Latest Certified Success Dumps Download

CISCO, MICROSOFT, COMPTIA, HP, IBM, ORACLE, VMWARE
EC1-350 Latest Exam (Sep 2017)

[Free] 2017(Sep) EnsurePass Dumpsleader ECCouncil EC1-350 Dumps with VCE and PDF 221-230

September 23, 2017

EnsurePass
2017 Sep ECCouncil Official New Released EC1-350
100% Free Download! 100% Pass Guaranteed!
http://www.EnsurePass.com/EC1-350.html

Ethical Hacking and Countermeasures V7

Question No: 221 – (Topic 3)

Perimeter testing means determining exactly what your firewall blocks and what it allows. To conduct a good test, you can spoof source IP addresses and source ports. Which of the following command results in packets that will appear to originate from the system at 10.8.8.8? Such a packet is useful for determining whether the firewall is allowing random packets in or out of your network.

  1. hping3 -T 10.8.8.8 -S netbios -c 2 -p 80

  2. hping3 -Y 10.8.8.8 -S windows -c 2 -p 80

  3. hping3 -O 10.8.8.8 -S server -c 2 -p 80

  4. hping3 -a 10.8.8.8 -S springfield -c 2 -p 80

Answer: D

Question No: 222 – (Topic 3)

The GET method should never be used when sensitive data such as credit card is being sent to a CGI program. This is because any GET command will appear in the URL, and will be logged by any servers. For example, let#39;s say that you#39;ve entered your credit card information into a form that uses the GET method. The URL may appear like this:

https://www.xsecurity-bank.com/creditcard.asp?cardnumber=453453433532234

The GET method appends the credit card number to the URL. This means that anyone with access to a server log will be able to obtain this information. How would you protect from this type of attack?

  1. Never include sensitive information in a script

  2. Use HTTPS SSLv3 to send the data instead of plain HTTPS

  3. Replace the GET with POST method when sending data

  4. Encrypt the data before you send using GET method

Answer: C

Question No: 223 – (Topic 3)

Keystroke logging is the action of tracking (or logging) the keys struck on a keyboard, typically in a covert manner so that the person using the keyboard is unaware that their

actions are being monitored.

Ensurepass 2017 PDF and VCE

Ensurepass 2017 PDF and VCE

How will you defend against hardware keyloggers when using public computers and Internet Kiosks? (Select 4 answers)

  1. Alternate between typing the login credentials and typing characters somewhere else in the focus window

  2. Type a wrong password first, later type the correct password on the login page defeating the keylogger recording

  3. Type a password beginning with the last letter and then using the mouse to move the cursor for each subsequent letter.

  4. The next key typed replaces selected text portion. E.g. if the password is quot;secretquot;, one could type quot;squot;, then some dummy keys quot;asdfsdquot;.

    Then these dummies could be selected with mouse, and next character from the password quot;equot; is typed, which replaces the dummies

    quot;asdfsdquot;

  5. The next key typed replaces selected text portion. E.g. if the password is quot;secretquot;, one could type quot;squot;, then some dummy keys quot;asdfsdquot;.

Then these dummies could be selected with mouse, and next character from the password quot;equot; is typed, which replaces the dummies

quot;asdfsdquot;

Answer: A,C,D,E

Question No: 224 – (Topic 3)

Lauren is performing a network audit for her entire company. The entire network is comprised of around 500 computers. Lauren starts an ICMP ping sweep by sending one IP packet to the broadcast address of the network, but only receives responses from around five hosts. Why did this ping sweep only produce a few responses?

  1. Only Windows systems will reply to this scan.

  2. A switched network will not respond to packets sent to the broadcast address.

  3. Only Linux and Unix-like (Non-Windows) systems will reply to this scan.

  4. Only servers will reply to this scan.

Answer: C

Question No: 225 – (Topic 3)

Wayne is the senior security analyst for his company. Wayne is examining some traffic logs on a server and came across some inconsistencies. Wayne finds some IP packets from a computer purporting to be on the internal network. The packets originate from 192.168.12.35 with a TTL of 15. The server replied to this computer and received a response from 192.168.12.35 with a TTL of 21. What can Wayne infer from this traffic log?

  1. The initial traffic from 192.168.12.35 was being spoofed.

  2. The traffic from 192.168.12.25 is from a Linux computer.

  3. The TTL of 21 means that the client computer is on wireless.

  4. The client computer at 192.168.12.35 is a zombie computer.

Answer: A

Question No: 226 – (Topic 3)

What type of port scan is shown below?

Ensurepass 2017 PDF and VCE

  1. Idle Scan

  2. Windows Scan

  3. XMAS Scan

  4. SYN Stealth Scan

Answer: C

Question No: 227 – (Topic 3)

Here is the ASCII Sheet.

Ensurepass 2017 PDF and VCE

You want to guess the DBO username juggyboy (8 characters) using Blind SQL Injection

technique.

What is the correct syntax?

Ensurepass 2017 PDF and VCE

  1. Option A

  2. Option B

  3. Option C

  4. Option D

Answer: A

Question No: 228 – (Topic 3)

How do you defend against ARP Poisoning attack? (Select 2 answers)

Ensurepass 2017 PDF and VCE

  1. Enable DHCP Snooping Binding Table

  2. Restrict ARP Duplicates

  3. Enable Dynamic ARP Inspection

  4. Enable MAC snooping Table

Answer: A,C

Question No: 229 – (Topic 3)

You are the security administrator for a large network. You want to prevent attackers from running any sort of traceroute into your DMZ and discovering the internal structure of publicly accessible areas of the network. How can you achieve this?

  1. There is no way to completely block tracerouting into this area

  2. Block UDP at the firewall

  3. Block TCP at the firewall

  4. Block ICMP at the firewall

Answer: A

Question No: 230 – (Topic 3)

Neil is an IT security consultant working on contract for Davidson Avionics. Neil has been

hired to audit the network of Davidson Avionics. He has been given permission to perform any tests necessary. Neil has created a fake company ID badge and uniform. Neil waits by one of the company#39;s entrance doors and follows an employee into the office after they use their valid access card to gain entrance. What type of social engineering attack has Neil employed here?

  1. Neil has used a tailgating social engineering attack to gain access to the offices

  2. He has used a piggybacking technique to gain unauthorized access

  3. This type of social engineering attack is called man trapping

  4. Neil is using the technique of reverse social engineering to gain access to the offices of Davidson Avionics

Answer: A

100% Free Download!
Download Free Demo:EC1-350 Demo PDF
100% Pass Guaranteed!
Download 2017 EnsurePass EC1-350 Full Exam PDF and VCE

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 EnsurePass IT Certification PDF and VCE