Which of the following statements are true about session hijacking?
Each correct answer represents a complete solution. Choose all that apply.
A. TCP session hijacking is when a hacker takes over a TCP session between two machines.
B. It is used to slow the working of victim's network resources.
C. Use of a long random number or string as the session key reduces session hijacking.
D. It is the exploitation of a valid computer session to gain unauthorized access to informationor services in a computer system.
Which of the following Linux rootkits allows attackers to hide files, processes, and network connections?
Each correct answer represents a complete solution. Choose all that apply.
A. Phalanx2
B. Adore
C. Knark
D. Beastkit
Who among the following are security experts who specialize in penetration testing and other testing methodologies to ensure that their company's information systems are secure?
Each correct answer represents a complete solution. Choose all that apply.
A. Black hat hackers
B. White hat hackers
C. Script Kiddies
D. Ethical hackers
You work as a Network Administrator for ABC Inc. The company uses a secure wireless network.
John complains to you that his computer is not working properly. What type of security audit do you need to conduct to resolve the problem?
A. Independent audit
B. Operational audit
C. Non-operational audit
D. Dependent audit
Which of the following softwares is used to perform constant monitoring of the network infrastructure?
A. Logdog
B. THCHydra
C. IPSentry
D. Cain
You work as a Network Administrator for Tech Perfect Inc. The company has a Windows Server 2008 network environment. The network is configured as a Windows Active Directory-based single forest domain-based network. The company has recently provided fifty laptops to its sales team members. You are required to configure an 802.11 wireless network for the laptops. The sales team members must be able to use their data placed at a server in a cabled network. The planned network should be able to handle the threat of unauthorized access and data interception by an unauthorized user. You are also required to prevent the sales team members from communicating directly to one another. Which of the following actions will you perform to accomplish the task?
Each correct answer represents a complete solution. Choose all that apply.
A. Implement the open system authentication for the wireless network.
B. Implement the IEEE 802.1X authentication for the wireless network.
C. Configure the wireless network to use WEP encryption for the data transmitted over a wireless network.
D. Using group policies, configure the network to allow the wireless computers to connect to the infrastructure networks only.
E. Using group policies, configure the network to allow the wireless computers to connect to the ad hoc networks only.
Which of the following uses public key cryptography to encrypt the contents of files?
A. EFS
B. DFS
C. NTFS
D. RFS
Victor wants to use Wireless Zero Configuration (WZC) to establish a wireless network connection using his computer running on Windows XP operating system. Which of the following are the most likely threats to his computer? Each correct answer represents a complete solution. Choose two.
A. Information of probing for networks can be viewed using a wireless analyzer and may be used to gain access.
B. Attacker can use the Ping Flood DoS attack if WZC is used.
C. Attacker by creating a fake wireless network with high power antenna cause Victor's computer to associate with his network to gain access.
D. It will not allow the configuration of encryption and MAC filtering. Sending information is not secure on wireless network.
John works as a Professional Ethical Hacker for NetPerfect Inc. The company has a Linux-based network. All client computers are running on Red Hat 7.0 Linux. The Sales Manager of the company complains to John that his system contains an unknown package named as tar.gz and his documents are exploited. To resolve the problem, John uses a Port scanner to enquire about the open ports and finds out that the HTTP server service port on 27374 is open. He suspects that the other computers on the network are also facing the same problem. John discovers that a malicious application is using the synscan tool to randomly generate IP addresses.
Which of the following worms has attacked the computer?
A. Code red
B. Ramen
C. LoveLetter
D. Nimda
Which two technologies should research groups use for secure VPN access while traveling?
(Click the Exhibit button on the toolbar to see the case study.)
Each correct answer represents a complete solution. Choose two.
A. SSL
B. Kerberos authentication
C. PPTP
D. Smart cards
E. Encrypting File System (EFS)
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your ECSS exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.