Latest Certified Success Dumps Download

EC0-350 Latest Exam (Sep 2017)

[Free] 2017(Sep) EnsurePass Dumpsleader ECCouncil EC0-350 Dumps with VCE and PDF 581-590

September 23, 2017

2017 Sep ECCouncil Official New Released EC0-350
100% Free Download! 100% Pass Guaranteed!

Ethical Hacking and Countermeasures V8

Question No: 581 – (Topic 6)

Which of the following LM hashes represents a password of less than 8 characters?

A. 0182BD0BD4444BF836077A718CCDF409

B. 44EFCE164AB921CQAAD3B435B51404EE C. BA810DBA98995F1817306D272A9441BB D. CEC52EB9C8E3455DC2265B23734E0DAC E. B757BF5C0D87772FAAD3B435B51404EE F. E52CAC67419A9A224A3B108F3FA6CB6D

Answer: C,E

Question No: 582 – (Topic 6)

Which of the following is optimized for confidential communications, such as bidirectional voice and video?

  1. RC4

  2. RC5

  3. MD4

  4. MD5

Answer: A

Question No: 583 – (Topic 6)

Ann would like to perform a reliable scan against a remote target. She is not concerned about being stealth at this point.

Which of the following type of scans would be the most accurate and reliable option?

  1. A half-scan

  2. A UDP scan

  3. A TCP Connect scan

  4. A FIN scan

Answer: C

Explanation: A TCP Connect scan, named after the Unix connect() system call is the most accurate scanning method. If a port is open the operating system completes the TCP three- way handshake, and the port scanner immediately closes the connection. Otherwise an error code is returned.

Example of a three-way handshake followed by a reset:


[][]TCP: D=80 S=49389 SYN SEQ=3362197786 LEN=0 WIN=5840

[] [] TCP: D=49389 S=80 SYN ACK=3362197787 SEQ=58695210 LEN=0 WIN=65535

[][]TCP: D=80 S=49389 ACK=58695211 WINlt;lt;2=5840 [][]TCP: D=80 S=49389 RST ACK=58695211 WINlt;lt;2=5840

Question No: 584 – (Topic 6)

Harold is the senior security analyst for a small state agency in New York. He has no other security professionals that work under him, so he has to do all the security-related tasks for the agency. Coming from a computer hardware background, Harold does not have a lot of experience with security methodologies and technologies, but he was the only one who applied for the position. Harold is currently trying to run a Sniffer on the agency#39;s network to get an idea of what kind of traffic is being passed around, but the program he is using does not seem to be capturing anything. He pours through the Sniffer#39;s manual, but cannot find anything that directly relates to his problem. Harold decides to ask the network administrator if he has any thoughts on the problem. Harold is told that the Sniffer was not working because the agency#39;s network is a switched network, which cannot be sniffed by some programs without some tweaking. What technique could Harold use to sniff his agency#39;s switched network?

  1. ARP spoof the default gateway

  2. Conduct MiTM against the switch

  3. Launch smurf attack against the switch

  4. Flood the switch with ICMP packets

Answer: A

Question No: 585 – (Topic 6)

Which of the following commands runs snort in packet logger mode?

  1. ./snort -dev -h ./log

  2. ./snort -dev -l ./log

  3. ./snort -dev -o ./log

  4. ./snort -dev -p ./log

Answer: B

Explanation: Note: If you want to store the packages in binary mode for later analysis use

./snort -l ./log -b

Question No: 586 – (Topic 6)

is found in all versions of NTFS and is described as the ability to fork file data into existing files without affecting their functionality, size, or display to traditional file

browsing utilities like dir or Windows Explorer

  1. Alternate Data Streams

  2. Merge Streams

  3. Steganography

  4. NetBIOS vulnerability

Answer: A

Question No: 587 – (Topic 6)

Which address translation scheme would allow a single public IP address to always correspond to a single machine on an internal network, allowing quot;server publishingquot;?

  1. Overloading Port Address Translation

  2. Dynamic Port Address Translation

  3. Dynamic Network Address Translation

  4. Static Network Address Translation

Answer: D

Explanation: Mapping an unregistered IP address to a registered IP address on a one-to- one basis. Particularly useful when a device needs to be accessible from outside the network.

Question No: 588 – (Topic 6)

Neil notices that a single address is generating traffic from its port 500 to port 500 of several other machines on the network. This scan is eating up most of the network bandwidth and Neil is concerned. As a security professional, what would you infer from this scan?

  1. It is a network fault and the originating machine is in a network loop

  2. It is a worm that is malfunctioning or hardcoded to scan on port 500

  3. The attacker is trying to detect machines on the network which have SSL enabled

  4. The attacker is trying to determine the type of VPN implementation and checking for IPSec

Answer: D

Explanation: Port 500 is used by IKE (Internet Key Exchange). This is typically used for IPSEC-based VPN software, such as Freeswan, PGPnet, and various vendors of in-a-box VPN solutions such as Cisco. IKE is used to set up the session keys. The actual session is usually sent with ESP (Encapsulated Security Payload) packets, IP protocol 50 (but some in-a-box VPN#39;s such as Cisco are capable of negotiating to send the encrypted tunnel over a UDP channel, which is useful for use across firewalls that block IP protocols other than TCP or UDP).

Question No: 589 – (Topic 6)

Study the log below and identify the scan type.

Ensurepass 2017 PDF and VCE

A. nmap -sR B. nmap -sS C. nmap -sV

D. nmap -sO -T

Answer: D

Question No: 590 – (Topic 6)

Botnets are networks of compromised computers that are controlled remotely and surreptitiously by one or more cyber criminals. How do cyber criminals infect a victim#39;s computer with bots? (Select 4 answers)

  1. Attackers physically visit every victim#39;s computer to infect them with malicious software

  2. Home computers that have security vulnerabilities are prime targets for botnets

  3. Spammers scan the Internet looking for computers that are unprotected and use these quot;open-doorsquot; to install malicious software

  4. Attackers use phishing or spam emails that contain links or attachments

  5. Attackers use websites to host the bots utilizing Web Browser vulnerabilities

Answer: B,C,D,E Explanation:

New Questions

100% Free Download!
Download Free Demo:EC0-350 Demo PDF
100% Pass Guaranteed!
Download 2017 EnsurePass EC0-350 Full Exam PDF and VCE

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 EnsurePass IT Certification PDF and VCE