[Free] 2018(Jan) EnsurePass Dumpsleader ECCouncil EC0-350 Dumps with VCE and PDF 11-20

Ensurepass.com : Ensure you pass the IT Exams
2018 Jan ECCouncil Official New Released EC0-350
100% Free Download! 100% Pass Guaranteed!

Ethical Hacking and Countermeasures V8

Question No: 11 – (Topic 1)

Ensurepass 2018 PDF and VCE

An attacker finds a web page for a target organization that supplies contact information for the company. Using available details to make the message seem authentic, the attacker drafts e-mail to an employee on the contact page that appears to come from an individual who might reasonably request confidential information, such as a network administrator.

The email asks the employee to log into a bogus page that requests the employee#39;s user name and password or click on a link that will download spyware or other malicious programming.

Google#39;s Gmail was hacked using this technique and attackers stole source code and sensitive data from Google servers. This is highly sophisticated attack using zero-day exploit vectors, social engineering and malware websites that focused on targeted individuals working for the company.

What is this deadly attack called?

  1. Spear phishing attack

  2. Trojan server attack

  3. Javelin attack

  4. Social networking attack

Answer: A

Question No: 12 – (Topic 1)

Cyber Criminals have long employed the tactic of masking their true identity. In IP spoofing, an attacker gains unauthorized access to a computer or a network by making it appear that a malicious message has come from a trusted machine, by quot;spoofingquot; the IP address of that machine.

How would you detect IP spoofing?

  1. Check the IPID of the spoofed packet and compare it with TLC checksum. If the numbers match then it is spoofed packet

  2. Probe a SYN Scan on the claimed host and look for a response SYN/FIN packet, if the connection completes then it is a spoofed packet

  3. Turn on #39;Enable Spoofed IP Detection#39; in Wireshark, you will see a flag tick if the packet is spoofed

  4. Sending a packet to the claimed host will result in a reply. If the TTL in the reply is not the same as the packet being checked then it is a spoofed packet

Answer: D

Question No: 13 – (Topic 1)

Dan is conducting penetration testing and has found a vulnerability in a Web Application which gave him the sessionID token via a cross site scripting vulnerability. Dan wants to replay this token. However, the session ID manager (on the server) checks the originating IP address as well. Dan decides to spoof his IP address in order to replay the sessionID. Why do you think Dan might not be able to get an interactive session?

  1. Dan cannot spoof his IP address over TCP network

  2. The scenario is incorrect as Dan can spoof his IP and get responses

  3. The server will send replies back to the spoofed IP address

  4. Dan can establish an interactive session only if he uses a NAT

Answer: C

Question No: 14 – (Topic 1)

Steven the hacker realizes the network administrator of Acme Corporation is using syskey in Windows 2008 Server to protect his resources in the organization. Syskey independently encrypts the hashes so that physical access to the server, tapes, or ERDs is only first step to cracking the passwords. Steven must break through the encryption used by syskey before he can attempt to use brute force dictionary attacks on the hashes. Steven runs a program called quot;SysCrackerquot; targeting the Windows 2008 Server machine in attempting to crack the hash used by Syskey. He needs to configure the encryption level before he can launch the attack. How many bits does Syskey use for encryption?

  1. 40-bit encryption

  2. 128-bit encryption

  3. 256-bit encryption

  4. 64-bit encryption

Answer: B

Question No: 15 – (Topic 1)

SYN Flood is a DOS attack in which an attacker deliberately violates the three-way handshake and opens a large number of half-open TCP connections. The signature of attack for SYN Flood contains:

  1. The source and destination address having the same value

  2. A large number of SYN packets appearing on a network without the corresponding reply packets

  3. The source and destination port numbers having the same value

  4. A large number of SYN packets appearing on a network with the corresponding reply packets

Answer: B

Question No: 16 – (Topic 1)

Jimmy, an attacker, knows that he can take advantage of poorly designed input validation routines to create or alter SQL commands to gain access to private data or execute commands in the database. What technique does Jimmy use to compromise a database?

  1. Jimmy can submit user input that executes an operating system command to compromise a target system

  2. Jimmy can gain control of system to flood the target system with requests, preventing legitimate users from gaining access

  3. Jimmy can utilize an incorrect configuration that leads to access with higher-than expected privilege of the database

  4. Jimmy can utilize this particular database threat that is an SQL injection technique to penetrate a target system

Answer: D

Question No: 17 – (Topic 1)

David is a security administrator working in Boston. David has been asked by the office#39;s manager to block all POP3 traffic at the firewall because he believes employees are spending too much time reading personal email. How can David block POP3 at the firewall?

  1. David can block port 125 at the firewall.

  2. David can block all EHLO requests that originate from inside the office.

  3. David can stop POP3 traffic by blocking all HELO requests that originate from inside the office.

  4. David can block port 110 to block all POP3 traffic.

Answer: D

Question No: 18 – (Topic 1)

Bob has set up three web servers on Windows Server 2008 IIS 7.0. Bob has followed all the recommendations for securing the operating system and IIS. These servers are going to run numerous e-commerce websites that are projected to bring in thousands of dollars a day. Bob is still concerned about the security of these servers because of the potential for financial loss. Bob has asked his company#39;s firewall administrator to set the firewall to inspect all incoming traffic on ports 80 and 443 to ensure that no malicious data is getting into the network.

Why will this not be possible?

  1. Firewalls cannot inspect traffic coming through port 443

  2. Firewalls can only inspect outbound traffic

  3. Firewalls cannot inspect traffic at all, they can only block or allow certain ports

  4. Firewalls cannot inspect traffic coming through port 80

Answer: C

Question No: 19 – (Topic 1)

What does ICMP (type 11, code 0) denote?

  1. Source Quench

  2. Destination Unreachable

  3. Time Exceeded

  4. Unknown Type

Answer: C

Question No: 20 – (Topic 1)

Jayden is a network administrator for her company. Jayden wants to prevent MAC spoofing on all the Cisco switches in the network. How can she accomplish this?

  1. Jayden can use the commanD. ip binding set.

  2. Jayden can use the commanD. no ip spoofing.

  3. She should use the commanD. no dhcp spoofing.

  4. She can use the commanD. ip dhcp snooping binding.

Answer: D

100% Ensurepass Free Download!
Download Free Demo:EC0-350 Demo PDF
100% Ensurepass Free Guaranteed!
EC0-350 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.