[Free] 2018(Jan) EnsurePass Pass4sure ECCouncil EC1-350 Dumps with VCE and PDF 81-90

Ensurepass.com : Ensure you pass the IT Exams
2018 Jan ECCouncil Official New Released EC1-350
100% Free Download! 100% Pass Guaranteed!
http://www.EnsurePass.com/EC1-350.html

Ethical Hacking and Countermeasures V7

Question No: 81 – (Topic 1)

An attacker has successfully compromised a remote computer. Which of the following comes as one of the last steps that should be taken to ensure that the compromise cannot be traced back to the source of the problem?

  1. Install patches

  2. Setup a backdoor

  3. Install a zombie for DDOS

  4. Cover your tracks

Answer: D

Question No: 82 – (Topic 1)

Attackers target HINFO record types stored on a DNS server to enumerate information. These are information records and potential source for reconnaissance. A network administrator has the option of entering host information specifically the CPU type and operating system when creating a new DNS record. An attacker can extract this type of information easily from a DNS server.

Which of the following commands extracts the HINFO record?

Ensurepass 2018 PDF and VCE

  1. Option A

  2. Option B

  3. Option C

  4. Option D

Answer: A

Question No: 83 – (Topic 1)

Bret is a web application administrator and has just read that there are a number of surprisingly common web application vulnerabilities that can be exploited by unsophisticated attackers with easily available tools on the Internet. He has also read that when an organization deploys a web application, they invite the world to send HTTP requests. Attacks buried in these requests sail past firewalls, filters, platform hardening, SSL, and IDS without notice because they are inside legal HTTP requests. Bret is determined to weed out vulnerabilities.

What are some of the common vulnerabilities in web applications that he should be concerned about?

  1. Non-validated parameters, broken access control, broken account and session management, cross-site scripting and buffer overflows are just a few common vulnerabilities

  2. Visible clear text passwords, anonymous user account set as default, missing latest security patch, no firewall filters set and no SSL configured are just a few common vulnerabilities

  3. No SSL configured, anonymous user account set as default, missing latest security patch, no firewall filters set and an inattentive system administrator are just a few common vulnerabilities

  4. No IDS configured, anonymous user account set as default, missing latest security patch, no firewall filters set and visible clear text passwords are just a few common vulnerabilities

Answer: A

Question No: 84 – (Topic 1)

What is War Dialing?

  1. War dialing involves the use of a program in conjunction with a modem to penetrate the modem/PBX-based systems

  2. War dialing is a vulnerability scanning technique that penetrates Firewalls

  3. It is a social engineering technique that uses Phone calls to trick victims

  4. Involves IDS Scanning Fragments to bypass Internet filters and stateful Firewalls

Answer: A

Question No: 85 – (Topic 1)

Steven the hacker realizes the network administrator of Acme Corporation is using syskey in Windows 2008 Server to protect his resources in the organization. Syskey independently encrypts the hashes so that physical access to the server, tapes, or ERDs is only first step to cracking the passwords. Steven must break through the encryption used by syskey before he can attempt to use brute force dictionary attacks on the hashes. Steven runs a program called quot;SysCrackerquot; targeting the Windows 2008 Server machine in attempting to crack the hash used by Syskey. He needs to configure the encryption level before he can launch the attack. How many bits does Syskey use for encryption?

  1. 40-bit encryption

  2. 128-bit encryption

  3. 256-bit encryption

  4. 64-bit encryption

Answer: B

Question No: 86 – (Topic 1)

Bob waits near a secured door, holding a box. He waits until an employee walks up to the secured door and uses the special card in order to access the restricted area of the target company. Just as the employee opens the door, Bob walks up to the employee (still holding the box) and asks the employee to hold the door open so that he can enter. What is the best way to undermine the social engineering activity of tailgating?

  1. Issue special cards to access secure doors at the company and provide a one-time only brief description of use of the special card

  2. Educate and enforce physical security policies of the company to all the employees on a regular basis

  3. Setup a mock video camera next to the special card reader adjacent to the secure door

  4. Post a sign that states, quot;no tailgatingquot; next to the special card reader adjacent to the secure door

Answer: B

Question No: 87 – (Topic 1)

Ursula is a college student at a University in Amsterdam. Ursula originally went to college to study engineering but later changed to marine biology after spending a month at sea with her friends. These friends frequently go out to sea to follow and harass fishing fleets that illegally fish in foreign waters. Ursula eventually wants to put companies practicing illegal fishing out of business. Ursula decides to hack into the parent company#39;s computers and destroy critical data knowing fully well that, if caught, she probably would be sent to jail for a very long time. What would Ursula be considered?

  1. Ursula would be considered a gray hat since she is performing an act against illegal activities.

  2. She would be considered a suicide hacker.

  3. She would be called a cracker.

  4. Ursula would be considered a black hat.

Answer: B

Question No: 88 – (Topic 1)

Attacking well-known system defaults is one of the most common hacker attacks. Most software is shipped with a default configuration that makes it easy to install and setup the application. You should change the default settings to secure the system.

Which of the following is NOT an example of default installation?

  1. Many systems come with default user accounts with well-known passwords that administrators forget to change

  2. Often, the default location of installation files can be exploited which allows a hacker to retrieve a file from the system

  3. Many software packages come with quot;samplesquot; that can be exploited, such as the sample programs on IIS web services

  4. Enabling firewall and anti-virus software on the local system

Answer: D

Question No: 89 – (Topic 1)

This tool is widely used for ARP Poisoning attack. Name the tool.

Ensurepass 2018 PDF and VCE

  1. Cain and Able

  2. Beat Infector

  3. Poison Ivy

  4. Webarp Infector

Answer: A

Question No: 90 – (Topic 1)

BankerFox is a Trojan that is designed to steal users#39; banking data related to certain banking entities.

When they access any website of the affected banks through the vulnerable Firefox 3.5 browser, the Trojan is activated and logs the information entered by the user. All the information entered in that website will be logged by the Trojan and transmitted to the attacker#39;s machine using covert channel.

BankerFox does not spread automatically using its own means. It needs an attacking user#39;s intervention in order to reach the affected computer.

Ensurepass 2018 PDF and VCE

What is the most efficient way an attacker located in remote location to infect this banking Trojan on a victim#39;s machine?

  1. Physical access – the attacker can simply copy a Trojan horse to a victim#39;s hard disk infecting the machine via Firefox add-on extensions

  2. Custom packaging – the attacker can create a custom Trojan horse that mimics the appearance of a program that is unique to that particular computer

  3. Custom packaging – the attacker can create a custom Trojan horse that mimics the appearance of a program that is unique to that particular computer

  4. Custom packaging – the attacker can create a custom Trojan horse that mimics the appearance of a program that is unique to that particular computer

  5. Downloading software from a website? An attacker can offer free software, such as shareware programs and pirated mp3 files

Answer: E

100% Ensurepass Free Download!
Download Free Demo:EC1-350 Demo PDF
100% Ensurepass Free Guaranteed!
EC1-350 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No