Eccouncil 312-50 Quiz 2 Topic 3 Questions 6-10

Question: 1

DHCP snooping is a great solution to prevent rogue DHCP servers on your network. Which security feature on switches leverages the DHCP snooping database to help prevent man-in-the-middle attacks?

APort security

BA Layer 2 Attack Prevention Protocol (LAPP)

CDynamic ARP inspection (DAI)

DSpanning tree

Show Answer

Question: 2

How can you determine if an LM hash you extracted contains a password that is less than 8 characters long?

AThere is no way to tell because a hash cannot be reversed

BThe right most portion of the hash is always the same

CThe hash always starts with AB923D

DThe left most portion of the hash is always the same

EA portion of the hash will be all 0's

Show Answer

Question: 3

What is the main difference between a ''Normal'' SQL Injection and a ''Blind'' SQL Injection vulnerability?

AThe request to the web server is not visible to the administrator of the vulnerable application.

BThe attack is called ''Blind'' because, although the application properly filters user input, it is still vulnerable to code injection.

CThe successful attack does not show an error message to the administrator of the affected application.

DThe vulnerable application does not display errors with information about the injection results to the attacker.

Show Answer

Question: 4

What is the outcome of the comm''nc -l -p 2222 | nc 10.1.0.43 1234"?

ANetcat will listen on the 10.1.0.43 interface for 1234 seconds on port 2222.

BNetcat will listen on port 2222 and output anything received to a remote connection on 10.1.0.43 port 1234.

CNetcat will listen for a connection from 10.1.0.43 on port 1234 and output anything received to port 2222.

DNetcat will listen on port 2222 and then output anything received to local interface 10.1.0.43.

Show Answer

Question: 5

While using your bank's online servicing you notice the following string in the URL bar: ''http://www.MyPersonalBank.com/account?id=368940911028389&Damount=10980&Camount=21''

You observe that if you modify the Damount & Camount values and submit the request, that data on the web page reflect the changes.

Which type of vulnerability is present on this site?

AWeb Parameter Tampering

BCookie Tampering

CXSS Reflection

DSQL injection

Show Answer

Eccouncil 312-50 Quiz:2 Topic:3 Questions:6-10