Month End Special 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: sale65best

Achieve Success in the ECCouncil EC0-350 Exam: A Detailed Ethical Hacking and Countermeasures V8 Guide

Questions 181

Which of the following represent weak password? (Select 2 answers)

Options:
A.

Passwords that contain letters, special characters, and numbers ExamplE. ap1$%##f@52

B.

Passwords that contain only numbers ExamplE. 23698217

C.

Passwords that contain only special characters ExamplE. &*#@!(%)

D.

Passwords that contain letters and numbers ExamplE. meerdfget123

E.

Passwords that contain only letters ExamplE. QWERTYKLRTY

F.

Passwords that contain only special characters and numbers ExamplE. 123@$45

G.

Passwords that contain only letters and special characters ExamplE. bob@&ba

ECCouncil EC0-350 Premium Access
Questions 182

John the Ripper is a technical assessment tool used to test the weakness of which of the following?

Options:
A.

Usernames

B.

File permissions

C.

Firewall rulesets

D.

Passwords

Questions 183

Which of the following is a hashing algorithm?

Options:
A.

MD5

B.

PGP

C.

DES

D.

ROT13

Questions 184

Wayne is the senior security analyst for his company. Wayne is examining some traffic logs on a server and came across some inconsistencies. Wayne finds some IP packets from a computer purporting to be on the internal network. The packets originate from 192.168.12.35 with a TTL of 15. The server replied to this computer and received a response from 192.168.12.35 with a TTL of 21. What can Wayne infer from this traffic log?

Options:
A.

The initial traffic from 192.168.12.35 was being spoofed.

B.

The traffic from 192.168.12.25 is from a Linux computer.

C.

The TTL of 21 means that the client computer is on wireless.

D.

The client computer at 192.168.12.35 is a zombie computer.

Questions 185

Which of the following items of a computer system will an anti-virus program scan for viruses?

Options:
A.

Boot Sector

B.

Deleted Files

C.

Windows Process List

D.

Password Protected Files

Questions 186

John is the network administrator of XSECURITY systems. His network was recently compromised. He analyzes the log files to investigate the attack. Take a look at the following Linux log file snippet. The hacker compromised and "owned" a Linux machine. What is the hacker trying to accomplish here?

EC0-350 Question 186

Options:
A.

The hacker is attempting to compromise more machines on the network

B.

The hacker is planting a rootkit

C.

The hacker is running a buffer overflow exploit to lock down the system

D.

The hacker is trying to cover his tracks

Questions 187

June, a security analyst, understands that a polymorphic virus has the ability to mutate and can change its known viral signature and hide from signature-based antivirus programs. Can June use an antivirus program in this case and would it be effective against a polymorphic virus?

Options:
A.

Yes. June can use an antivirus program since it compares the parity bit of executable files to the database of known check sum counts and it is effective on a polymorphic virus

B.

Yes. June can use an antivirus program since it compares the signatures of executable files to the database of known viral signatures and it is very effective against a polymorphic virus

C.

No. June can't use an antivirus program since it compares the signatures of executable files to the database of known viral signatures and in the case the polymorphic viruses cannot be detected by a signature-based anti-virus program

D.

No. June can't use an antivirus program since it compares the size of executable files to the database of known viral signatures and it is effective on a polymorphic virus

Questions 188

When utilizing technical assessment methods to assess the security posture of a network, which of the following techniques would be most effective in determining whether end-user security training would be beneficial?

Options:
A.

Vulnerability scanning

B.

Social engineering

C.

Application security testing

D.

Network sniffing

Questions 189

Web servers are often the most targeted and attacked hosts on organizations' networks. Attackers may exploit software bugs in the Web server, underlying operating system, or active content to gain unauthorized access.

EC0-350 Question 189

Identify the correct statement related to the above Web Server installation?

Options:
A.

Lack of proper security policy, procedures and maintenance

B.

Bugs in server software, OS and web applications

C.

Installing the server with default settings

D.

Unpatched security flaws in the server software, OS and applications

Questions 190

Which of the following techniques can be used to mitigate the risk of an on-site attacker from connecting to an unused network port and gaining full access to the network? (Choose three.)

Options:
A.

Port Security

B.

IPSec Encryption

C.

Network Admission Control (NAC)

D.

802.1q Port Based Authentication

E.

802.1x Port Based Authentication

F.

Intrusion Detection System (IDS)

Questions 191

Which of the following is a common Service Oriented Architecture (SOA) vulnerability?

Options:
A.

Cross-site scripting

B.

SQL injection

C.

VPath injection

D.

XML denial of service issues

Questions 192

During a penetration test, the tester conducts an ACK scan using NMAP against the external interface of the DMZ firewall. NMAP reports that port 80 is unfiltered. Based on this response, which type of packet inspection is the firewall conducting?

Options:
A.

Host

B.

Stateful

C.

Stateless

D.

Application

Questions 193

Blane is a security analyst for a law firm. One of the lawyers needs to send out an email to a client but he wants to know if the email is forwarded on to any other recipients. The client is explicitly asked not to re-send the email since that would be a violation of the lawyer's and client's agreement for this particular case. What can Blane use to accomplish this?

Options:
A.

He can use a split-DNS service to ensure the email is not forwarded on.

B.

A service such as HTTrack would accomplish this.

C.

Blane could use MetaGoofil tracking tool.

D.

Blane can use a service such as ReadNotify tracking tool.

Questions 194

Which type of password cracking technique works like dictionary attack but adds some numbers and symbols to the words from the dictionary and tries to crack the password?

Options:
A.

Dictionary attack

B.

Brute forcing attack

C.

Hybrid attack

D.

Syllable attack

E.

Rule-based attack

Questions 195

Jeremy is web security consultant for Information Securitas. Jeremy has just been hired to perform contract work for a large state agency in Michigan. Jeremy's first task is to scan all the company's external websites. Jeremy comes upon a login page which appears to allow employees access to sensitive areas on the website. James types in the following statement in the username field:

SELECT * from Users where username='admin' ?AND password='' AND email like '%@testers.com%'

What will the SQL statement accomplish?

Options:
A.

If the page is susceptible to SQL injection, it will look in the Users table for usernames of admin

B.

This statement will look for users with the name of admin, blank passwords, and email addresses that end in @testers.com

C.

This Select SQL statement will log James in if there are any users with NULL passwords

D.

James will be able to see if there are any default user accounts in the SQL database

Questions 196

Simon is security analyst writing signatures for a Snort node he placed internally that captures all mirrored traffic from his border firewall. From the following signature, what will Snort look for in the payload of the suspected packets?

alert tcp $EXTERNAL_NET any -> $HOME_NET 27374 (msG. "BACKDOOR SIG - SubSseven 22";flags: A+; content: "|0d0a5b52504c5d3030320d0a|"; reference:arachnids, 485;) alert

Options:
A.

The payload of 485 is what this Snort signature will look for.

B.

Snort will look for 0d0a5b52504c5d3030320d0a in the payload.

C.

Packets that contain the payload of BACKDOOR SIG - SubSseven 22 will be flagged.

D.

From this snort signature, packets with HOME_NET 27374 in the payload will be flagged.

Questions 197

The SNMP Read-Only Community String is like a password. The string is sent along with each SNMP Get-Request and allows (or denies) access to a device. Most network vendors ship their equipment with a default password of "public". This is the so-called "default public community string". How would you keep intruders from getting sensitive information regarding the network devices using SNMP? (Select 2 answers)

Options:
A.

Enable SNMPv3 which encrypts username/password authentication

B.

Use your company name as the public community string replacing the default 'public'

C.

Enable IP filtering to limit access to SNMP device

D.

The default configuration provided by device vendors is highly secure and you don't need to change anything

Questions 198

A hacker, who posed as a heating and air conditioning specialist, was able to install a sniffer program in a switched environment network. Which attack could the hacker use to sniff all of the packets in the network?

Options:
A.

Fraggle

B.

MAC Flood

C.

Smurf

D.

Tear Drop

Questions 199

Which of the following processes evaluates the adherence of an organization to its stated security policy?

Options:
A.

Vulnerability assessment

B.

Penetration testing

C.

Risk assessment

D.

Security auditing

Questions 200

If an attacker's computer sends an IPID of 24333 to a zombie (Idle Scanning) computer on a closed port, what will be the response?

Options:
A.

The zombie computer will respond with an IPID of 24334.

B.

The zombie computer will respond with an IPID of 24333.

C.

The zombie computer will not send a response.

D.

The zombie computer will respond with an IPID of 24335.