Limited Time Discount Offer
30% Off - Ends in 02:00:00


ECCouncil EC1-350 Dumps

Ethical Hacking and Countermeasures V7
Ethical Hacking and Countermeasures V7

Questions & Answers for ECCouncil EC1-350

Showing 1-15 of 514 Questions

Question #1 - Topic 1

You are the Security Administrator of Xtrinity, Inc. You write security policies and conduct
assessments to protect the company's network. During one of your periodic checks to see
how well policy is being observed by the employees, you discover an employee has
attached cell phone 3G modem to his telephone line and workstation. He has used this cell
phone 3G modem to dial in to his workstation, thereby bypassing your firewall. A security
breach has occurred as a direct result of this activity. The employee explains that he used
the modem because he had to download software for a department project. How would you
resolve this situation?

A. Reconfigure the firewall

B. Enforce the corporate security policy

C. Install a network-based IDS

D. Conduct a needs analysis

Question #2 - Topic 1

Syslog is a standard for logging program messages. It allows separation of the software
that generates messages from the system that stores them and the software that reports
and analyzes them. It also provides devices, which would otherwise be unable to
communicate a means to notify administrators of problems or performance.

What default port Syslog daemon listens on?

A. 242

B. 312

C. 416

D. 514

Question #3 - Topic 1

Bret is a web application administrator and has just read that there are a number of
surprisingly common web application vulnerabilities that can be exploited by
unsophisticated attackers with easily available tools on the Internet. He has also read that
when an organization deploys a web application, they invite the world to send HTTP
requests. Attacks buried in these requests sail past firewalls, filters, platform hardening,
SSL, and IDS without notice because they are inside legal HTTP requests. Bret is
determined to weed out vulnerabilities.
What are some of the common vulnerabilities in web applications that he should be
concerned about?

A. Non-validated parameters, broken access control, broken account and session management, cross-site scripting and buffer overflows are just a few common vulnerabilities

B. Visible clear text passwords, anonymous user account set as default, missing latest security patch, no firewall filters set and no SSL configured are just a few common vulnerabilities

C. No SSL configured, anonymous user account set as default, missing latest security patch, no firewall filters set and an inattentive system administrator are just a few common vulnerabilities

D. No IDS configured, anonymous user account set as default, missing latest security patch, no firewall filters set and visible clear text passwords are just a few common vulnerabilities

Question #4 - Topic 1

Jason works in the sales and marketing department for a very large advertising agency
located in Atlanta. Jason is working on a very important marketing campaign for his
company's largest client. Before the project could be completed and implemented, a
competing advertising company comes out with the exact same marketing materials and
advertising, thus rendering all the work done for Jason's client unusable. Jason is
questioned about this and says he has no idea how all the material ended up in the hands
of a competitor.
Without any proof, Jason's company cannot do anything except move on. After working on
another high profile client for about a month, all the marketing and sales material again
ends up in the hands of another competitor and is released to the public before Jason's
company can finish the project. Once again, Jason says that he had nothing to do with it
and does not know how this could have happened. Jason is given leave with pay until they
can figure out what is going on.
Jason's supervisor decides to go through his email and finds a number of emails that were
sent to the competitors that ended up with the marketing material. The only items in the
emails were attached jpg files, but nothing else. Jason's supervisor opens the picture files,
but cannot find anything out of the ordinary with them.
What technique has Jason most likely used?

A. Stealth Rootkit Technique

B. ADS Streams Technique

C. Snow Hiding Technique

D. Image Steganography Technique

Question #5 - Topic 1

Stephanie works as senior security analyst for a manufacturing company in Detroit.
Stephanie manages network security throughout the organization. Her colleague Jason told
her in confidence that he was able to see confidential corporate information posted on the
external website He tries random URLs on the
company's website and finds confidential information leaked over the web. Jason says this
happened about a month ago. Stephanie visits the said URLs, but she finds nothing. She is
very concerned about this, since someone should be held accountable if there was
sensitive information posted on the website.
Where can Stephanie go to see past versions and pages of a website?

A. She should go to the web page to see web pages that might no longer be on the website

B. If Stephanie navigates to; she will see old versions of the company website

C. Stephanie can go to to see past versions of the company website

D. would have any web pages that are no longer hosted on the company's website

Question #6 - Topic 1

An attacker has successfully compromised a remote computer. Which of the following
comes as one of the last steps that should be taken to ensure that the compromise cannot
be traced back to the source of the problem?

A. Install patches

B. Setup a backdoor

C. Install a zombie for DDOS

D. Cover your tracks

Question #7 - Topic 1

Jimmy, an attacker, knows that he can take advantage of poorly designed input validation
routines to create or alter SQL commands to gain access to private data or execute
commands in the database. What technique does Jimmy use to compromise a database?

A. Jimmy can submit user input that executes an operating system command to compromise a target system

B. Jimmy can gain control of system to flood the target system with requests, preventing legitimate users from gaining access

C. Jimmy can utilize an incorrect configuration that leads to access with higher-than expected privilege of the database

D. Jimmy can utilize this particular database threat that is an SQL injection technique to penetrate a target system

Question #8 - Topic 1

You run nmap port Scan on and attempt to gain banner/server information from
services running on ports 21, 110 and 123.
Here is the output of your scan results:

Which of the following nmap command did you run?

A. nmap -A -sV -p21,110,123

B. nmap -F -sV -p21,110,123

C. nmap -O -sV -p21,110,123

D. nmap -T -sV -p21,110,123

Question #9 - Topic 1

Jack Hacker wants to break into Brown Co.'s computers and obtain their secret double
fudge cookie recipe. Jack calls Jane, an accountant at Brown Co., pretending to be an
administrator from Brown Co. Jack tells Jane that there has been a problem with some
accounts and asks her to verify her password with him ''just to double check our records.''
Jane does not suspect anything amiss, and parts with her password. Jack can now access
Brown Co.'s computers with a valid user name and password, to steal the cookie recipe.
What kind of attack is being illustrated here?

A. Reverse Psychology

B. Reverse Engineering

C. Social Engineering

D. Spoofing Identity

E. Faking Identity

Question #10 - Topic 1

Attackers footprint target Websites using Google Hacking techniques. Google hacking is a
term that refers to the art of creating complex search engine queries. It detects websites
that are vulnerable to numerous exploits and vulnerabilities. Google operators are used to
locate specific strings of text within the search results.
The configuration file contains both a username and a password for an SQL database.
Most sites with forums run a PHP message base. This file gives you the keys to that forum,
including FULL ADMIN access to the database. WordPress uses config.php that stores the
database Username and Password.
Which of the below Google search string brings up sites with "config.php" files?

A. Search:index config/php

B. Wordpress:index config.php

C. intitle:index.of config.php

D. Config.php:index list

Question #11 - Topic 1

XSS attacks occur on Web pages that do not perform appropriate bounds checking on data
entered by users. Characters like < > that mark the beginning/end of a tag should be
converted into HTML entities.

What is the correct code when converted to html entities?

A. Option A

B. Option B

C. Option C

D. Option D

Question #12 - Topic 1

How many bits encryption does SHA-1 use?

A. 64 bits

B. 128 bits

C. 256 bits

D. 160 bits

Question #13 - Topic 1

Most cases of insider abuse can be traced to individuals who are introverted, incapable of
dealing with stress or conflict, and frustrated with their job, office politics, and lack of
respect or promotion. Disgruntled employees may pass company secrets and intellectual
property to competitors for monitory benefits.
Here are some of the symptoms of a disgruntled employee:
a. Frequently leaves work early, arrive late or call in sick
b. Spends time surfing the Internet or on the phone
c. Responds in a confrontational, angry, or overly aggressive way to simple requests or
d. Always negative; finds fault with everything
These disgruntled employees are the biggest threat to enterprise security. How do you deal
with these threats? (Select 2 answers)

A. Limit access to the applications they can run on their desktop computers and enforce strict work hour rules

B. By implementing Virtualization technology from the desktop to the data centre, organizations can isolate different environments with varying levels of access and security to various employees

C. Organizations must ensure that their corporate data is centrally managed and delivered to users just and when needed

D. Limit Internet access, e-mail communications, access to social networking sites and job hunting portals

Question #14 - Topic 1

Consider the following code:
If an attacker can trick a victim user to click a link like this, and the Web application does
not validate input, then the victim's browser will pop up an alert showing the users current
set of cookies. An attacker can do much more damage, including stealing passwords,
resetting your home page, or redirecting the user to another Web site.
What is the countermeasure against XSS scripting?

A. Create an IP access list and restrict connections based on port number

B. Replace "<" and ">" characters with "& l t;" and "& g t;" using server scripts

C. Disable Javascript in IE and Firefox browsers

D. Connect to the server using HTTPS protocol instead of HTTP

Question #15 - Topic 1

Web servers often contain directories that do not need to be indexed. You create a text file
with search engine indexing restrictions and place it on the root directory of the Web
User-agent: *
Disallow: /banners/
Disallow: /Forms/
Disallow: /Dictionary/
Disallow: /_borders/
Disallow: /_fpclass/
Disallow: /_overlay/
Disallow: /_private/
Disallow: /_themes/
What is the name of this file?

A. robots.txt

B. search.txt

C. blocklist.txt

D. spf.txt