Free ECCouncil EC0-350 Practice Exam with Questions & Answers | Set: 3

Name: How to Pass EC0-350 Exams
Brand: Examstrack
SKU: ec0-350
Price: 36.75 USD
Availability: InStock

Questions 41

Jayden is a network administrator for her company. Jayden wants to prevent MAC spoofing on all the Cisco switches in the network. How can she accomplish this?

Options:

Jayden can use the commanD. ip binding set.

Jayden can use the commanD. no ip spoofing.

She should use the commanD. no dhcp spoofing.

She can use the commanD. ip dhcp snooping binding.

ECCouncil EC0-350 Premium Access

Savannah

19-Jun-2025

Passed without hassle! Examstrack exam engine helped me learn and practice the tough topics for taking EC0-350 exam. The tests offered by the engine were replica of the real exam. I can confidently say that Examstrack product can effortlessly help you clear ECCouncil EC0-350 exam. I have so much belief in Examstrack that I recommend it to every candidate! It is was very helpful for me Thanks to examstrack!

Luke

26-Jun-2025

Passing ECCouncil EC0-350, I got the best professional credibility! The credit of my success in exam ECCouncil Ethical Hacking and Countermeasures V8 (EC0-350) goes to Marks4ure that helped with its innovative and reliable study material. The exam-intensive Q&As of Examstrack made it easier for me to grasp all essential topics and practice them again and again. I was quite at home in the real exam scenario and beat it with a tremendous score! Bravo Examstrack!

Questions 42

Peter extracts the SID list from Windows 2008 Server machine using the hacking tool "SIDExtracter". Here is the output of the SIDs:

EC0-350 Question 42

From the above list identify the user account with System Administrator privileges?

Options:

John

Rebecca

Sheela

Shawn

Somia

Chang

Micah

Questions 43

BankerFox is a Trojan that is designed to steal users' banking data related to certain banking entities.

When they access any website of the affected banks through the vulnerable Firefox 3.5 browser, the Trojan is activated and logs the information entered by the user. All the information entered in that website will be logged by the Trojan and transmitted to the attacker's machine using covert channel.

BankerFox does not spread automatically using its own means. It needs an attacking user's intervention in order to reach the affected computer.

EC0-350 Question 43

What is the most efficient way an attacker located in remote location to infect this banking Trojan on a victim's machine?

Options:

Physical access - the attacker can simply copy a Trojan horse to a victim's hard disk infecting the machine via Firefox add-on extensions

Custom packaging - the attacker can create a custom Trojan horse that mimics the appearance of a program that is unique to that particular computer

Downloading software from a website? An attacker can offer free software, such as shareware programs and pirated mp3 files

Questions 44

Stephanie works as senior security analyst for a manufacturing company in Detroit. Stephanie manages network security throughout the organization. Her colleague Jason told her in confidence that he was able to see confidential corporate information posted on the external website http://www.jeansclothesman.com. He tries random URLs on the company 's website and finds confidential information leaked over the web. Jason says this happened about a month ago. Stephanie visits the said URLs, but she finds nothing. She is very concerned about this, since someone should be held accountable if there was sensitive information posted on the website.

Where can Stephanie go to see past versions and pages of a website?

Options:

She should go to the web page Samspade.org to see web pages that might no longer be on the website

If Stephanie navigates to Search.com; she will see old versions of the company website

Stephanie can go to Archive.org to see past versions of the company website

AddressPast.com would have any web pages that are no longer hosted on the company's website

Questions 45

What type of Trojan is this?

EC0-350 Question 45

Options:

RAT Trojan

E-Mail Trojan

Defacement Trojan

Destructing Trojan

Denial of Service Trojan

Questions 46

This tool is widely used for ARP Poisoning attack. Name the tool.

EC0-350 Question 46

Options:

Cain and Able

Beat Infector

Poison Ivy

Webarp Infector

Questions 47

TCP/IP Session Hijacking is carried out in which OSI layer?

Options:

Datalink layer

Transport layer

Network layer

Physical layer

Questions 48

Which of the following statement correctly defines ICMP Flood Attack? (Select 2 answers)

EC0-350 Question 48

Options:

Bogus ECHO reply packets are flooded on the network spoofing the IP and MAC address

The ICMP packets signal the victim system to reply and the combination of traffic saturates the bandwidth of the victim's network

ECHO packets are flooded on the network saturating the bandwidth of the subnet causing denial of service

A DDoS ICMP flood attack occurs when the zombies send large volumes of ICMP_ECHO_REPLY packets to the victim system.

Questions 49

An attacker has successfully compromised a remote computer. Which of the following comes as one of the last steps that should be taken to ensure that the compromise cannot be traced back to the source of the problem?

Options:

Install patches

Setup a backdoor

Install a zombie for DDOS

Cover your tracks

Questions 50

Ursula is a college student at a University in Amsterdam. Ursula originally went to college to study engineering but later changed to marine biology after spending a month at sea with her friends. These friends frequently go out to sea to follow and harass fishing fleets that illegally fish in foreign waters. Ursula eventually wants to put companies practicing illegal fishing out of business. Ursula decides to hack into the parent company's computers and destroy critical data knowing fully well that, if caught, she probably would be sent to jail for a very long time. What would Ursula be considered?

Options:

Ursula would be considered a gray hat since she is performing an act against illegal activities.

She would be considered a suicide hacker.

She would be called a cracker.

Ursula would be considered a black hat.

Questions 51

Vulnerability scanners are automated tools that are used to identify vulnerabilities and misconfigurations of hosts. They also provide information regarding mitigating discovered vulnerabilities.

EC0-350 Question 51

Which of the following statements is incorrect?

Options:

Vulnerability scanners attempt to identify vulnerabilities in the hosts scanned.

Vulnerability scanners can help identify out-of-date software versions, missing patches, or system upgrades

They can validate compliance with or deviations from the organization's security policy

Vulnerability scanners can identify weakness and automatically fix and patch the vulnerabilities without user intervention

Questions 52

Which Steganography technique uses Whitespace to hide secret messages?

Options:

snow

beetle

magnet

cat

Questions 53

You are the Security Administrator of Xtrinity, Inc. You write security policies and conduct assessments to protect the company's network. During one of your periodic checks to see how well policy is being observed by the employees, you discover an employee has attached cell phone 3G modem to his telephone line and workstation. He has used this cell phone 3G modem to dial in to his workstation, thereby bypassing your firewall. A security breach has occurred as a direct result of this activity. The employee explains that he used the modem because he had to download software for a department project. How would you resolve this situation?

Options:

Reconfigure the firewall

Enforce the corporate security policy

Install a network-based IDS

Conduct a needs analysis

Questions 54

How do you defend against Privilege Escalation?

Options:

Use encryption to protect sensitive data

Restrict the interactive logon privileges

Run services as unprivileged accounts

Allow security settings of IE to zero or Low

Run users and applications on the least privileges

Questions 55

Which of the following tool would be considered as Signature Integrity Verifier (SIV)?

Options:

Nmap

SNORT

VirusSCAN

Tripwire

Questions 56

How do you defend against DHCP Starvation attack?

EC0-350 Question 56

Options:

Enable ARP-Block on the switch

Enable DHCP snooping on the switch

Configure DHCP-BLOCK to 1 on the switch

Install DHCP filters on the switch to block this attack

Questions 57

David is a security administrator working in Boston. David has been asked by the office's manager to block all POP3 traffic at the firewall because he believes employees are spending too much time reading personal email. How can David block POP3 at the firewall?

Options:

David can block port 125 at the firewall.

David can block all EHLO requests that originate from inside the office.

David can stop POP3 traffic by blocking all HELO requests that originate from inside the office.

David can block port 110 to block all POP3 traffic.

Questions 58

What port number is used by Kerberos protocol?

Options:

487

419

Questions 59

Consider the following code:

URL:http://www.certified.com/search.pl?

text=<script>alert(document.cookie)</script>

If an attacker can trick a victim user to click a link like this, and the Web application does not validate input, then the victim's browser will pop up an alert showing the users current set of cookies. An attacker can do much more damage, including stealing passwords, resetting your home page, or redirecting the user to another Web site.

What is the countermeasure against XSS scripting?

Options:

Create an IP access list and restrict connections based on port number

Replace "<" and ">" characters with "& l t;" and "& g t;" using server scripts

Disable Javascript in IE and Firefox browsers

Connect to the server using HTTPS protocol instead of HTTP

Questions 60

You want to capture Facebook website traffic in Wireshark. What display filter should you use that shows all TCP packets that contain the word 'facebook'?

Options:

display==facebook

traffic.content==facebook

tcp contains facebook

list.display.facebook