 3

You are running through a series of tests on your network to check for any security vulnerabilities. After normal working hours, you initiate a DoS attack against your external firewall. The firewall Quickly freezes up and becomes unusable. You then initiate an FTP connection from an external IP into your internal network. The connection is successful even though you have FTP blocked at the external firewall. What has happened?


Options are :

  • The firewall failed-open (Correct)
  • The firewall failed-bypass
  • The firewall failed-closed
  • The firewall ACL has been purged

Answer : The firewall failed-open

Software firewalls work at which layer of the OSI model?


Options are :

  • Data Link (Correct)
  • Application
  • Transport
  • Network

Answer : Data Link

Jason has set up a honeypot environment by creating a DMZ that has no physical or logical access to his production network. In this honeypot, he has placed a server running Windows Active Directory. He has also placed a Web server in the DMZ that services a number of web pages that offer visitors a chance to download sensitive information by clicking on a button. A week later, Jason finds in his network logs how an intruder accessed the honeypot and downloaded sensitive information. Jason uses the logs to try and prosecute the intruder for stealing sensitive corporate information. Why will this not be viable?


Options are :

  • Intruding into a honeypot is not illegal
  • Enticement
  • Entrapment (Correct)
  • Intruding into a DMZ is not illegal

Answer : Entrapment

EC0-349 ECCouncil Computer Hacking Forensic Investigator Set 12

Harold is a security analyst who has just run the rdisk /s command to grab the backup SAM files on a computer. Where should Harold navigate on the computer to find the file?


Options are :

  • %systemroot%\LSA
  • %systemroot%\system32\drivers\etc
  • %systemroot%\repair (Correct)
  • %systemroot%\system32\LSA

Answer : %systemroot%\repair

You are carrying out the last round of testing for your new website before it goes live. The website has many dynamic pages and connects to a SQL backend that accesses your product inventory in a database. You come across a web security site that recommends inputting the following code into a search field on web pages to check for vulnerabilities: When you type this and click on search, you receive a pop-up window that says: "This is a test." What is the result of this test?


Options are :

  • Your website is vulnerable to web bugs
  • Your website is vulnerable to CSS (Correct)
  • Your website is not vulnerable
  • Your website is vulnerable to SQL injection

Answer : Your website is vulnerable to CSS

Larry is an IT consultant who works for corporations and government agencies. Larry plans on shutting down the city's network using BGP devices and zombies? What type of Penetration Testing is Larry planning to carry out?


Options are :

  • DoS Penetration Testing (Correct)
  • Firewall Penetration Testing
  • Internal Penetration Testing
  • Router Penetration Testing

Answer : DoS Penetration Testing

ECCouncil 312-38 Network Security Administrator (ENSA) Exam Set 8

If an attacker's computer sends an IPID of 31400 to a zombie computer on an open port in IDLE scanning, what will be the response?


Options are :

  • 31401 (Correct)
  • 31402
  • The zombie will not send a response
  • 31399

Answer : 31401

What is the following command trying to accomplish?


Options are :

  • Verify that UDP port 445 is open for the 192.168.0.0 network (Correct)
  • Verify that TCP port 445 is open for the 192.168.0.0 network
  • Verify that NETBIOS is running for the 192.168.0.0 network
  • Verify that UDP port 445 is closed for the 192.168.0.0 network

Answer : Verify that UDP port 445 is open for the 192.168.0.0 network

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions