Latest Certified Success Dumps Download

EC0-350 Latest Exam (Sep 2017)

[Free] 2017(Sep) EnsurePass Dumpsleader ECCouncil EC0-350 Dumps with VCE and PDF 541-550

September 23, 2017

2017 Sep ECCouncil Official New Released EC0-350
100% Free Download! 100% Pass Guaranteed!

Ethical Hacking and Countermeasures V8

Question No: 541 – (Topic 6)

Why would an attacker want to perform a scan on port 137?

  1. To discover proxy servers on a network

  2. To disrupt the NetBIOS SMB service on the target host

  3. To check for file and print sharing on Windows systems

  4. To discover information about a target host using NBTSTAT

Answer: D

Explanation: Microsoft encapsulates netbios information within TCP/Ip using ports 135- 139.It is trivial for an attacker to issue the following command:

nbtstat -A (your Ip address)

From their windows machine and collect information about your windows machine (if you are not blocking traffic to port 137 at your borders).

Question No: 542 – (Topic 6)

What is the essential difference between an ‘Ethical Hacker’ and a ‘Cracker’?

  1. The ethical hacker does not use the same techniques or skills as a cracker.

  2. The ethical hacker does it strictly for financial motives unlike a cracker.

  3. The ethical hacker has authorization from the owner of the target.

  4. The ethical hacker is just a cracker who is getting paid.

Answer: C Explanation:

The ethical hacker uses the same techniques and skills as a cracker and the motive is to find the security breaches before a cracker does. There is nothing that says that a cracker does not get paid for the work he does, a ethical hacker has the owners authorization and will get paid even if he does not succeed to penetrate the target.

Question No: 543 – (Topic 6)

Bob has been hired to perform a penetration test on He begins by looking at IP address ranges owned by the company and details of domain name registration. He then goes to News Groups and financial web sites to see if they are leaking any sensitive information of have any technical details online.

Within the context of penetration testing methodology, what phase is Bob involved with?

  1. Passive information gathering

  2. Active information gathering

  3. Attack phase

  4. Vulnerability Mapping

Answer: A

Explanation: He is gathering information and as long as he doesn’t make contact with any of the targets systems he is considered gathering this information in a passive mode.

Question No: 544 – (Topic 6)

An Nmap scan shows the following open ports, and nmap also reports that the OS guessing results to match too many signatures hence it cannot reliably be identified:

21 ftp

23 telnet

80 http

443 https

What does this suggest?

  1. This is a Windows Domain Controller

  2. The host is not firewalled

  3. The host is not a Linux or Solaris system

  4. The host is not properly patched

Answer: D

Explanation: If the answer was A nmap would guess it, it holds the MS signature database, the host not being firewalled makes no difference.The host is not linux or solaris, well it very well could be. The host is not properly patched? That is the closest; nmaps OS detection architecture is based solely off the TCP ISN issued by the operating systems TCP/IP stack, if the stack is modified to show output from randomized ISN#39;s or if your using a program to change the ISN then OS detection will fail. If the TCP/IP IP ID#39;s are modified then os detection could also fail, because the machine would most likely come back as being down.

Question No: 545 – (Topic 6)

According to the CEH methodology, what is the next step to be performed after footprinting?

  1. Enumeration

  2. Scanning

  3. System Hacking

  4. Social Engineering

  5. Expanding Influence

Answer: B

Explanation: Once footprinting has been completed, scanning should be attempted next. Scanning should take place on two distinct levels: network and host.

Question No: 546 – (Topic 6)

Bob is acknowledged as a hacker of repute and is popular among visitors of “underground” sites. Bob is willing to share his knowledge with those who are willing to learn, and many have expressed their interest in learning from him. However, this knowledge has a risk associated with it, as it can be used for malevolent attacks as well.

In this context, what would be the most affective method to bridge the knowledge gap between the “black” hats or crackers and the “white” hats or computer security professionals? (Choose the test answer)

  1. Educate everyone with books, articles and training on risk analysis, vulnerabilities and safeguards.

  2. Hire more computer security monitoring personnel to monitor computer systems and networks.

  3. Make obtaining either a computer security certification or accreditation easier to achieve so more individuals feel that they are a part of something larger than life.

  4. Train more National Guard and reservist in the art of computer security to help out in times of emergency or crises.

Answer: A Explanation:

Bridging the gap would consist of educating the white hats and the black hats equally so that their knowledge is relatively the same. Using books, articles, the internet, and professional training seminars is a way of completing this goal.

Question No: 547 – (Topic 6)

War dialing is a very old attack and depicted in movies that were made years ago. Why would a modem security tester consider using such an old technique?

  1. It is cool, and if it works in the movies it must work in real life.

  2. It allows circumvention of protection mechanisms by being on the internal network.

  3. It allows circumvention of the company PBX.

  4. A good security tester would not use such a derelict technique.

Answer: B

Explanation: If you are lucky and find a modem that answers and is connected to the target network, it usually is less protected (as only employees are supposed to know of its existence) and once connected you don’t need to take evasive actions towards any firewalls or IDS.

Question No: 548 – (Topic 6)

What is the disadvantage of an automated vulnerability assessment tool?

  1. Ineffective

  2. Slow

  3. Prone to false positives

  4. Prone to false negatives

  5. Noisy

Answer: E

Explanation: Vulnerability assessment tools perform a good analysis of system vulnerabilities; however, they are noisy and will quickly trip IDS systems.

Question No: 549 – (Topic 6)

A company is legally liable for the content of email that is sent from its systems, regardless of whether the message was sent for private or business-related purposes. This could lead to prosecution for the sender and for the company#39;s directors if, for example, outgoing email was found to contain material that was pornographic, racist, or likely to incite someone to commit an act of terrorism. You can always defend yourself by quot;ignorance of the lawquot; clause.

  1. true

  2. false

Answer: B

Question No: 550 – (Topic 6)

Which of the following is an automated vulnerability assessment tool?

  1. Whack a Mole

  2. Nmap

  3. Nessus

  4. Kismet

  5. Jill32

Answer: C Explanation:

Nessus is a vulnerability assessment tool.

100% Free Download!
Download Free Demo:EC0-350 Demo PDF
100% Pass Guaranteed!
Download 2017 EnsurePass EC0-350 Full Exam PDF and VCE

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 EnsurePass IT Certification PDF and VCE