[Free] 2018(Jan) EnsurePass Dumpsleader ECCouncil EC0-350 Dumps with VCE and PDF 521-530

Ensurepass.com : Ensure you pass the IT Exams
2018 Jan ECCouncil Official New Released EC0-350
100% Free Download! 100% Pass Guaranteed!
http://www.EnsurePass.com/EC0-350.html

Ethical Hacking and Countermeasures V8

Question No: 521 – (Topic 6)

One of your team members has asked you to analyze the following SOA record. What is the version?

Rutgers.edu.SOA NS1.Rutgers.edu ipad.college.edu (200302028 3600

3600 604800 2400.

A. 200303028

B. 3600

C. 604800

D. 2400

  • 60

  • F. 4800

    Answer: A

    Explanation: The SOA starts with the format of YYYYMMDDVV where VV is the version.

    Question No: 522 – (Topic 6)

    The following excerpt is taken from a honeyput log. The log captures activities across three days. There are several intrusion attempts; however, a few are successful. Study the log

    given below and answer the following question:

    (Note: The objective of this questions is to test whether the student has learnt about passive OS fingerprinting (which should tell them the OS from log captures): can they tell a SQL injection attack signature; can they infer if a user ID has been created by an attacker and whether they can read plain source – destination entries from log entries.)

    Ensurepass 2018 PDF and VCE

    What can you infer from the above log?

    1. The system is a windows system which is being scanned unsuccessfully.

    2. The system is a web application server compromised through SQL injection.

    3. The system has been compromised and backdoored by the attacker.

    4. The actual IP of the successful attacker is 24.9.255.53.

    Answer: A

    Question No: 523 – (Topic 6)

    While performing a ping sweep of a subnet you receive an ICMP reply of Code 3/Type 13 for all the pings sent out.

    What is the most likely cause behind this response?

    1. The firewall is dropping the packets.

    2. An in-line IDS is dropping the packets.

    3. A router is blocking ICMP.

    4. The host does not respond to ICMP packets.

    Answer: C

    Explanation: Type 3 message = Destination Unreachable [RFC792], Code 13 (cause) = Communication Administratively Prohibited [RFC1812]

    Question No: 524 – (Topic 6)

    Which of the following activities will NOT be considered as passive footprinting?

    1. Go through the rubbish to find out any information that might have been discarded.

    2. Search on financial site such as Yahoo Financial to identify assets.

    3. Scan the range of IP address found in the target DNS database.

    4. Perform multiples queries using a search engine.

    Answer: C

    Explanation: Passive footprinting is a method in which the attacker never makes contact with the target systems. Scanning the range of IP addresses found in the target DNS is considered making contact to the systems behind the IP addresses that is targeted by the scan.

    Question No: 525 – (Topic 6)

    While performing ping scans into a target network you get a frantic call from the organization’s security team. They report that they are under a denial of service attack. When you stop your scan, the smurf attack event stops showing up on the organization’s IDS monitor. How can you modify your scan to prevent triggering this event in the IDS?

    1. Scan more slowly.

    2. Do not scan the broadcast IP.

    3. Spoof the source IP address.

    4. Only scan the Windows systems.

    Answer: B

    Explanation: Scanning the broadcast address makes the scan target all IP addresses on that subnet at the same time.

    Question No: 526 – (Topic 6)

    What are the default passwords used by SNMP? (Choose two.)

    1. Password

    2. SA

    3. Private

    4. Administrator

    5. Public

    6. Blank

    Answer: C,E

    Explanation: Besides the fact that it passes information in clear text, SNMP also uses well-known passwords. Public and private are the default passwords used by SNMP.

    Question No: 527 – (Topic 6)

    NSLookup is a good tool to use to gain additional information about a target network. What does the following command accomplish?

    nslookup

    gt; server lt;ipaddressgt;

    gt; set type =any

    gt; ls -d lt;target.comgt;

    1. Enables DNS spoofing

    2. Loads bogus entries into the DNS table

    3. Verifies zone security

    4. Performs a zone transfer

    5. Resets the DNS cache

    Answer: D

    Explanation: If DNS has not been properly secured, the command sequence displayed above will perform a zone transfer.

    Question No: 528 – (Topic 6)

    To what does “message repudiation” refer to what concept in the realm of email security?

    1. Message repudiation means a user can validate which mail server or servers a message was passed through.

    2. Message repudiation means a user can claim damages for a mail message that damaged their reputation.

    3. Message repudiation means a recipient can be sure that a message was sent from a particular person.

    4. Message repudiation means a recipient can be sure that a message was sent from a certain host.

    5. Message repudiation means a sender can claim they did not actually send a particular message.

    Answer: E

    Explanation: A quality that prevents a third party from being able to prove that a communication between two other parties ever took place. This is a desirable quality if you do not want your communications to be traceable.

    Non-repudiation is the opposite quality-a third party can prove that a communication between two other parties took place. Non-repudiation is desirable if you want to be able to trace your communications and prove that they occurred. Repudiation – Denial of message submission or delivery.

    Question No: 529 – (Topic 6)

    Paul has just finished setting up his wireless network. He has enabled numerous security features such as changing the default SSID, enabling WPA encryption, and enabling MAC filtering on his wireless router. Paul notices that when he uses his wireless connection, the

    speed is sometimes 54 Mbps and sometimes it is only 24Mbps or less. Paul connects to his wireless router#39;s management utility and notices that a machine with an unfamiliar name is connected through his wireless connection. Paul checks the router#39;s logs and notices that the unfamiliar machine has the same MAC address as his laptop. What is Paul seeing here?

    1. MAC spoofing

    2. Macof

    3. ARP spoofing

    4. DNS spoofing

    Answer: A

    Question No: 530 – (Topic 6)

    Which of the following tools are used for footprinting? (Choose four)

    1. Sam Spade

    2. NSLookup

    3. Traceroute

    4. Neotrace

    5. Cheops

    Answer: A,B,C,D

    Explanation: All of the tools listed are used for footprinting except Cheops.

    100% Ensurepass Free Download!
    Download Free Demo:EC0-350 Demo PDF
    100% Ensurepass Free Guaranteed!
    EC0-350 Dumps

    EnsurePass ExamCollection Testking
    Lowest Price Guarantee Yes No No
    Up-to-Dated Yes No No
    Real Questions Yes No No
    Explanation Yes No No
    PDF VCE Yes No No
    Free VCE Simulator Yes No No
    Instant Download Yes No No

    Leave a Reply

    This site uses Akismet to reduce spam. Learn how your comment data is processed.