[Free] 2018(Jan) EnsurePass Dumpsleader ECCouncil EC0-350 Dumps with VCE and PDF 31-40

Ensurepass.com : Ensure you pass the IT Exams
2018 Jan ECCouncil Official New Released EC0-350
100% Free Download! 100% Pass Guaranteed!

Ethical Hacking and Countermeasures V8

Question No: 31 – (Topic 1)

What type of Trojan is this?

Ensurepass 2018 PDF and VCE

  1. RAT Trojan

  2. E-Mail Trojan

  3. Defacement Trojan

  4. Destructing Trojan

  5. Denial of Service Trojan

Answer: C

Question No: 32 – (Topic 1)

In the context of Trojans, what is the definition of a Wrapper?

  1. An encryption tool to protect the Trojan

  2. A tool used to bind the Trojan with a legitimate file

  3. A tool used to calculate bandwidth and CPU cycles wasted by the Trojan

  4. A tool used to encapsulate packets within a new header and footer

Answer: B Explanation:

Wrapper does not change header or footer of any packets but it mix between legitimate file and Trojan file.

Question No: 33 – (Topic 1)

Lori is a Certified Ethical Hacker as well as a Certified Hacking Forensics Investigator working as an IT security consultant. Lori has been hired on by Kiley Innovators, a large marketing firm that recently underwent a string of thefts and corporate espionage incidents. Lori is told that a rival marketing company came out with an exact duplicate product right before Kiley Innovators was about to release it. The executive team believes that an employee is leaking information to the rival company. Lori questions all employees, reviews server logs, and firewall logs; after which she finds nothing. Lori is then given permission to search through the corporate email system. She searches by email being sent to and sent from the rival marketing company.

She finds one employee that appears to be sending very large email to this other marketing company, even though they should have no reason to be communicating with them. Lori

tracks down the actual emails sent and upon opening them, only finds picture files attached to them. These files seem perfectly harmless, usually containing some kind of joke. Lori decides to use some special software to further examine the pictures and finds that each one had hidden text that was stored in each picture.

What technique was used by the Kiley Innovators employee to send information to the rival marketing company?

  1. The Kiley Innovators employee used cryptography to hide the information in the emails sent

  2. The method used by the employee to hide the information was logical watermarking

  3. The employee used steganography to hide information in the picture attachments

  4. By using the pictures to hide information, the employee utilized picture fuzzing

Answer: C

Question No: 34 – (Topic 1)

How do you defend against Privilege Escalation?

  1. Use encryption to protect sensitive data

  2. Restrict the interactive logon privileges

  3. Run services as unprivileged accounts

  4. Allow security settings of IE to zero or Low

  5. Run users and applications on the least privileges

Answer: A,B,C,E

Question No: 35 – (Topic 1)

One of the effective DoS/DDoS countermeasures is #39;Throttling#39;. Which statement correctly defines this term?

  1. Set up routers that access a server with logic to adjust incoming traffic to levels that will be safe for the server to process

  2. Providers can increase the bandwidth on critical connections to prevent them from going down in the event of an attack

  3. Replicating servers that can provide additional failsafe protection

  4. Load balance each server in a multiple-server architecture

Answer: A

Question No: 36 – (Topic 1)

What does FIN in TCP flag define?

  1. Used to abort a TCP connection abruptly

  2. Used to close a TCP connection

  3. Used to acknowledge receipt of a previous packet or transmission

  4. Used to indicate the beginning of a TCP connection

Answer: B

Question No: 37 – (Topic 1)

While performing a ping sweep of a local subnet you receive an ICMP reply of Code 3/Type 13 for all the pings you have sent out. What is the most likely cause of this?

  1. The firewall is dropping the packets

  2. An in-line IDS is dropping the packets

  3. A router is blocking ICMP

  4. The host does not respond to ICMP packets

Answer: C

Question No: 38 – (Topic 1)

Shayla is an IT security consultant, specializing in social engineering and external penetration tests. Shayla has been hired on by Treks Avionics, a subcontractor for the Department of Defense. Shayla has been given authority to perform any and all tests necessary to audit the company#39;s network security.

No employees for the company, other than the IT director, know about Shayla#39;s work she will be doing. Shayla#39;s first step is to obtain a list of employees through company website contact pages. Then she befriends a female employee of the company through an online chat website. After meeting with the female employee numerous times, Shayla is able to gain her trust and they become friends. One day, Shayla steals the employee#39;s access

badge and uses it to gain unauthorized access to the Treks Avionics offices. What type of insider threat would Shayla be considered?

  1. She would be considered an Insider Affiliate

  2. Because she does not have any legal access herself, Shayla would be considered an Outside Affiliate

  3. Shayla is an Insider Associate since she has befriended an actual employee

  4. Since Shayla obtained access with a legitimate company badge; she would be considered a Pure Insider

    Answer: A

    Question No: 39 – (Topic 1)

    Maintaining a secure Web server requires constant effort, resources, and vigilance from an organization. Securely administering a Web server on a daily basis is an essential aspect of Web server security.

    Maintaining the security of a Web server will usually involve the following steps:

    1. Configuring, protecting, and analyzing log files

    2. Backing up critical information frequently

    3. Maintaining a protected authoritative copy of the organization#39;s Web content

    4. Establishing and following procedures for recovering from compromise

    5. Testing and applying patches in a timely manner

    6. Testing security periodically.

      In which step would you engage a forensic investigator?

      1. 1

      2. 2

      3. 3

      4. 4

      5. 5

      6. 6

Answer: D

Question No: 40 – (Topic 1)

This attack technique is used when a Web application is vulnerable to an SQL Injection but the results of the Injection are not visible to the attacker.

  1. Unique SQL Injection

  2. Blind SQL Injection

  3. Generic SQL Injection

  4. Double SQL Injection

Answer: B

100% Ensurepass Free Download!
Download Free Demo:EC0-350 Demo PDF
100% Ensurepass Free Guaranteed!
EC0-350 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.