Summer Special 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bestdeal

Achieve Success in the ECCouncil EC0-350 Exam: A Detailed Ethical Hacking and Countermeasures V8 Guide

Questions 41

Jayden is a network administrator for her company. Jayden wants to prevent MAC spoofing on all the Cisco switches in the network. How can she accomplish this?

Options:

A.

Jayden can use the commanD. ip binding set.

B.

Jayden can use the commanD. no ip spoofing.

C.

She should use the commanD. no dhcp spoofing.

D.

She can use the commanD. ip dhcp snooping binding.

Buy Now
Questions 42

Peter extracts the SID list from Windows 2008 Server machine using the hacking tool "SIDExtracter". Here is the output of the SIDs:

EC0-350 Question 42

From the above list identify the user account with System Administrator privileges?

Options:

A.

John

B.

Rebecca

C.

Sheela

D.

Shawn

E.

Somia

F.

Chang

G.

Micah

Buy Now
Questions 43

BankerFox is a Trojan that is designed to steal users' banking data related to certain banking entities.

When they access any website of the affected banks through the vulnerable Firefox 3.5 browser, the Trojan is activated and logs the information entered by the user. All the information entered in that website will be logged by the Trojan and transmitted to the attacker's machine using covert channel.

BankerFox does not spread automatically using its own means. It needs an attacking user's intervention in order to reach the affected computer.

EC0-350 Question 43

What is the most efficient way an attacker located in remote location to infect this banking Trojan on a victim's machine?

Options:

A.

Physical access - the attacker can simply copy a Trojan horse to a victim's hard disk infecting the machine via Firefox add-on extensions

B.

Custom packaging - the attacker can create a custom Trojan horse that mimics the appearance of a program that is unique to that particular computer

C.

Custom packaging - the attacker can create a custom Trojan horse that mimics the appearance of a program that is unique to that particular computer

D.

Custom packaging - the attacker can create a custom Trojan horse that mimics the appearance of a program that is unique to that particular computer

E.

Downloading software from a website? An attacker can offer free software, such as shareware programs and pirated mp3 files

Buy Now
Questions 44

Stephanie works as senior security analyst for a manufacturing company in Detroit. Stephanie manages network security throughout the organization. Her colleague Jason told her in confidence that he was able to see confidential corporate information posted on the external website http://www.jeansclothesman.com. He tries random URLs on the company 's website and finds confidential information leaked over the web. Jason says this happened about a month ago. Stephanie visits the said URLs, but she finds nothing. She is very concerned about this, since someone should be held accountable if there was sensitive information posted on the website.

Where can Stephanie go to see past versions and pages of a website?

Options:

A.

She should go to the web page Samspade.org to see web pages that might no longer be on the website

B.

If Stephanie navigates to Search.com; she will see old versions of the company website

C.

Stephanie can go to Archive.org to see past versions of the company website

D.

AddressPast.com would have any web pages that are no longer hosted on the company's website

Buy Now
Questions 45

What type of Trojan is this?

EC0-350 Question 45

Options:

A.

RAT Trojan

B.

E-Mail Trojan

C.

Defacement Trojan

D.

Destructing Trojan

E.

Denial of Service Trojan

Buy Now
Questions 46

This tool is widely used for ARP Poisoning attack. Name the tool.

EC0-350 Question 46

Options:

A.

Cain and Able

B.

Beat Infector

C.

Poison Ivy

D.

Webarp Infector

Buy Now
Questions 47

TCP/IP Session Hijacking is carried out in which OSI layer?

Options:

A.

Datalink layer

B.

Transport layer

C.

Network layer

D.

Physical layer

Buy Now
Questions 48

Which of the following statement correctly defines ICMP Flood Attack? (Select 2 answers)

EC0-350 Question 48

Options:

A.

Bogus ECHO reply packets are flooded on the network spoofing the IP and MAC address

B.

The ICMP packets signal the victim system to reply and the combination of traffic saturates the bandwidth of the victim's network

C.

ECHO packets are flooded on the network saturating the bandwidth of the subnet causing denial of service

D.

A DDoS ICMP flood attack occurs when the zombies send large volumes of ICMP_ECHO_REPLY packets to the victim system.

Buy Now
Questions 49

An attacker has successfully compromised a remote computer. Which of the following comes as one of the last steps that should be taken to ensure that the compromise cannot be traced back to the source of the problem?

Options:

A.

Install patches

B.

Setup a backdoor

C.

Install a zombie for DDOS

D.

Cover your tracks

Buy Now
Questions 50

Ursula is a college student at a University in Amsterdam. Ursula originally went to college to study engineering but later changed to marine biology after spending a month at sea with her friends. These friends frequently go out to sea to follow and harass fishing fleets that illegally fish in foreign waters. Ursula eventually wants to put companies practicing illegal fishing out of business. Ursula decides to hack into the parent company's computers and destroy critical data knowing fully well that, if caught, she probably would be sent to jail for a very long time. What would Ursula be considered?

Options:

A.

Ursula would be considered a gray hat since she is performing an act against illegal activities.

B.

She would be considered a suicide hacker.

C.

She would be called a cracker.

D.

Ursula would be considered a black hat.

Buy Now
Questions 51

Vulnerability scanners are automated tools that are used to identify vulnerabilities and misconfigurations of hosts. They also provide information regarding mitigating discovered vulnerabilities.

EC0-350 Question 51

Which of the following statements is incorrect?

Options:

A.

Vulnerability scanners attempt to identify vulnerabilities in the hosts scanned.

B.

Vulnerability scanners can help identify out-of-date software versions, missing patches, or system upgrades

C.

They can validate compliance with or deviations from the organization's security policy

D.

Vulnerability scanners can identify weakness and automatically fix and patch the vulnerabilities without user intervention

Buy Now
Questions 52

Which Steganography technique uses Whitespace to hide secret messages?

Options:

A.

snow

B.

beetle

C.

magnet

D.

cat

Buy Now
Questions 53

You are the Security Administrator of Xtrinity, Inc. You write security policies and conduct assessments to protect the company's network. During one of your periodic checks to see how well policy is being observed by the employees, you discover an employee has attached cell phone 3G modem to his telephone line and workstation. He has used this cell phone 3G modem to dial in to his workstation, thereby bypassing your firewall. A security breach has occurred as a direct result of this activity. The employee explains that he used the modem because he had to download software for a department project. How would you resolve this situation?

Options:

A.

Reconfigure the firewall

B.

Enforce the corporate security policy

C.

Install a network-based IDS

D.

Conduct a needs analysis

Buy Now
Questions 54

How do you defend against Privilege Escalation?

Options:

A.

Use encryption to protect sensitive data

B.

Restrict the interactive logon privileges

C.

Run services as unprivileged accounts

D.

Allow security settings of IE to zero or Low

E.

Run users and applications on the least privileges

Buy Now
Questions 55

Which of the following tool would be considered as Signature Integrity Verifier (SIV)?

Options:

A.

Nmap

B.

SNORT

C.

VirusSCAN

D.

Tripwire

Buy Now
Questions 56

How do you defend against DHCP Starvation attack?

EC0-350 Question 56

Options:

A.

Enable ARP-Block on the switch

B.

Enable DHCP snooping on the switch

C.

Configure DHCP-BLOCK to 1 on the switch

D.

Install DHCP filters on the switch to block this attack

Buy Now
Questions 57

David is a security administrator working in Boston. David has been asked by the office's manager to block all POP3 traffic at the firewall because he believes employees are spending too much time reading personal email. How can David block POP3 at the firewall?

Options:

A.

David can block port 125 at the firewall.

B.

David can block all EHLO requests that originate from inside the office.

C.

David can stop POP3 traffic by blocking all HELO requests that originate from inside the office.

D.

David can block port 110 to block all POP3 traffic.

Buy Now
Questions 58

What port number is used by Kerberos protocol?

Options:

A.

88

B.

44

C.

487

D.

419

Buy Now
Questions 59

Consider the following code:

URL:http://www.certified.com/search.pl?

text=<script>alert(document.cookie)</script>

If an attacker can trick a victim user to click a link like this, and the Web application does not validate input, then the victim's browser will pop up an alert showing the users current set of cookies. An attacker can do much more damage, including stealing passwords, resetting your home page, or redirecting the user to another Web site.

What is the countermeasure against XSS scripting?

Options:

A.

Create an IP access list and restrict connections based on port number

B.

Replace "<" and ">" characters with "& l t;" and "& g t;" using server scripts

C.

Disable Javascript in IE and Firefox browsers

D.

Connect to the server using HTTPS protocol instead of HTTP

Buy Now
Questions 60

You want to capture Facebook website traffic in Wireshark. What display filter should you use that shows all TCP packets that contain the word 'facebook'?

Options:

A.

display==facebook

B.

traffic.content==facebook

C.

tcp contains facebook

D.

list.display.facebook

Buy Now