EC-COUNCIL Certified Ethical Hacker v9 - 312-50v9 Exam Practice Test

You have successfully gained access to a linux server and would like to ensure that the succeeding outgoing traffic from the server will not be caught by a Network Based Intrusion Detection System (NIDS).
Which is the best way to evade the NIDS?

You work as a Security Analyst for a retail organization. In securing the company's network, you set up a firewall and an IDS. However, hackers are able to attack the network. After investigating, you discover that your IDS is not configured properly and therefore is unable to trigger alarms when needed. What type of alert is the IDS giving?

Which of the following parameters describe LM Hash:
I - The maximum password length is 14 characters.
II - There are no distinctions between uppercase and lowercase.
III - It's a simple algorithm, so 10,000,000 hashes can be generated per second.

You are a Network Security Officer. You have two machines. The first machine
(192.168.0.99) has snort installed, and the second machine (192.168.0.150) has kiwi syslog installed. You perform a syn scan in your network, and you notice that kiwi syslog is not receiving the alert message from snort. You decide to run wireshark in the snort machine to check if the messages are going to the kiwi syslog machine.
What wireshark filter will show the connections from the snort machineto kiwi syslog machine?

Using Windows CMD, how would an attacker list all the shares to which the current user context hasaccess?

A hacker has successfully infected an internet-facing server, which he will then use to send junk mail, take part incoordinated attacks, or host junk email content.
Which sort of trojan infects this server?

What is the best description of SQL Injection?

The purpose of a ____________ is to deny network access to local area networks and other information assets by unauthorized wireless devices.

How does the Address Resolution Protocol (ARP) work?

You have compromised a server and successfully gained a root access. You want to pivot and pass traffic undetected over the network and evade any possible Intrusion Detection System.
What is the best approach?