Which of the following are the two types of reconnaissance?
A. Direct and Indirect
B. Active and passive
C. Active and Invasive
D. Preliminary and active
What level of encryption is used by syskey?
A. 128-bit
B. 256-bit
C. 64-bit
D. 32-bit
John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we-are-secure.com. He performs Web vulnerability scanning on the We-are-secure
server.
The output of the scanning test is as follows:
C.\whisker.pl -h target_IP_address
-- whisker / v1.4.0 / rain forest puppy / www.wiretrip.net -- = - = - = - = - =
= Host: target_IP_address
= Server: Apache/1.3.12 (Win32) ApacheJServ/1.1
mod_ssl/2.6.4 OpenSSL/0.9.5a mod_perl/1.22
+ 200 OK: HEAD /cgi-bin/printenv
John recognizes /cgi-bin/printenv vulnerability ('Printenv' vulnerability) in the We_are_secure server. Which of the following statements about 'Printenv' vulnerability are true? Each correct answer represents a complete solution. Choose all that apply.
A. The countermeasure to 'printenv' vulnerability is to remove the CGI script.
B. 'Printenv' vulnerability maintains a log file of user activities on the Website, which may be useful for the attacker.
C. With the help of 'printenv' vulnerability, an attacker can input specially crafted links and/or other malicious scripts.
D. This vulnerability helps in a cross site scripting attack.
Which of the following algorithms produces a digital signature which is used to authenticate the bit- stream images?
A. BOINIC
B. HashClash
C. MD5
D. MD6
Which of the following agencies is responsible for handling computer crimes in the United States?
A. The FBI only
B. The Federal Bureau of Investigation (FBI) and the Secret Service
C. The Central Intelligence Agency (CIA)
D. The National Security Agency (NSA)
Which of the following is true for XSS, SQL injection, and RFI?
A. These are Trojans.
B. These are hacking tools.
C. These are viruses.
D. These are types of Web application vulnerabilities.
Which of the following law does not protect intellectual property?
A. Patent law
B. Copyright
C. Murphy's law
D. Trademark
Which of the following attacks is used to hack simple alphabetical passwords?
A. Man-in-the-middle attack
B. Dictionary-based attack
C. Black hat attack
D. Sniffing
Which of the following is the name given to expert groups that handle computer security incidents?
A. Computer forensic team
B. Z-Force
C. Software development team
D. CSIRT
Which of the following is used in asymmetric encryption?
A. Public key and user key
B. NTFS
C. Public key and private key
D. SSL
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your ECSS exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.