[Free] 2017(Sep) EnsurePass Pass4sure ECCouncil EC0-350 Dumps with VCE and PDF 391-400

Ensurepass.com : Ensure you pass the IT Exams
2017 Sep ECCouncil Official New Released EC0-350
100% Free Download! 100% Pass Guaranteed!
http://www.EnsurePass.com/EC0-350.html

Ethical Hacking and Countermeasures V8

Question No: 391 – (Topic 4)

Which initial procedure should an ethical hacker perform after being brought into an organization?

  1. Begin security testing.

  2. Turn over deliverables.

  3. Sign a formal contract with non-disclosure.

  4. Assess what the organization is trying to protect.

Answer: C

Question No: 392 – (Topic 4)

Which of the following lists are valid data-gathering activities associated with a risk assessment?

  1. Threat identification, vulnerability identification, control analysis

  2. Threat identification, response identification, mitigation identification

  3. Attack profile, defense profile, loss profile

  4. System profile, vulnerability identification, security determination

Answer: A

Question No: 393 – (Topic 4)

An engineer is learning to write exploits in C and is using the exploit tool Backtrack. The engineer wants to compile the newest C exploit and name it calc.exe. Which command would the engineer use to accomplish this?

  1. g hackersExploit.cpp -o calc.exe

  2. g hackersExploit.py -o calc.exe

  3. g -i hackersExploit.pl -o calc.exe

  4. g -compile -i hackersExploit.cpp -o calc.exe

Answer: A

Question No: 394 – (Topic 4)

Which of the following is an example of an asymmetric encryption implementation?

  1. SHA1

  2. PGP

  3. 3DES

  4. MD5

Answer: B

Question No: 395 – (Topic 4)

Diffie-Hellman (DH) groups determine the strength of the key used in the key exchange process. Which of the following is the correct bit size of the Diffie-Hellman (DH) group 5?

  1. 768 bit key

  2. 1025 bit key

  3. 1536 bit key

  4. 2048 bit key

Answer: C

Question No: 396 – (Topic 4)

When comparing the testing methodologies of Open Web Application Security Project (OWASP) and Open Source Security Testing Methodology Manual (OSSTMM) the main difference is

  1. OWASP is for web applications and OSSTMM does not include web applications.

  2. OSSTMM is gray box testing and OWASP is black box testing.

  3. OWASP addresses controls and OSSTMM does not.

  4. OSSTMM addresses controls and OWASP does not.

Answer: D

Question No: 397 – (Topic 4)

What is a successful method for protecting a router from potential smurf attacks?

  1. Placing the router in broadcast mode

  2. Enabling port forwarding on the router

  3. Installing the router outside of the network#39;s firewall

  4. Disabling the router from accepting broadcast ping messages

Answer: D

Question No: 398 – (Topic 4)

One advantage of an application-level firewall is the ability to

  1. filter packets at the network level.

  2. filter specific commands, such as http:post.

  3. retain state information for each packet.

  4. monitor tcp handshaking.

Answer: B

Question No: 399 – (Topic 4)

A hacker is attempting to use nslookup to query Domain Name Service (DNS). The hacker uses the nslookup interactive mode for the search. Which command should the hacker type into the command shell to request the appropriate records?

  1. Locate type=ns

  2. Request type=ns

  3. Set type=ns

  4. Transfer type=ns

Answer: C

Question No: 400 – (Topic 4)

Which of the statements concerning proxy firewalls is correct?

  1. Proxy firewalls increase the speed and functionality of a network.

  2. Firewall proxy servers decentralize all activity for an application.

  3. Proxy firewalls block network packets from passing to and from a protected network.

  4. Computers establish a connection with a proxy firewall which initiates a new network connection for the client.

Answer: D

Topic 5, Volume E

100% Ensurepass Free Download!
Download Free Demo:EC0-350 Demo PDF
100% Ensurepass Free Guaranteed!
Download 2017 EnsurePass EC0-350 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 EnsurePass IT Certification PDF and VCE

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.