[Free] 2018(Jan) EnsurePass Dumpsleader ECCouncil EC1-350 Dumps with VCE and PDF 71-80

Ensurepass.com : Ensure you pass the IT Exams
2018 Jan ECCouncil Official New Released EC1-350
100% Free Download! 100% Pass Guaranteed!

Ethical Hacking and Countermeasures V7

Question No: 71 – (Topic 1)

Fake Anti-Virus, is one of the most frequently encountered and persistent threats on the web. This malware uses social engineering to lure users into infected websites with a technique called Search Engine Optimization.

Once the Fake AV is downloaded into the user#39;s computer, the software will scare them into believing their system is infected with threats that do not really exist, and then push users to purchase services to clean up the non-existent threats.

The Fake AntiVirus will continue to send these annoying and intrusive alerts until a payment is made.

Ensurepass 2018 PDF and VCE

What is the risk of installing Fake AntiVirus?

  1. Victim#39;s Operating System versions, services running and applications installed will be published on Blogs and Forums

  2. Victim#39;s personally identifiable information such as billing address and credit card details, may be extracted and exploited by the attacker

  3. Once infected, the computer will be unable to boot and the Trojan will attempt to format the hard disk

  4. Denial of Service attack will be launched against the infected computer crashing other machines on the connected network

Answer: B

Question No: 72 – (Topic 1)

How would you describe an attack where an attacker attempts to deliver the payload over multiple packets over long periods of time with the purpose of defeating simple pattern matching in IDS systems without session reconstruction? A characteristic of this attack would be a continuous stream of small packets.

  1. Session Hijacking

  2. Session Stealing

  3. Session Splicing

  4. Session Fragmentation

Answer: C

Question No: 73 – (Topic 1)

Jake works as a system administrator at Acme Corp. Jason, an accountant of the firm befriends him at the canteen and tags along with him on the pretext of appraising him about potential tax benefits. Jason waits for Jake to swipe his access card and follows him through the open door into the secure systems area. How would you describe Jason#39;s behavior within a security context?

  1. Smooth Talking

  2. Swipe Gating

  3. Tailgating

  4. Trailing

Answer: C

Question No: 74 – (Topic 1)

While performing a ping sweep of a local subnet you receive an ICMP reply of Code 3/Type 13 for all the pings you have sent out. What is the most likely cause of this?

  1. The firewall is dropping the packets

  2. An in-line IDS is dropping the packets

  3. A router is blocking ICMP

  4. The host does not respond to ICMP packets

Answer: C

Question No: 75 – (Topic 1)

Consider the following code:

URL:http://www.certified.com/search.pl? text=lt;scriptgt;alert(document.cookie)lt;/scriptgt;

If an attacker can trick a victim user to click a link like this, and the Web application does not validate input, then the victim#39;s browser will pop up an alert showing the users current set of cookies. An attacker can do much more damage, including stealing passwords, resetting your home page, or redirecting the user to another Web site.

What is the countermeasure against XSS scripting?

  1. Create an IP access list and restrict connections based on port number

  2. Replace quot;lt;quot; and quot;gt;quot; characters with quot;amp; l t;quot; and quot;amp; g t;quot; using server scripts

  3. Disable Javascript in IE and Firefox browsers

  4. Connect to the server using HTTPS protocol instead of HTTP

Answer: B

Question No: 76 – (Topic 1)

Samuel is the network administrator of DataX Communications, Inc. He is trying to configure his firewall to block password brute force attempts on his network. He enables blocking the intruder#39;s IP address for a period of 24 hours#39; time after more than three unsuccessful attempts. He is confident that this rule will secure his network from hackers on the Internet.

But he still receives hundreds of thousands brute-force attempts generated from various IP addresses around the world. After some investigation he realizes that the intruders are using a proxy somewhere else on the Internet which has been scripted to enable the random usage of various proxies on each request so as not to get caught by the firewall rule.

Later he adds another rule to his firewall and enables small sleep on the password attempt so that if the password is incorrect, it would take 45 seconds to return to the user to begin another attempt. Since an intruder may use multiple machines to brute force the password, he also throttles the number of connections that will be prepared to accept from a particular IP address. This action will slow the intruder#39;s attempts.

Samuel wants to completely block hackers brute force attempts on his network.

What are the alternatives to defending against possible brute-force password attacks on his site?

  1. Enforce a password policy and use account lockouts after three wrong logon attempts even though this might lock out legit users

  2. Enable the IDS to monitor the intrusion attempts and alert you by e-mail about the IP address of the intruder so that you can block them at the

    Firewall manually

  3. Enforce complex password policy on your network so that passwords are more difficult to brute force

  4. You cannot completely block the intruders attempt if they constantly switch proxies

Answer: D

Question No: 77 – (Topic 1)

What type of Trojan is this?

Ensurepass 2018 PDF and VCE

  1. RAT Trojan

  2. E-Mail Trojan

  3. Defacement Trojan

  4. Destructing Trojan

  5. Denial of Service Trojan

    Answer: C

    Question No: 78 – (Topic 1)

    Maintaining a secure Web server requires constant effort, resources, and vigilance from an organization. Securely administering a Web server on a daily basis is an essential aspect of Web server security.

    Maintaining the security of a Web server will usually involve the following steps:

    1. Configuring, protecting, and analyzing log files

    2. Backing up critical information frequently

    3. Maintaining a protected authoritative copy of the organization#39;s Web content

    4. Establishing and following procedures for recovering from compromise

    5. Testing and applying patches in a timely manner

    6. Testing security periodically.

      In which step would you engage a forensic investigator?

      1. 1

      2. 2

      3. 3

      4. 4

      5. 5

      6. 6

Answer: D

Question No: 79 – (Topic 1)

In Buffer Overflow exploit, which of the following registers gets overwritten with return address of the exploit code?

  1. EEP

  2. ESP

  3. EAP

  4. EIP

Answer: D

Question No: 80 – (Topic 1)

Web servers often contain directories that do not need to be indexed. You create a text file with search engine indexing restrictions and place it on the root directory of the Web Server.

User-agent: * Disallow: /images/ Disallow: /banners/ Disallow: /Forms/ Disallow: /Dictionary/ Disallow: /_borders/ Disallow: /_fpclass/ Disallow: /_overlay/ Disallow: /_private/ Disallow: /_themes/

What is the name of this file?

  1. robots.txt

  2. search.txt

  3. blocklist.txt

  4. spf.txt

Answer: A

100% Ensurepass Free Download!
Download Free Demo:EC1-350 Demo PDF
100% Ensurepass Free Guaranteed!
EC1-350 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.