[Free] 2018(Jan) EnsurePass Testking ECCouncil EC0-350 Dumps with VCE and PDF 411-420

Ensurepass.com : Ensure you pass the IT Exams
2018 Jan ECCouncil Official New Released EC0-350
100% Free Download! 100% Pass Guaranteed!

Ethical Hacking and Countermeasures V8

Question No: 411 – (Topic 5)

Which of the following open source tools would be the best choice to scan a network for potential targets?

  1. NMAP

  2. NIKTO

  3. CAIN

  4. John the Ripper

Answer: A

Question No: 412 – (Topic 5)

Which system consists of a publicly available set of databases that contain domain name registration contact information?

  1. WHOIS

  2. IANA


  4. IETF

Answer: A

Question No: 413 – (Topic 5)

Information gathered from social networking websites such as Facebook, Twitter and LinkedIn can be used to launch which of the following types of attacks? (Choose two.)

  1. Smurf attack

  2. Social engineering attack

  3. SQL injection attack

  4. Phishing attack

  5. Fraggle attack

  6. Distributed denial of service attack

Answer: B,D

Question No: 414 – (Topic 5)

A recently hired network security associate at a local bank was given the responsibility to perform daily scans of the internal network to look for unauthorized devices. The employee decides to write a script that will scan the network for unauthorized devices every morning at 5:00 am.

Which of the following programming languages would most likely be used?

  1. PHP

  2. C#

  3. Python

  4. ASP.NET

Answer: C

Question No: 415 – (Topic 5)

An ethical hacker for a large security research firm performs penetration tests, vulnerability tests, and risk assessments. A friend recently started a company and asks the hacker to perform a penetration test and vulnerability assessment of the new company as a favor.

What should the hacker#39;s next step be before starting work on this job?

  1. Start by foot printing the network and mapping out a plan of attack.

  2. Ask the employer for authorization to perform the work outside the company.

  3. Begin the reconnaissance phase with passive information gathering and then move into active information gathering.

  4. Use social engineering techniques on the friend#39;s employees to help identify areas that may be susceptible to attack.

Answer: B

Question No: 416 – (Topic 5)

Which of the following can the administrator do to verify that a tape backup can be recovered in its entirety?

  1. Restore a random file.

  2. Perform a full restore.

  3. Read the first 512 bytes of the tape.

  4. Read the last 512 bytes of the tape.

Answer: B

Question No: 417 – (Topic 5)

The Open Web Application Security Project (OWASP) testing methodology addresses the need to secure web applications by providing which one of the following services?

  1. An extensible security framework named COBIT

  2. A list of flaws and how to fix them

  3. Web application patches

  4. A security certification for hardened web applications

Answer: B

Question No: 418 – (Topic 5)

During a penetration test, a tester finds that the web application being analyzed is vulnerable to Cross Site Scripting (XSS). Which of the following conditions must be met to exploit this vulnerability?

  1. The web application does not have the secure flag set.

  2. The session cookies do not have the HttpOnly flag set.

  3. The victim user should not have an endpoint security solution.

  4. The victim#39;s browser must have ActiveX technology enabled.

Answer: B

Question No: 419 – (Topic 5)

Which of the following is a client-server tool utilized to evade firewall inspection?

  1. tcp-over-dns

  2. kismet

  3. nikto

  4. hping

Answer: A

Question No: 420 – (Topic 5)

Which of the following viruses tries to hide from anti-virus programs by actively altering and corrupting the chosen service call interruptions when they are being run?

  1. Cavity virus

  2. Polymorphic virus

  3. Tunneling virus

  4. Stealth virus

Answer: D

100% Ensurepass Free Download!
Download Free Demo:EC0-350 Demo PDF
100% Ensurepass Free Guaranteed!
EC0-350 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No