Latest Certified Success Dumps Download

EC1-350 Latest Exam (Sep 2017)

[Free] 2017(Sep) EnsurePass Dumpsleader ECCouncil EC1-350 Dumps with VCE and PDF 211-220

September 23, 2017

2017 Sep ECCouncil Official New Released EC1-350
100% Free Download! 100% Pass Guaranteed!

Ethical Hacking and Countermeasures V7

Question No: 211 – (Topic 3)

The SNMP Read-Only Community String is like a password. The string is sent along with each SNMP Get-Request and allows (or denies) access to a device. Most network vendors ship their equipment with a default password of quot;publicquot;. This is the so-called quot;default public community stringquot;. How would you keep intruders from getting sensitive information regarding the network devices using SNMP? (Select 2 answers)

  1. Enable SNMPv3 which encrypts username/password authentication

  2. Use your company name as the public community string replacing the default #39;public#39;

  3. Enable IP filtering to limit access to SNMP device

  4. The default configuration provided by device vendors is highly secure and you don#39;t need to change anything

Answer: A,C

Question No: 212 – (Topic 3)

You are writing security policy that hardens and prevents Footprinting attempt by Hackers. Which of the following countermeasures will NOT be effective against this attack?

  1. Configure routers to restrict the responses to Footprinting requests

  2. Configure Web Servers to avoid information leakage and disable unwanted protocols

  3. Lock the ports with suitable Firewall configuration

  4. Use an IDS that can be configured to refuse suspicious traffic and pick up Footprinting patterns

  5. Evaluate the information before publishing it on the Website/Intranet

  6. Monitor every employee computer with Spy cameras, keyloggers and spy on them

  7. Perform Footprinting techniques and remove any sensitive information found on DMZ sites

  8. Prevent search engines from caching a Webpage and use anonymous registration services

  9. Disable directory and use split-DNS

Answer: F

Question No: 213 – (Topic 3)

Bank of Timbuktu is a medium-sized, regional financial institution in Timbuktu. The bank has deployed a new Internet-accessible Web application recently. Customers can access their account balances, transfer money between accounts, pay bills and conduct online financial business using a Web browser.

John Stevens is in charge of information security at Bank of Timbuktu. After one month in production, several customers have complained about the Internet enabled banking application. Strangely, the account balances of many of the bank#39;s customers had been changed! However, money hasn#39;t been removed from the bank; instead, money was transferred between accounts. Given this attack profile, John Stevens reviewed the Web application#39;s logs and found the following entries:

Ensurepass 2017 PDF and VCE

What kind of attack did the Hacker attempt to carry out at the bank?

  1. Brute force attack in which the Hacker attempted guessing login ID and password from password cracking tools.

  2. The Hacker attempted Session hijacking, in which the Hacker opened an account with the bank, then logged in to receive a session ID, guessed the next ID and took over Jason#39;s session.

  3. The Hacker used a generator module to pass results to the Web server and exploited Web application CGI vulnerability.

  4. The Hacker first attempted logins with suspected user names, then used SQL Injection to gain access to valid bank login IDs.

Answer: D

Question No: 214 – (Topic 3)

WWW wanderers or spiders are programs that traverse many pages in the World Wide Web by recursively retrieving linked pages. Search engines like Google, frequently spider web pages for indexing. How will you stop web spiders from crawling certain directories on your website?

  1. Place robots.txt file in the root of your website with listing of directories that you don#39;t want to be crawled

  2. Place authentication on root directories that will prevent crawling from these spiders

  3. Enable SSL on the restricted directories which will block these spiders from crawling

  4. Place quot;HTTP:NO CRAWLquot; on the html pages that you don#39;t want the crawlers to index

Answer: A

Question No: 215 – (Topic 3)

You are trying to hijack a telnet session from a victim machine with IP address to Cisco router at You sniff the traffic and attempt to predict the sequence and acknowledgement numbers to successfully hijack the telnet session.

Here is the captured data in tcpdump.

Ensurepass 2017 PDF and VCE

What are the next sequence and acknowledgement numbers that the router will send to the victim machine?

  1. Sequence number: 82980070 Acknowledgement number: 17768885A.

  2. Sequence number: 17768729 Acknowledgement number: 82980070B.

  3. Sequence number: 87000070 Acknowledgement number: 85320085C.

  4. Sequence number: 82980010 Acknowledgement number: 17768885D.

Answer: A

Question No: 216 – (Topic 3)

Hayden is the network security administrator for her company, a large finance firm based in Miami. Hayden just returned from a security conference in Las Vegas where they talked about all kinds of old and new security threats; many of which she did not know of. Hayden is worried about the current security state of her company#39;s network so she decides to start scanning the network from an external IP address. To see how some of the hosts on her network react, she sends out SYN packets to an IP range. A number of IPs responds with a SYN/ACK response. Before the connection is established she sends RST packets to those hosts to stop the session. She does this to see how her intrusion detection system will log the traffic. What type of scan is Hayden attempting here?

  1. Hayden is attempting to find live hosts on her company#39;s network by using an XMAS scan

  2. She is utilizing a SYN scan to find live hosts that are listening on her network

  3. The type of scan, she is using is called a NULL scan

  4. Hayden is using a half-open scan to find live hosts on her network

Answer: D

Question No: 217 – (Topic 3)

Web servers are often the most targeted and attacked hosts on organizations#39; networks. Attackers may exploit software bugs in the Web server, underlying operating system, or active content to gain unauthorized access.

Ensurepass 2017 PDF and VCE

Identify the correct statement related to the above Web Server installation?

  1. Lack of proper security policy, procedures and maintenance

  2. Bugs in server software, OS and web applications

  3. Installing the server with default settings

  4. Unpatched security flaws in the server software, OS and applications

Answer: C

Question No: 218 – (Topic 3)

If an attacker#39;s computer sends an IPID of 24333 to a zombie (Idle Scanning) computer on a closed port, what will be the response?

  1. The zombie computer will respond with an IPID of 24334.

  2. The zombie computer will respond with an IPID of 24333.

  3. The zombie computer will not send a response.

  4. The zombie computer will respond with an IPID of 24335.

Answer: A

Question No: 219 – (Topic 3)

Jacob is looking through a traffic log that was captured using Wireshark. Jacob has come across what appears to be SYN requests to an internal computer from a spoofed IP address. What is Jacob seeing here?

  1. Jacob is seeing a Smurf attack.

  2. Jacob is seeing a SYN flood.

  3. He is seeing a SYN/ACK attack.

  4. He has found evidence of an ACK flood.

Answer: B

Question No: 220 – (Topic 3)

Which of the following Registry location does a Trojan add entries to make it persistent on Windows 7? (Select 2 answers)

Ensurepass 2017 PDF and VCE

  1. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

  2. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\System32\CurrentVersion\ Run

  3. HKEY_CURRENT_USER\Software\Microsoft\Windows\System32\CurrentVersion\Run

  4. HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run

Answer: A,D

100% Free Download!
Download Free Demo:EC1-350 Demo PDF
100% Pass Guaranteed!
Download 2017 EnsurePass EC1-350 Full Exam PDF and VCE

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 EnsurePass IT Certification PDF and VCE