New Year Special Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

  1. Home
  2. ECCouncil
  3. Certified Ethical Hacker
  4. EC0-350 - Ethical Hacking and Countermeasures V8

EC0-350 Exam Dumps - Ethical Hacking and Countermeasures V8

Go to page:
Question # 73

BankerFox is a Trojan that is designed to steal users' banking data related to certain banking entities.

When they access any website of the affected banks through the vulnerable Firefox 3.5 browser, the Trojan is activated and logs the information entered by the user. All the information entered in that website will be logged by the Trojan and transmitted to the attacker's machine using covert channel.

BankerFox does not spread automatically using its own means. It needs an attacking user's intervention in order to reach the affected computer.

What is the most efficient way an attacker located in remote location to infect this banking Trojan on a victim's machine?

A.

Physical access - the attacker can simply copy a Trojan horse to a victim's hard disk infecting the machine via Firefox add-on extensions

B.

Custom packaging - the attacker can create a custom Trojan horse that mimics the appearance of a program that is unique to that particular computer

C.

Custom packaging - the attacker can create a custom Trojan horse that mimics the appearance of a program that is unique to that particular computer

D.

Custom packaging - the attacker can create a custom Trojan horse that mimics the appearance of a program that is unique to that particular computer

E.

Downloading software from a website? An attacker can offer free software, such as shareware programs and pirated mp3 files

Full Access
Question # 74

Jake works as a system administrator at Acme Corp. Jason, an accountant of the firm befriends him at the canteen and tags along with him on the pretext of appraising him about potential tax benefits. Jason waits for Jake to swipe his access card and follows him through the open door into the secure systems area. How would you describe Jason's behavior within a security context?

A.

Smooth Talking

B.

Swipe Gating

C.

Tailgating

D.

Trailing

Full Access
Question # 75

What is the problem with this ASP script (login.asp)?

A.

The ASP script is vulnerable to Cross Site Scripting attack

B.

The ASP script is vulnerable to Session Splice attack

C.

The ASP script is vulnerable to XSS attack

D.

The ASP script is vulnerable to SQL Injection attack

Full Access
Question # 76

TCP/IP Session Hijacking is carried out in which OSI layer?

A.

Datalink layer

B.

Transport layer

C.

Network layer

D.

Physical layer

Full Access
Question # 77

Vulnerability scanners are automated tools that are used to identify vulnerabilities and misconfigurations of hosts. They also provide information regarding mitigating discovered vulnerabilities.

Which of the following statements is incorrect?

A.

Vulnerability scanners attempt to identify vulnerabilities in the hosts scanned.

B.

Vulnerability scanners can help identify out-of-date software versions, missing patches, or system upgrades

C.

They can validate compliance with or deviations from the organization's security policy

D.

Vulnerability scanners can identify weakness and automatically fix and patch the vulnerabilities without user intervention

Full Access
Question # 78

An attacker has successfully compromised a remote computer. Which of the following comes as one of the last steps that should be taken to ensure that the compromise cannot be traced back to the source of the problem?

A.

Install patches

B.

Setup a backdoor

C.

Install a zombie for DDOS

D.

Cover your tracks

Full Access
Question # 79

XSS attacks occur on Web pages that do not perform appropriate bounds checking on data entered by users. Characters like < > that mark the beginning/end of a tag should be converted into HTML entities.

What is the correct code when converted to html entities?

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Full Access
Question # 80

Neil is a network administrator working in Istanbul. Neil wants to setup a protocol analyzer on his network that will receive a copy of every packet that passes through the main office switch. What type of port will Neil need to setup in order to accomplish this?

A.

Neil will have to configure a Bridged port that will copy all packets to the protocol analyzer.

B.

Neil will need to setup SPAN port that will copy all network traffic to the protocol analyzer.

C.

He will have to setup an Ether channel port to get a copy of all network traffic to the analyzer.

D.

He should setup a MODS port which will copy all network traffic.

Full Access
Go to page:

Hot Exams

ADM-201 Dumps
Platform-App-Builder Dumps
AZ-500 Dumps
350-701 Dumps
SY0-601 Dumps
NCSE-Core Dumps
PDP9 Dumps
DP-203 Dumps
AZ-700 Dumps
NSE7_EFW-7.0 Dumps
Integration-Architect Dumps
CS0-003 Dumps