[Free] 2018(Jan) EnsurePass Dumpsleader ECCouncil EC0-350 Dumps with VCE and PDF 231-240

Ensurepass.com : Ensure you pass the IT Exams
2018 Jan ECCouncil Official New Released EC0-350
100% Free Download! 100% Pass Guaranteed!

Ethical Hacking and Countermeasures V8

Question No: 231 – (Topic 3)

Which tool would be used to collect wireless packet data?

  1. NetStumbler

  2. John the Ripper

  3. Nessus

  4. Netcat

Answer: A

Question No: 232 – (Topic 3)

John runs a Web server, IDS and firewall on his network. Recently his Web server has been under constant hacking attacks. He looks up the IDS log files and sees no intrusion attempts but the Web server constantly locks up and needs rebooting due to various brute force and buffer overflow attacks but still the IDS alerts no intrusion whatsoever. John becomes suspicious and views the Firewall logs and he notices huge SSL connections constantly hitting his Web server. Hackers have been using the encrypted HTTPS protocol to send exploits to the Web server and that was the reason the IDS did not detect the intrusions. How would John protect his network from these types of attacks?

  1. Install a proxy server and terminate SSL at the proxy

  2. Enable the IDS to filter encrypted HTTPS traffic

  3. Install a hardware SSL quot;acceleratorquot; and terminate SSL at this layer

  4. Enable the Firewall to filter encrypted HTTPS traffic

Answer: A,C

Question No: 233 – (Topic 3)

John is the network administrator of XSECURITY systems. His network was recently compromised. He analyzes the log files to investigate the attack. Take a look at the following Linux log file snippet. The hacker compromised and quot;ownedquot; a Linux machine. What is the hacker trying to accomplish here?

Ensurepass 2018 PDF and VCE

  1. The hacker is attempting to compromise more machines on the network

  2. The hacker is planting a rootkit

  3. The hacker is running a buffer overflow exploit to lock down the system

  4. The hacker is trying to cover his tracks

Answer: D

Question No: 234 – (Topic 3)

Keystroke logging is the action of tracking (or logging) the keys struck on a keyboard, typically in a covert manner so that the person using the keyboard is unaware that their actions are being monitored.

Ensurepass 2018 PDF and VCE

Ensurepass 2018 PDF and VCE

How will you defend against hardware keyloggers when using public computers and Internet Kiosks? (Select 4 answers)

  1. Alternate between typing the login credentials and typing characters somewhere else in the focus window

  2. Type a wrong password first, later type the correct password on the login page defeating the keylogger recording

  3. Type a password beginning with the last letter and then using the mouse to move the cursor for each subsequent letter.

  4. The next key typed replaces selected text portion. E.g. if the password is quot;secretquot;, one could type quot;squot;, then some dummy keys quot;asdfsdquot;.

    Then these dummies could be selected with mouse, and next character from the password quot;equot; is typed, which replaces the dummies


  5. The next key typed replaces selected text portion. E.g. if the password is quot;secretquot;, one could type quot;squot;, then some dummy keys quot;asdfsdquot;.

Then these dummies could be selected with mouse, and next character from the password quot;equot; is typed, which replaces the dummies


Answer: A,C,D,E

Question No: 235 – (Topic 3)

Harold just got home from working at Henderson LLC where he works as an IT technician. He was able to get off early because they were not too busy. When he walks into his home office, he notices his teenage daughter on the computer, apparently chatting with someone online. As soon as she hears Harold enter the room, she closes all her windows and tries to act like she was playing a game. When Harold asks her what she was doing, she acts very nervous and does not give him a straight answer. Harold is very concerned because he does not want his daughter to fall victim to online predators and the sort. Harold doesn#39;t necessarily want to install any programs that will restrict the sites his daughter goes to, because he doesn#39;t want to alert her to his trying to figure out what she is doing. Harold wants to use some kind of program that will track her activities online, and send Harold an email of her activity once a day so he can see what she has been up to. What kind of software could Harold use to accomplish this?

  1. Install hardware Keylogger on her computer

  2. Install screen capturing Spyware on her computer

  3. Enable Remote Desktop on her computer

  4. Install VNC on her computer

Answer: B

Question No: 236 – (Topic 3)

In the software security development life cyle process, threat modeling occurs in which phase?

  1. Design

  2. Requirements

  3. Verification

  4. Implementation

Answer: A

Question No: 237 – (Topic 3)

Neil is an IT security consultant working on contract for Davidson Avionics. Neil has been hired to audit the network of Davidson Avionics. He has been given permission to perform any tests necessary. Neil has created a fake company ID badge and uniform. Neil waits by one of the company#39;s entrance doors and follows an employee into the office after they use their valid access card to gain entrance. What type of social engineering attack has Neil employed here?

  1. Neil has used a tailgating social engineering attack to gain access to the offices

  2. He has used a piggybacking technique to gain unauthorized access

  3. This type of social engineering attack is called man trapping

  4. Neil is using the technique of reverse social engineering to gain access to the offices of Davidson Avionics

Answer: A

Question No: 238 – (Topic 3)

A company has made the decision to host their own email and basic web services. The administrator needs to set up the external firewall to limit what protocols should be allowed to get to the public part of the company#39;s network. Which ports should the administrator open? (Choose three.)

  1. Port 22

  2. Port 23

  3. Port 25

  4. Port 53

  5. Port 80

  6. Port 139

  7. Port 445

Answer: C,D,E

Question No: 239 – (Topic 3)

During a penetration test, the tester conducts an ACK scan using NMAP against the external interface of the DMZ firewall. NMAP reports that port 80 is unfiltered. Based on this response, which type of packet inspection is the firewall conducting?

  1. Host

  2. Stateful

  3. Stateless

  4. Application

Answer: C

Question No: 240 – (Topic 3)

Some passwords are stored using specialized encryption algorithms known as hashes. Why is this an appropriate method?

  1. It is impossible to crack hashed user passwords unless the key used to encrypt them is obtained.

  2. If a user forgets the password, it can be easily retrieved using the hash key stored by administrators.

  3. Hashing is faster compared to more traditional encryption algorithms.

  4. Passwords stored using hashes are non-reversible, making finding the password much more difficult.

Answer: D

100% Ensurepass Free Download!
Download Free Demo:EC0-350 Demo PDF
100% Ensurepass Free Guaranteed!
EC0-350 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.