ec-council ec0-350 test questions 1
The mere name of ECCouncil EC0-350 can attract all organizations like a swarm of nectar-hungry bees. Having it under one’s belt opens new realms of opportunities hitherto unknown and unconquered. TK’s Ethical Hacking and Countermeasures is the dream certificate of many professionals. You can have this too. Give your career the bounce it needs by choosing EC0-350 of ECCouncil. Association with ECCouncil will ensure your success and growth no matter where you might pursue your career. Let TestKing-Exams.com take every worry off your mind and make this dream of an association a reality!
Certification Provider: ECCouncil
Exam Name: EC0-350 – passguide Ethical Hacking and Countermeasures
Associated Certifications: ECCouncil Certified Ethical Hacker
Language:English
You are footprinting an organization and gathering competitive intelligence. You visit the company
website for contact information and telephone numbers but do not find them listed there. You
know they had the entire staff directory listed on their website 12 months ago but now it is not
there. Is there anyway you can retrieve information from a website that is outdated?
A. Visit google search engine and view the cached copy
B. Crawl the entire website and store them into your computer
C. Visit the company partners and customers website for this information
D. Visit Archive.org web site to retrieve the Internet archive of the company website
Answer: D
You have retrieved the raw hash values from a Windows 2000 Domain Controller. Using social
engineering, you know that they are enforcing strong passwords. You understand that all users
are required to use passwords that are at least 8 characters in length. All passwords must also
use 3 of the 4 following categories: lower case letters, capital letters, numbers and special
characters. With your given knowledge of users, likely user account names and the possibility
that they will choose the easiest passwords possible, what would be the fastest type of password
cracking attack you can run against these hash values to get results?
A. Hybrid Attack
B. Dictionary Attack
C. Encryption Attack
D. Brute Force Attack
Answer: A
You receive an e-mail with the below message:
Hello Steve,
We are having technical difficulty in restoring user database records after the recent blackout.
Your account data is corrupted. Please logon on to SuperEmailServices.com and change your
password.
http://www.superemailservices.com%40c3405906949/support/logon.htm
If you do not reset your password within 7 days, your account will be permanently disabled
locking you out from using our e-mail services.
Sincerely,
Technical Support
SuperEmailServices
From this e-mail you suspect that some hacker sent this message since you have been using
their e-mail services for the last 2 years and they never have sent out an e-mail such as this. You
also observe the URL in the message and want to confirm your suspicion about 3405906949,
which looks like a base10 number.
You enter the following at the Windows 2003 command prompt:
ping 3405906949
You get a response with a valid IP address. What is the obstructed IP address in the e-mail URL?
A. 10.0.3.4
B. 192.34.5.9
C. 199.23.43.4
D. 203.2.4.5
Answer: D
Bob is acknowledged as a hacker of repute and is popular among visitors of ‘underground’ sites.
Bob is willing to share his knowledge to those who are willing to learn, and many have expressed
their interest in learning from him. However, this knowledge has risks associated with it, as the
same knowledge can be used for malevolent attacks as well. In this context, what would be the
most effective method to bridge the knowledge gap between the “black” hats or crackers and the
“white” hats or computer security professionals?
A. Hire more computer security monitoring personnel to monitor computer systems and networks
B. Educate everyone with books, articles and training on risk analysis, vulnerabilities and
safeguards
C. Train more national guard and reservist in the art of computer security to help out in times of
emergency or crises
D. Make obtaining either a computer security certification or accreditation easier to achieve so
more individuals feel that they are a part of something larger than life
Answer: B
Clive is conducting a pen-test and has just port scanned a system on the network. He has
identified the operating system as Linux and been able to elicit responses from ports 23, 25 and
53. He infers port 23 as running Telnet service, port 25 as running SMTP service and port 53 as
running DNS service. The client confirms these findings and attests to the current availability of
the services. When he tries to telnet to port 23 or 25, he gets a blank screen in response. On
typing other commands, he sees only blank spaces or underscores symbols on the screen. What
are you most likely to infer from this?
A. The services are protected by TCP wrappers
B. There is a honeypot running on the scanned machine
C. An attacker has replaced the services with trojaned ones
D. This indicates that the telnet and SMTP server have crashed
Answer: A
SSL has been seen as the solution to a lot of common security problems. Administrator will often
time make use of SSL to encrypt communications from points A to point B. Why do you think this
could be a bad idea if there is an Intrusion Detection System deployed to monitor the traffic
between point A and B?
A. SSL is redundant if you already have IDS in place
B. SSL will trigger rules at regular interval and force the administrator to turn them off
C. SSL will mask the content of the packet and Intrusion Detection System are blinded
D. SSL will slow down the IDS while it is breaking the encryption to see the packet content
Answer: C
Clive has been hired to perform a Black-Box test by one of his clients. How much information will
Clive be able to get from the client before commencing his test?
A. Only the IP address range
B. Nothing but corporate name
C. All that is available from the client
D. IP Range, OS, and patches installed
Answer: B
Recent Comments