[Free] 2018(Jan) EnsurePass Pass4sure ECCouncil EC1-350 Dumps with VCE and PDF 241-250

Ensurepass.com : Ensure you pass the IT Exams
2018 Jan ECCouncil Official New Released EC1-350
100% Free Download! 100% Pass Guaranteed!
http://www.EnsurePass.com/EC1-350.html

Ethical Hacking and Countermeasures V7

Question No: 241 – (Topic 3)

A majority of attacks come from insiders, people who have direct access to a company#39;s computer system as part of their job function or a business relationship. Who is considered an insider?

  1. A competitor to the company because they can directly benefit from the publicity generated by making such an attack

  2. Disgruntled employee, customers, suppliers, vendors, business partners, contractors, temps, and consultants

  3. The CEO of the company because he has access to all of the computer systems

  4. A government agency since they know the company#39;s computer system strengths and weaknesses

Answer: B

Question No: 242 – (Topic 3)

Jeremy is web security consultant for Information Securitas. Jeremy has just been hired to perform contract work for a large state agency in Michigan. Jeremy#39;s first task is to scan all the company#39;s external websites. Jeremy comes upon a login page which appears to allow employees access to sensitive areas on the website. James types in the following statement in the username field:

SELECT * from Users where username=#39;admin#39; ?AND password=#39;#39; AND email like #39;%@testers.com%#39;

What will the SQL statement accomplish?

  1. If the page is susceptible to SQL injection, it will look in the Users table for usernames of admin

  2. This statement will look for users with the name of admin, blank passwords, and email addresses that end in @testers.com

  3. This Select SQL statement will log James in if there are any users with NULL passwords

  4. James will be able to see if there are any default user accounts in the SQL database

Answer: B Explanation:

This query will search for admin user with blank password with mail address @testers.com

Question No: 243 – (Topic 3)

An attacker is attempting to telnet into a corporation#39;s system in the DMZ. The attacker doesn#39;t want to get caught and is spoofing his IP address. After numerous tries he remains unsuccessful in connecting to the system. The attacker rechecks that the target system is actually listening on Port 23 and he verifies it with both nmap and hping2. He is still unable to connect to the target system. What could be the reason?

  1. The firewall is blocking port 23 to that system

  2. He needs to use an automated tool to telnet in

  3. He cannot spoof his IP and successfully use TCP

  4. He is attacking an operating system that does not reply to telnet even when open

Answer: C

Question No: 244 – (Topic 3)

If an attacker#39;s computer sends an IPID of 31400 to a zombie (Idle Scanning) computer on an open port, what will be the response?

A. 31400

B. 31402

C. The zombie will not send a response

D. 31401

Answer: B Explanation:

31402 is the correct answer.

Question No: 245 – (Topic 3)

Trojan horse attacks pose one of the most serious threats to computer security. The image below shows different ways a Trojan can get into a system. Which are the easiest and most convincing ways to infect a computer?

Ensurepass 2018 PDF and VCE

  1. IRC (Internet Relay Chat)

  2. Legitimate quot;shrink-wrappedquot; software packaged by a disgruntled employee

  3. NetBIOS (File Sharing)

  4. Downloading files, games and screensavers from Internet sites

Answer: B

Question No: 246 – (Topic 3)

SSL has been seen as the solution to a lot of common security problems. Administrator will often time make use of SSL to encrypt communications from points A to point B. Why do you think this could be a bad idea if there is an Intrusion Detection System deployed to monitor the traffic between point A and B?

  1. SSL is redundant if you already have IDS#39;s in place

  2. SSL will trigger rules at regular interval and force the administrator to turn them off

  3. SSL will slow down the IDS while it is breaking the encryption to see the packet content

  4. SSL will blind the content of the packet and Intrusion Detection Systems will not be able to detect them

Answer: D

Question No: 247 – (Topic 3)

Jake is a network administrator who needs to get reports from all the computer and network devices on his network. Jake wants to use SNMP but is afraid that won#39;t be secure since passwords and messages are in clear text. How can Jake gather network information in a secure manner?

  1. He can use SNMPv3

  2. Jake can use SNMPrev5

  3. He can use SecWMI

  4. Jake can use SecSNMP

Answer: A

Question No: 248 – (Topic 3)

June, a security analyst, understands that a polymorphic virus has the ability to mutate and

can change its known viral signature and hide from signature-based antivirus programs. Can June use an antivirus program in this case and would it be effective against a polymorphic virus?

  1. Yes. June can use an antivirus program since it compares the parity bit of executable files to the database of known check sum counts and it is effective on a polymorphic virus

  2. Yes. June can use an antivirus program since it compares the signatures of executable files to the database of known viral signatures and it is very effective against a polymorphic virus

  3. No. June can#39;t use an antivirus program since it compares the signatures of executable files to the database of known viral signatures and in the case the polymorphic viruses cannot be detected by a signature-based anti-virus program

  4. No. June can#39;t use an antivirus program since it compares the size of executable files to the database of known viral signatures and it is effective on a polymorphic virus

Answer: C

Question No: 249 – (Topic 3)

Which of the following Exclusive OR transforms bits is NOT correct?

  1. 0 xor 0 = 0

  2. 1 xor 0 = 1

  3. 1 xor 1 = 1

  4. 0 xor 1 = 1

Answer: C

Question No: 250 – (Topic 3)

The traditional traceroute sends out ICMP ECHO packets with a TTL of one, and increments the TTL until the destination has been reached. By printing the gateways that generate ICMP time exceeded messages along the way, it is able to determine the path packets take to reach the destination.

The problem is that with the widespread use of firewalls on the Internet today, many of the packets that traceroute sends out end up being filtered, making it impossible to completely trace the path to the destination.

Ensurepass 2018 PDF and VCE

How would you overcome the Firewall restriction on ICMP ECHO packets?

  1. Firewalls will permit inbound TCP packets to specific ports that hosts sitting behind the firewall are listening for connections. By sending out TCP SYN packets instead of ICMP ECHO packets, traceroute can bypass the most common firewall filters.

  2. Firewalls will permit inbound UDP packets to specific ports that hosts sitting behind the firewall are listening for connections. By sending out TCP SYN packets instead of ICMP ECHO packets, traceroute can bypass the most common firewall filters.

  3. Firewalls will permit inbound UDP packets to specific ports that hosts sitting behind the firewall are listening for connections. By sending out TCP SYN packets instead of ICMP ECHO packets, traceroute can bypass the most common firewall filters.

  4. Do not use traceroute command to determine the path packets take to reach the destination instead use the custom hacking tool JOHNTHETRACER and run with the command

  5. \gt; JOHNTHETRACER www.eccouncil.org -F -evade

Answer: A

100% Ensurepass Free Download!
Download Free Demo:EC1-350 Demo PDF
100% Ensurepass Free Guaranteed!
EC1-350 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No