Download Ec-council.Examsheets.312-50.v2014-02-04.by.Batista

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Document related concepts

Computer and network surveillance wikipedia, lookup

Computer security compromised by hardware failure wikipedia, lookup

Transcript
D. Ping of Death
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
A fraggle attack is a variation of the smurf attack for denial of service in which the attacker sends spoofed UDP
packets instead of ICMP echo reply (ping) packets to the broadcast address of a large network.
QUESTION 711
Peter is a Network Admin. He is concerned that his network is vulnerable to a smurf attack. What should Peter
do to prevent a smurf attack?
Select the best answer.
A.
B.
C.
D.
E.
He should disable unicast on all routers
Disable multicast on the router
Turn off fragmentation on his router
Make sure all anti-virus protection is updated on all systems
Make sure his router won't take a directed broadcast
Correct Answer: E
Section: (none)
Explanation
Explanation/Reference:
Explanation: Explanations:
Unicasts are one-to-one IP transmissions,by disabling this he would disable most network transmissions but
still not prevent the smurf attack. Turning of multicast or fragmentation on the router has nothing to do with
Peter's concerns as a smurf attack uses broadcast,not multicast and has nothing to do with fragmentation. Antivirus protection will not help prevent a smurf attack. A smurf attack is a broadcast from a spoofed source. If
directed broadcasts are enabled on the destination all the computers at the destination will respond to the
spoofed source,which is really the victim. Disabling directed broadcasts on a router can prevent the attack.
QUESTION 712
John is using tokens for the purpose of strong authentication. He is not confident that his security is
considerably strong.
In the context of Session hijacking why would you consider this as a false sense of security?
A.
B.
C.
D.
The token based security cannot be easily defeated.
The connection can be taken over after authentication.
A token is not considered strong authentication.
Token security is not widely used in the industry.
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
Explanation: A token will give you a more secure authentication,but the tokens will not help against attacks that
are directed against you after you have been authenticated.
QUESTION 713
What is the key advantage of Session Hijacking?