[Free] 2017(Sep) EnsurePass Passguide ECCouncil EC1-350 Dumps with VCE and PDF 281-290

EnsurePass
2017 Sep ECCouncil Official New Released EC1-350
100% Free Download! 100% Pass Guaranteed!
http://www.EnsurePass.com/EC1-350.html

Ethical Hacking and Countermeasures V7

Question No: 281 – (Topic 3)

Which tool is used to automate SQL injections and exploit a database by forcing a given web application to connect to another database controlled by a hacker?

  1. DataThief

  2. NetCat

  3. Cain and Abel

  4. SQLInjector

Answer: D

Explanation: Mole is an automatic SQL Injection exploitation tool. Only by providing a vulnerable URL and a valid string on the site it can detect the injection and exploit it, either by using the union technique or a Boolean query based technique. The Mole uses a command based interface, allowing the user to indicate the action he wants to perform easily

Question No: 282 – (Topic 3)

A security analyst is performing an audit on the network to determine if there are any deviations from the security policies in place. The analyst discovers that a user from the IT department had a dial-out modem installed. Which security policy must the security analyst check to see if dial-out modems are allowed?

  1. Firewall-management policy

  2. Acceptable-use policy

  3. Remote-access policy

  4. Permissive policy

Answer: C

Question No: 283 – (Topic 3)

A company is using Windows Server 2003 for its Active Directory (AD). What is the most efficient way to crack the passwords for the AD users?

  1. Perform a dictionary attack.

  2. Perform a brute force attack.

  3. Perform an attack with a rainbow table.

  4. Perform a hybrid attack.

Answer: C

Question No: 284 – (Topic 3)

When an alert rule is matched in a network-based IDS like snort, the IDS does which of the following?

  1. Drops the packet and moves on to the next one

  2. Continues to evaluate the packet until all rules are checked

  3. Stops checking rules, sends an alert, and lets the packet continue

  4. Blocks the connection with the source IP address in the packet

Answer: B

Question No: 285 – (Topic 3)

Passive reconnaissance involves collecting information through which of the following?

  1. Social engineering

  2. Network traffic sniffing

  3. Man in the middle attacks

  4. Publicly accessible sources

Answer: D

Question No: 286 – (Topic 3)

During a penetration test, the tester conducts an ACK scan using NMAP against the external interface of the DMZ firewall. NMAP reports that port 80 is unfiltered. Based on this response, which type of packet inspection is the firewall conducting?

  1. Host

  2. Stateful

  3. Stateless

  4. Application

Answer: C

Question No: 287 – (Topic 3)

What is the main reason the use of a stored biometric is vulnerable to an attack?

  1. The digital representation of the biometric might not be unique, even if the physical characteristic is unique.

  2. Authentication using a stored biometric compares a copy to a copy instead of the original to a copy.

  3. A stored biometric is no longer quot;something you arequot; and instead becomes quot;something you havequot;.

  4. A stored biometric can be stolen and used by an attacker to impersonate the individual identified by the biometric.

Answer: D

Question No: 288 – (Topic 3)

Which of the following types of firewall inspects only header information in network traffic?

  1. Packet filter

  2. Stateful inspection

  3. Circuit-level gateway

  4. Application-level gateway

Answer: A

Question No: 289 – (Topic 3)

An attacker sniffs encrypted traffic from the network and is subsequently able to decrypt it. The attacker can now use which cryptanalytic technique to attempt to discover the encryption key?

  1. Birthday attack

  2. Plaintext attack

  3. Meet in the middle attack

  4. Chosen ciphertext attack

Answer: D

Question No: 290 – (Topic 3)

Low humidity in a data center can cause which of the following problems?

  1. Heat

  2. Corrosion

  3. Static electricity

  4. Airborne contamination

Answer: C

100% Free Download!
Download Free Demo:EC1-350 Demo PDF
100% Pass Guaranteed!
Download 2017 EnsurePass EC1-350 Full Exam PDF and VCE

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 EnsurePass IT Certification PDF and VCE