New Year Special Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

  1. Home
  2. ECCouncil
  3. Certified Ethical Hacker
  4. EC0-350 - Ethical Hacking and Countermeasures V8

EC0-350 Exam Dumps - Ethical Hacking and Countermeasures V8

Go to page:
Question # 89

Which of the following is NOT true of cryptography?

A.

Science of protecting information by encoding it into an unreadable format

B.

Method of storing and transmitting data in a form that only those it is intended for can read and process

C.

Most (if not all) algorithms can be broken by both technical and non-technical means

D.

An effective way of protecting sensitive information in storage but not in transit

Full Access
Question # 90

A particular database threat utilizes a SQL injection technique to penetrate a target system. How would an attacker use this technique to compromise a database?

A.

An attacker uses poorly designed input validation routines to create or alter SQL commands to gain access to unintended data or execute commands of the database

B.

An attacker submits user input that executes an operating system command to compromise a target system

C.

An attacker gains control of system to flood the target system with requests, preventing legitimate users from gaining access

D.

An attacker utilizes an incorrect configuration that leads to access with higher-than-expected privilege of the database

Full Access
Question # 91

On a backdoored Linux box there is a possibility that legitimate programs are modified or trojaned. How is it possible to list processes and uids associated with them in a more reliable manner?

A.

Use "Is"

B.

Use "lsof"

C.

Use "echo"

D.

Use "netstat"

Full Access
Question # 92

Statistics from cert.org and other leading security organizations has clearly showed a steady rise in the number of hacking incidents perpetrated against companies.

What do you think is the main reason behind the significant increase in hacking attempts over the past years?

A.

It is getting more challenging and harder to hack for non technical people.

B.

There is a phenomenal increase in processing power.

C.

New TCP/IP stack features are constantly being added.

D.

The ease with which hacker tools are available on the Internet.

Full Access
Question # 93

Bill has successfully executed a buffer overflow against a Windows IIS web server. He has been able to spawn an interactive shell and plans to deface the main web page. He first attempts to use the "echo" command to simply overwrite index.html and remains unsuccessful. He then attempts to delete the page and achieves no progress. Finally, he tries to overwrite it with another page in which also he remains unsuccessful. What is the probable cause of Bill's problem?

A.

You cannot use a buffer overflow to deface a web page

B.

There is a problem with the shell and he needs to run the attack again

C.

The HTML file has permissions of read only

D.

The system is a honeypot

Full Access
Question # 94

What are the main drawbacks for anti-virus software?

A.

AV software is difficult to keep up to the current revisions.

B.

AV software can detect viruses but can take no action.

C.

AV software is signature driven so new exploits are not detected.

D.

It’s relatively easy for an attacker to change the anatomy of an attack to bypass AV systems

E.

AV software isn’t available on all major operating systems platforms.

F.

AV software is very machine (hardware) dependent.

Full Access
Question # 95

Joe the Hacker breaks into XYZ’s Linux system and plants a wiretap program in order to sniff passwords and user accounts off the wire. The wiretap program is embedded as a Trojan horse in one of the network utilities. Joe is worried that network administrator might detect the wiretap program by querying the interfaces to see if they are running in promiscuous mode.

What can Joe do to hide the wiretap program from being detected by ifconfig command?

A.

Block output to the console whenever the user runs ifconfig command by running screen capture utiliyu

B.

Run the wiretap program in stealth mode from being detected by the ifconfig command.

C.

Replace original ifconfig utility with the rootkit version of ifconfig hiding Promiscuous information being displayed on the console.

D.

You cannot disable Promiscuous mode detection on Linux systems.

Full Access
Question # 96

Henry is an attacker and wants to gain control of a system and use it to flood a target system with requests, so as to prevent legitimate users from gaining access. What type of attack is Henry using?

A.

Henry is executing commands or viewing data outside the intended target path

B.

Henry is using a denial of service attack which is a valid threat used by an attacker

C.

Henry is taking advantage of an incorrect configuration that leads to access with higher-than-expected privilege

D.

Henry uses poorly designed input validation routines to create or alter commands to gain access to unintended data or execute commands

Full Access
Go to page:

Hot Exams

ADM-201 Dumps
Platform-App-Builder Dumps
AZ-500 Dumps
350-701 Dumps
SY0-601 Dumps
NCSE-Core Dumps
PDP9 Dumps
DP-203 Dumps
AZ-700 Dumps
NSE7_EFW-7.0 Dumps
Integration-Architect Dumps
CS0-003 Dumps