Latest ECCouncil 312-50v8 Real Exam Download 791-800

QUESTION 791
You find the following entries in your web log. Each shows attempted access to either root.exe or cmd.exe.
What caused this?
clip_image002
A. The Morris worm
B. The PIF virus
C. Trinoo
D. Nimda
E. Code Red
F. Ping of Death
Answer: 
The Nimda worm modifies all web content files it finds. As a result,any user browsing web content on the system,whether via the file system or via a web server,may download a copy of the worm. Some browsers may automatically execute the downloaded copy,thereby,infecting the browsing system. The high scanning rate of the Nimda worm may also cause bandwidth denial-of-service conditions on networks with infected machines and allow intruders the ability to execute arbitrary commands within the Local System security context on machines running the unpatched versions of IIS.
QUESTION 792
Which are true statements concerning the BugBear and Pretty Park worms?
Select the best answers.
A. Both programs use email to do their work.
B. Pretty Park propagates via network shares and email
C. BugBear propagates via network shares and email
D. Pretty Park tries to connect to an IRC server to send your personal passwords.
E. Pretty Park can terminate anti-virus applications that might be running to bypass them.
Answer: A,C,D 
Explanations: Both Pretty Park and BugBear use email to spread. Pretty Park cannot propagate via network shares,only email. BugBear propagates via network shares and email. It also terminates anti-virus applications and acts as a backdoor server for someone to get into the infected machine. Pretty Park tries to connect to an IRC server to send your personal passwords and all sorts of other information it retrieves from your PC. Pretty Park cannot terminate anti-virus applications. However,BugBear can terminate AV software so that it can bypass them.
QUESTION 793
One of the better features of NetWare is the use of packet signature that includes cryptographic signatures. The packet signature mechanism has four levels from 0 to 3.
In the list below which of the choices represent the level that forces NetWare to sign all packets?
A. 0 (zero)
B. 1
C. 2
D. 3
Answer: 
0Server does not sign packets (regardless of the client level).
1Server signs packets if the client is capable of signing (client level is 2 or higher).
2Server signs packets if the client is capable of signing (client level is 1 or higher).
3Server signs packets and requires all clients to sign packets or logging in will fail.
QUESTION 794
Which is the Novell Netware Packet signature level used to sign all packets ?
A. 0
B. 1
C. 2
D. 3
Answer: 
Level 0 is no signature,Level 3 is communication using signature only.
QUESTION 795
If you receive a RST packet while doing an ACK scan, it indicates that the port is open.(True/False).
A. True
B. False
Answer: A
 When and ACK is sent to an open port,a RST is returned.
QUESTION 796
If you perform a port scan with a TCP ACK packet, what should an OPEN port return?
A. RST
B. No Reply
C. SYN/ACK
D. FIN
Answer: A
 Open ports return RST to an ACK scan.
QUESTION 797
Pandora is used to attack __________ network operating systems.
A. Windows
B. UNIX
C. Linux
D. Netware
E. MAC OS
Answer: 
While there are not lots of tools available to attack Netware,Pandora is one that can be used.
QUESTION 798
What is the name of the software tool used to crack a single account on Netware Servers using a dictionary attack?
A. NPWCrack
B. NWPCrack
C. NovCrack
D. CrackNov
E. GetCrack
Answer: B
 NWPCrack is the software tool used to crack single accounts on Netware servers.
QUESTION 799
Which of the following is NOT a valid NetWare access level?
A. Not Logged in
B. Logged in
C. Console Access
D. Administrator
Answer: 
Administrator is an account not a access level.
QUESTION 800
Windump is the windows port of the famous TCPDump packet sniffer available on a variety of platforms. In order to use this tool on the Windows platform you must install a packet capture library.
What is the name of this library?
A. NTPCAP
B. LibPCAP
C. WinPCAP
D. PCAP
Answer: C
 WinPcap is the industry-standard tool for link-layer network access in Windows environments: it allows applications to capture and transmit network packets bypassing the protocol stack,and has additional useful features,including kernel-level packet filtering,a network statistics engine and support for remote packet capture.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s