312-50 EC-Council Exam Questions and Free Practice Test

Question 139

- (Topic 5)
Fingerprinting an Operating System helps a cracker because:

A. It defines exactly what software you have installed

B. It opens a security-delayed window based on the port being scanned

C. It doesn't depend on the patches that have been applied to fix existing security holes

D. It informs the cracker of which vulnerabilities he may be able to exploit on your system

Correct Answer:D
When a cracker knows what OS and Services you use he also knows which exploits might work on your system. If he would have to try all possible exploits for all possible Operating Systems and Services it would take too long time and the possibility of being detected increases.

Question 140

- (Topic 4)
Which definition among those given below best describes a covert channel?

A. A server program using a port that is not well known.

B. Making use of a protocol in a way it is not intended to be used.

C. It is the multiplexing taking place on a communication link.

D. It is one of the weak channels used by WEP which makes it insecure.

Correct Answer:B
A covert channel is described as: "any communication channel that can be exploited by a process to transfer information in a manner that violates the systems security policy." Essentially, it is a method of communication that is not part of an actual computer system design, but can be used to transfer information to users or system processes that normally would not be allowed access to the information.

Question 141

- (Topic 10)
What type of cookies can be generated while visiting different web sites on the Internet?

A. Permanent and long term cookies.

B. Session and permanent cookies.

C. Session and external cookies.

D. Cookies are all the same, there is no such thing as different type of cookies.

Correct Answer:B
There are two types of cookies: a permanent cookie that remains on a visitor's computer for a given time and a session cookie the is temporarily saved in the visitor's computer memory during the time that the visitor is using the Web site. Session cookies disappear when you close your Web browser.

Question 142

- (Topic 3)
The FIN flag is set and sent from host A to host B when host A has no more data to transmit (Closing a TCP connection). This flag releases the connection resources. However, host A can continue to receive data as long as the SYN sequence number of transmitted packets from host B are lower than the packet segment containing the set FIN flag.

A. True

B. False

Correct Answer:A
For sequence number purposes, the SYN is considered to occur before the first actual data octet of the segment in which it occurs, while the FIN is considered to occur after the last actual data octet in a segment in which it occurs. So packets receiving out of order will still be accepted.

Question 143

- (Topic 3)
Destination unreachable administratively prohibited messages can inform the hacker to what?

A. That a circuit level proxy has been installed and is filtering traffic

B. That his/her scans are being blocked by a honeypot or jail

C. That the packets are being malformed by the scanning software

D. That a router or other packet-filtering device is blocking traffic

E. That the network is functioning normally

Correct Answer:D
Destination unreachable administratively prohibited messages are a good way to discover that a router or other low-level packet device is filtering traffic. Analysis of the ICMP message will reveal the IP address of the blocking device and the filtered port. This further adds the to the network map and information being discovered about the network and hosts.

Question 144

- (Topic 21)
What are the different between SSL and S-HTTP?

A. SSL operates at the network layer and S-HTTP operates at the application layer

B. SSL operates at the application layer and S-HTTP operates at the network layer

C. SSL operates at transport layer and S-HTTP operates at the application layer

D. SSL operates at the application layer and S-HTTP operates at the transport layer

Correct Answer:C
Whereas SSL is designed to establish a secure connection between two computers, S-HTTP is designed to send individual messages securely. S-HTTP is defined in RFC 2660

START 312-50 EXAM