312-50 EC-Council Exam Questions and Free Practice Test

Question 151

- (Topic 18)
On a backdoored Linux box there is a possibility that legitimate programs are modified or trojaned. How is it possible to list processes and uids associated with them in a more reliable manner?

A. Use "Is"

B. Use "lsof"

C. Use "echo"

D. Use "netstat"

Correct Answer:B
lsof is a command used in many Unix-like systems that is used to report a list of all open files and the processes that opened them. It works in and supports several UNIX flavors.

Question 152

- (Topic 9)
Dave has been assigned to test the network security of Acme Corp. The test was announced to the employees. He created a webpage to discuss the progress of the tests with employees who were interested in following the test. Visitors were allowed to click on a sand clock to mark the progress of the test. Dave successfully embeds a keylogger. He also added some statistics on the webpage. The firewall protects the network well and allows strict Internet access. How was security compromised and how did the firewall respond?

A. The attack did not fall through as the firewall blocked the traffic

B. The attack was social engineering and the firewall did not detect it

C. The attack was deception and security was not directly compromised

D. Security was not compromised as the webpage was hosted internally

Correct Answer:B
This was just another way to trick the information out of the users without the need to hack into any systems. All traffic is outgoing and initiated by the user so the firewall will not react.

START 312-50 EXAM