Home » [Free] 2018(Jan) EnsurePass Pass4sure ECCouncil EC0-350 Dumps with VCE and PDF 61-70

[Free] 2018(Jan) EnsurePass Pass4sure ECCouncil EC0-350 Dumps with VCE and PDF 61-70

Ensurepass.com : Ensure you pass the IT Exams
2018 Jan ECCouncil Official New Released EC0-350
100% Free Download! 100% Pass Guaranteed!
http://www.EnsurePass.com/EC0-350.html

Ethical Hacking and Countermeasures V8

Question No: 61 – (Topic 1)

In the context of password security: a simple dictionary attack involves loading a dictionary file (a text file full of dictionary words) into a cracking application such as L0phtCrack or John the Ripper, and running it against user accounts located by the application. The larger the word and word fragment selection, the more effective the dictionary attack is. The brute force method is the most inclusive – though slow. Usually, it tries every possible letter and number combination in its automated exploration. If you would use both brute force and dictionary combined together to have variations of words, what would you call such an attack?

  1. Full Blown Attack

  2. Thorough Attack

  3. Hybrid Attack

  4. BruteDict Attack

    Answer: C

    Question No: 62 – (Topic 1)

    TCP SYN Flood attack uses the three-way handshake mechanism.

    1. An attacker at system A sends a SYN packet to victim at system B.

    2. System B sends a SYN/ACK packet to victim A.

    3. As a normal three-way handshake mechanism system A should send an ACK packet to

      system B, however, system A does not send an ACK packet to system B. In this case client B is waiting for an ACK packet from client A.

      This status of client B is called

      1. quot;half-closedquot;

      2. quot;half openquot;

      3. quot;full-openquot;

      4. quot;xmas-openquot;

Answer: B

Question No: 63 – (Topic 1)

Annie has just succeeded in stealing a secure cookie via a XSS attack. She is able to replay the cookie even while the session is invalid on the server. Why do you think this is possible?

  1. It works because encryption is performed at the application layer (single encryption key)

  2. The scenario is invalid as a secure cookie cannot be replayed

  3. It works because encryption is performed at the network layer (layer 1 encryption)

  4. Any cookie can be replayed irrespective of the session status

Answer: A

Question No: 64 – (Topic 1)

What file system vulnerability does the following command take advantage of? type c:\anyfile.exe gt; c:\winnt\system32\calc.exe:anyfile.exe

  1. HFS

  2. Backdoor access

  3. XFS

  4. ADS

Answer: D

Question No: 65 – (Topic 1)

How many bits encryption does SHA-1 use?

  1. 64 bits

  2. 128 bits

  3. 256 bits

  4. 160 bits

Answer: D

Question No: 66 – (Topic 1)

Stephanie works as a records clerk in a large office building in downtown Chicago. On Monday, she went to a mandatory security awareness class (Security5) put on by her company#39;s IT department. During the class, the IT department informed all employees that everyone#39;s Internet activity was thenceforth going to be monitored.

Stephanie is worried that her Internet activity might give her supervisor reason to write her up, or worse get her fired. Stephanie#39;s daily work duties only consume about four hours of her time, so she usually spends the rest of the day surfing the web. Stephanie really enjoys surfing the Internet but definitely does not want to get fired for it.

What should Stephanie use so that she does not get in trouble for surfing the Internet?

  1. Stealth IE

  2. Stealth Anonymizer

  3. Stealth Firefox

  4. Cookie Disabler

Answer: B

Question No: 67 – (Topic 1)

How would you describe an attack where an attacker attempts to deliver the payload over multiple packets over long periods of time with the purpose of defeating simple pattern matching in IDS systems without session reconstruction? A characteristic of this attack would be a continuous stream of small packets.

  1. Session Hijacking

  2. Session Stealing

  3. Session Splicing

  4. Session Fragmentation

Answer: C

Question No: 68 – (Topic 1)

What is War Dialing?

  1. War dialing involves the use of a program in conjunction with a modem to penetrate the modem/PBX-based systems

  2. War dialing is a vulnerability scanning technique that penetrates Firewalls

  3. It is a social engineering technique that uses Phone calls to trick victims

  4. Involves IDS Scanning Fragments to bypass Internet filters and stateful Firewalls

Answer: A

Question No: 69 – (Topic 1)

In Trojan terminology, what is required to create the executable file chess.exe as shown below?

Ensurepass 2018 PDF and VCE

  1. Mixer

  2. Converter

  3. Wrapper

  4. Zipper

Answer: C

Question No: 70 – (Topic 1)

This attack uses social engineering techniques to trick users into accessing a fake Web site and divulging personal information. Attackers send a legitimate-looking e-mail asking users to update their information on the company#39;s Web site, but the URLs in the e-mail actually

point to a false Web site.

  1. Wiresharp attack

  2. Switch and bait attack

  3. Phishing attack

  4. Man-in-the-Middle attack

Answer: C

100% Ensurepass Free Download!
Download Free Demo:EC0-350 Demo PDF
100% Ensurepass Free Guaranteed!
EC0-350 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

[Free] 2018(Jan) EnsurePass Pass4sure ECCouncil EC0-350 Dumps with VCE and PDF 101-110
[Free] 2018(Jan) EnsurePass Pass4sure ECCouncil EC0-350 Dumps with VCE and PDF 21-30

Name of author

Name: admin