EC COUNCIL-Ethical Hacking and Countermeasures V7 Set 4

This method is used to determine the operating system and version running on a remote target system. What is it called?

William has received a Chess game from someone in his computer programming class through email. William does not really know the person who sent the game very well, but decides to install the game anyway because he really likes Chess. After William installs the game, he plays it for a couple of hours. The next day, William plays the Chess game again and notices that his machine has begun to slow down. He brings up his Task Manager and sees the following programs running: What has William just installed?

You are gathering competitive intelligence on an organization. You notice that they have jobs listed on a few Internet job-hunting sites. There are two jobs for network and system administrators. How can this help you in foot printing the organization?

TCP packets transmitted in either direction after the initial three-way handshake will have which of the following bit set?

The programmers on your team are analyzing the free, open source software being used to run FTP services on a server in your organization. They notice that there is excessive number of functions in the source code that might lead to buffer overflow. These C++ functions do not check bounds. Identify the line in the source code that might lead to buffer overflow?

Which of the following steganography utilities exploits the nature of white space and allows the user to conceal information in these white spaces?

You have chosen a 22 character word from the dictionary as your password. How long will it take to crack the password by an attacker?

While testing web applications, you attempt to insert the following test script into the search area on the company's web site: Later, when you press the search button, a pop up box appears on your screen with the text "Testing Testing Testing". What vulnerability is detected in the web application here?

What techniques would you use to evade IDS during a Port Scan? (Select 4 answers)

Bob was frustrated with his competitor, Brownies Inc., and decided to launch an attack that would result in serious financial losses. He planned the attack carefully and carried out the attack at the appropriate moment. Meanwhile, Trent, an administrator at Brownies Inc., realized that their main financial transaction server had been attacked. As a result of the attack, the server crashed and Trent needed to reboot the system, as no one was able to access the resources of the company. This process involves human interaction to fix it. What kind of Denial of Service attack was best illustrated in the scenario above?