SYN Flood is a DOS attack in which an attacker deliberately violates the three-way handshake and opens a large number of half-open TCP connections. The signature for SYN Flood attack is:
A. The source and destination address having the same value.
B. The source and destination port numbers having the same value.
C. A large number of SYN packets appearing on a network without the corresponding reply packets.
D. A large number of SYN packets appearing on a network with the corresponding reply packets.
You have been called to investigate a sudden increase in network traffic at company. It seems that the traffic generated was too heavy that normal business functions could no longer be rendered to external employees and clients. After a quick investigation, you find that the computer has services running attached to TFN2k and Trinoo software. What do you think was the most likely cause behind this sudden increase in traffic?
A. A distributed denial of service attack.
B. A network card that was jabbering.
C. A bad route on the firewall.
D. Invalid rules entry at the gateway.
When working with Windows systems, what is the RID of the true administrator account?
A. 500
B. 501
C. 1000
D. 1001
E. 1024
F. 512
When working with Windows systems, what is the RID of the true administrator account?
A. 500
B. 501
C. 512
D. 1001
E. 1024
F. 1000
If you send a SYN to an open port, what is the correct response?(Choose all correct answers.
A. SYN
B. ACK
C. FIN
D. PSH
How does a denial-of-service attack work?
A. A hacker tries to decipher a password by using a system, which subsequently crashes the network
B. A hacker attempts to imitate a legitimate user by confusing a computer or even another person
C. A hacker prevents a legitimate user (or group of users) from accessing a service
D. A hacker uses every character, word, or letter he or she can think of to defeat authentication
A Buffer Overflow attack involves:
A. Using a trojan program to direct data traffic to the target host's memory stack
B. Flooding the target network buffers with data traffic to reduce the bandwidth available to legitimate users
C. Using a dictionary to crack password buffers by guessing user names and passwords
D. Poorly written software that allows an attacker to execute arbitrary code on a target system
What would best be defined as a security test on services against a known vulnerability database using an automated tool?
A. A penetration test
B. A privacy review
C. A server audit
D. A vulnerability assessment
Clive has been monitoring his IDS and sees that there are a huge number of ICMP Echo Reply packets that are being received on the external gateway interface. Further inspection reveals that they are not responses from the internal hosts' requests but simply responses coming from the Internet.
What could be the most likely cause?
A. Someone has spoofed Clive's IP address while doing a smurf attack.
B. Someone has spoofed Clive's IP address while doing a land attack.
C. Someone has spoofed Clive's IP address while doing a fraggle attack.
D. Someone has spoofed Clive's IP address while doing a DoS attack.
What do you call a system where users need to remember only one username and password, and be authenticated for multiple services?
A. Simple Sign-on
B. Unique Sign-on
C. Single Sign-on
D. Digital Certificate
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-50 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.