Summer Special 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bestdeal

Achieve Success in the ECCouncil EC0-350 Exam: A Detailed Ethical Hacking and Countermeasures V8 Guide

Questions 121

Which cipher encrypts the plain text digit (bit or byte) one by one?

Options:

A.

Classical cipher

B.

Block cipher

C.

Modern cipher

D.

Stream cipher

Buy Now
Questions 122

A company has hired a security administrator to maintain and administer Linux and Windows-based systems. Written in the nightly report file is the followinG.

Firewall log files are at the expected value of 4 MB. The current time is 12am. Exactly two hours later the size has decreased considerably. Another hour goes by and the log files have shrunk in size again.

Which of the following actions should the security administrator take?

Options:

A.

Log the event as suspicious activity and report this behavior to the incident response team immediately.

B.

Log the event as suspicious activity, call a manager, and report this as soon as possible.

C.

Run an anti-virus scan because it is likely the system is infected by malware.

D.

Log the event as suspicious activity, continue to investigate, and act according to the site's security policy.

Buy Now
Questions 123

Which of the following network attacks takes advantage of weaknesses in the fragment reassembly functionality of the TCP/IP protocol stack?

Options:

A.

Teardrop

B.

SYN flood

C.

Smurf attack

D.

Ping of death

Buy Now
Questions 124

While performing data validation of web content, a security technician is required to restrict malicious input. Which of the following processes is an efficient way of restricting malicious input?

Options:

A.

Validate web content input for query strings.

B.

Validate web content input with scanning tools.

C.

Validate web content input for type, length, and range.

D.

Validate web content input for extraneous queries.

Buy Now
Questions 125

Which of the following tools would be the best choice for achieving compliance with PCI Requirement 11?

Options:

A.

Truecrypt

B.

Sub7

C.

Nessus

D.

Clamwin

Buy Now
Questions 126

An NMAP scan of a server shows port 25 is open.  What risk could this pose?

Options:

A.

Open printer sharing

B.

Web portal data leak

C.

Clear text authentication

D.

Active mail relay

Buy Now
Questions 127

What is one thing a tester can do to ensure that the software is trusted and is not changing or tampering with critical data on the back end of a system it is loaded on?

Options:

A.

Proper testing

B.

Secure coding principles

C.

Systems security and architecture review

D.

Analysis of interrupts within the software

Buy Now
Questions 128

A Certificate Authority (CA) generates a key pair that will be used for encryption and decryption of email. The integrity of the encrypted email is dependent on the security of which of the following?

Options:

A.

Public key

B.

Private key

C.

Modulus length

D.

Email server certificate

Buy Now
Questions 129

What is the best defense against privilege escalation vulnerability?

Options:

A.

Patch systems regularly and upgrade interactive login privileges at the system administrator level.

B.

Run administrator and applications on least privileges and use a content registry for tracking.

C.

Run services with least privileged accounts and implement multi-factor authentication and authorization.

D.

Review user roles and administrator privileges for maximum utilization of automation services.

Buy Now
Questions 130

A botnet can be managed through which of the following?

Options:

A.

IRC

B.

E-Mail

C.

Linkedin and Facebook

D.

A vulnerable FTP server

Buy Now
Questions 131

Which United States legislation mandates that the Chief Executive Officer (CEO) and the Chief Financial Officer (CFO) must sign statements verifying the completeness and accuracy of financial reports?

Options:

A.

Sarbanes-Oxley Act (SOX)

B.

Gramm-Leach-Bliley Act (GLBA)

C.

Fair and Accurate Credit Transactions Act (FACTA)

D.

Federal Information Security Management Act (FISMA)

Buy Now
Questions 132

Information gathered from social networking websites such as Facebook, Twitter and LinkedIn can be used to launch which of the following types of attacks? (Choose two.)

Options:

A.

Smurf attack

B.

Social engineering attack

C.

SQL injection attack

D.

Phishing attack

E.

Fraggle attack

F.

Distributed denial of service attack

Buy Now
Questions 133

Which of the following is a strong post designed to stop a car?

Options:

A.

Gate

B.

Fence

C.

Bollard

D.

Reinforced rebar

Buy Now
Questions 134

An IT security engineer notices that the company’s web server is currently being hacked. What should the engineer do next?

Options:

A.

Unplug the network connection on the company’s web server.

B.

Determine the origin of the attack and launch a counterattack.

C.

Record as much information as possible from the attack.

D.

Perform a system restart on the company’s web server.

Buy Now
Questions 135

A technician is resolving an issue where a computer is unable to connect to the Internet using a wireless access point. The computer is able to transfer files locally to other machines, but cannot successfully reach the Internet. When the technician examines the IP address and default gateway they are both on the 192.168.1.0/24. Which of the following has occurred?

Options:

A.

The gateway is not routing to a public IP address.

B.

The computer is using an invalid IP address.

C.

The gateway and the computer are not on the same network.

D.

The computer is not using a private IP address.

Buy Now
Questions 136

Which of the following parameters enables NMAP's operating system detection feature?

Options:

A.

NMAP -sV

B.

NMAP -oS

C.

NMAP -sR

D.

NMAP -O

Buy Now
Questions 137

Employees in a company are no longer able to access Internet web sites on their computers. The network administrator is able to successfully ping IP address of web servers on the Internet and is able to open web sites by using an IP address in place of the URL. The administrator runs the nslookup command for www.eccouncil.org and receives an error message stating there is no response from the server. What should the administrator do next?

Options:

A.

Configure the firewall to allow traffic on TCP ports 53 and UDP port 53.

B.

Configure the firewall to allow traffic on TCP ports 80 and UDP port 443.

C.

Configure the firewall to allow traffic on TCP port 53.

D.

Configure the firewall to allow traffic on TCP port 8080.

Buy Now
Questions 138

A Security Engineer at a medium-sized accounting firm has been tasked with discovering how much information can be obtained from the firm's public facing web servers. The engineer decides to start by using netcat to port 80.

The engineer receives this output:

HTTP/1.1 200 OK

Server: Microsoft-IIS/6

Expires: Tue, 17 Jan 2011 01:41:33 GMT

DatE. Mon, 16 Jan 2011 01:41:33 GMT

Content-TypE. text/html

Accept-Ranges: bytes

Last-ModifieD. Wed, 28 Dec 2010 15:32:21 GMT

ETaG. "b0aac0542e25c31:89d"

Content-Length: 7369

Which of the following is an example of what the engineer performed?

Options:

A.

Cross-site scripting

B.

Banner grabbing

C.

SQL injection

D.

Whois database query

Buy Now
Questions 139

There is a WEP encrypted wireless access point (AP) with no clients connected. In order to crack the WEP key, a fake authentication needs to be performed. What information is needed when performing fake authentication to an AP? (Choose two.)

Options:

A.

The IP address of the AP

B.

The MAC address of the AP

C.

The SSID of the wireless network

D.

A failed authentication packet

Buy Now
Questions 140

Which solution can be used to emulate computer services, such as mail and ftp, and to capture information related to logins or actions?

Options:

A.

Firewall

B.

Honeypot

C.

Core server

D.

Layer 4 switch

Buy Now
Exam Code: EC0-350
Exam Name: Ethical Hacking and Countermeasures V8
Last Update: Jul 19, 2024
Questions: 878

PDF + Testing Engine

$159.99
$64

Testing Engine

$119.99
$48

PDF (Q&A)

$99.99
$40

ECCouncil Free Exams

ECCouncil Free Exams
Discover free ECCouncil exam prep resources at Examstrack. Access practice tests and study materials to enhance your ECCouncil exam success.