- Email support@dumps4free.com
Topic 1: Exam Pool A
What is the way to decide how a packet will move from an untrusted outside host to a
protected inside that is behind a firewall, which permits the hacker to determine which ports
are open and if the packets can pass through the packet-filtering of the firewall?
A.
Session hijacking
B.
Firewalking
C.
Man-in-the middle attack
D.
Network sniffing
Firewalking
When you are getting information about a web server, it is very important to know the
HTTP Methods (GET, POST, HEAD, PUT, DELETE, TRACE) that are available because
there are two critical methods (PUT and DELETE). PUT can upload a file to the server and
DELETE can delete a file from the server. You can detect all these methods (GET, POST,
HEAD, DELETE, PUT, TRACE) using NMAP script engine. What Nmap script will help you
with this task?
A.
http-methods
B.
http enum
C.
http-headers
D.
http-git
http-methods
During a recent security assessment, you discover the organization has one Domain Name
Server (DNS) in a Demilitarized Zone (DMZ) and a second DNS server on the internal
network.
What is this type of DNS configuration commonly called?
A.
DynDNS
B.
DNS Scheme
C.
DNSSEC
D.
Split DNS
Split DNS
Which Intrusion Detection System is the best applicable for large environments where
critical assets on the network need extra scrutiny and is ideal for observing sensitive
network segments?
A.
Honeypots
B.
Firewalls
C.
Network-based intrusion detection system (NIDS)
D.
Host-based intrusion detection system (HIDS)
Network-based intrusion detection system (NIDS)
Which of the following is the BEST way to defend against network sniffing?
A.
Using encryption protocols to secure network communications
B.
Register all machines MAC Address in a Centralized Database
C.
Use Static IP Address
D.
Restrict Physical Access to Server Rooms hosting Critical Servers
Using encryption protocols to secure network communications
Explanation:
https://en.wikipedia.org/wiki/Sniffing_attack
To prevent networks from sniffing attacks, organizations and individual users should keep
away from applications using insecure protocols, like basic HTTP authentication, File
Transfer Protocol (FTP), and Telnet. Instead, secure protocols such as HTTPS, Secure File
Transfer Protocol (SFTP), and Secure Shell (SSH) should be preferred. In case there is a
necessity for using any insecure protocol in any application, all the data transmission
should be encrypted. If required, VPN (Virtual Private Networks) can be used to provide
secure access to users.
NOTE: I want to note that the wording "best option" is valid only for the EC-Council's exam
since the other options will not help against sniffing or will only help from some specific
attack vectors.
The sniffing attack surface is huge. To protect against it, you will need to implement a
complex of measures at all levels of abstraction and apply controls at the physical,
administrative, and technical levels. However, encryption is indeed the best option of all,
even if your data is intercepted - an attacker cannot understand it.
| Page 23 out of 114 Pages |
| Previous |