Weekend Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: get65

ECCouncil Updated EC0-350 Exam Questions and Answers by everlyn

Page: 7 / 32

ECCouncil EC0-350 Exam Overview :

Exam Name: Ethical Hacking and Countermeasures V8
Exam Code: EC0-350 Dumps
Vendor: ECCouncil Certification: Certified Ethical Hacker
Questions: 878 Q&A's Shared By: everlyn
Question 28

John the Ripper is a technical assessment tool used to test the weakness of which of the following?

Options:

A.

Usernames

B.

File permissions

C.

Firewall rulesets

D.

Passwords

Discussion
Anaya
I found so many of the same questions on the real exam that I had already seen in the Cramkey Dumps. Thank you so much for making exam so easy for me. I passed it successfully!!!
Nina Oct 14, 2024
It's true! I felt so much more confident going into the exam because I had already seen and understood the questions.
Pippa
I was so happy to see that almost all the questions on the exam were exactly what I found in their Dumps.
Anastasia Sep 21, 2024
You are right…It was amazing! The Cramkey Dumps were so comprehensive and well-organized, it made studying for the exam a breeze.
Kylo
What makes Cramkey Dumps so reliable? Please guide.
Sami Aug 29, 2024
Well, for starters, they have a team of experts who are constantly updating their material to reflect the latest changes in the industry. Plus, they have a huge database of questions and answers, which makes it easy to study and prepare for the exam.
Syeda
I passed, Thank you Cramkey for your precious Dumps.
Stella Aug 25, 2024
That's great. I think I'll give Cramkey Dumps a try.
Faye
Yayyyy. I passed my exam. I think all students give these dumps a try.
Emmeline Sep 12, 2024
Definitely! I have no doubt new students will find them to be just as helpful as I did.
Question 29

Kevin is an IT security analyst working for Emerson Time Makers, a watch manufacturing company in Miami. Kevin and his girlfriend Katy recently broke up after a big fight. Kevin believes that she was seeing another person. Kevin, who has an online email account that he uses for most of his mail, knows that Katy has an account with that same company. Kevin logs into his email account online and gets the following URL after successfully logged in: http://www.youremailhere.com/mail.asp?mailbox=Kevin &Smith=121%22 Kevin changes the URL to: http://www.youremailhere.com/mail.asp?mailbox=Katy &Sanchez=121%22 Kevin is trying to access her email account to see if he can find out any information. What is Kevin attempting here to gain access to Katy's mailbox?

Options:

A.

This type of attempt is called URL obfuscation when someone manually changes a URL to try and gain unauthorized access

B.

By changing the mailbox's name in the URL, Kevin is attempting directory transversal

C.

Kevin is trying to utilize query string manipulation to gain access to her email account

D.

He is attempting a path-string attack to gain access to her mailbox

Discussion
Question 30

Blake is in charge of securing all 20 of his company's servers. He has enabled hardware and software firewalls, hardened the operating systems, and disabled all unnecessary services on all the servers. Unfortunately, there is proprietary AS400 emulation software that must run on one of the servers that requires the telnet service to function properly. Blake is especially concerned about this since telnet can be a very large security risk in an organization. Blake is concerned about how this particular server might look to an outside attacker so he decides to perform some footprinting, scanning, and penetration tests on the server. Blake telnets into the server using Port 80 and types in the following command:

HEAD / HTTP/1.0

After pressing enter twice, Blake gets the following results: What has Blake just accomplished?

Questions 30

Options:

A.

Downloaded a file to his local computer

B.

Submitted a remote command to crash the server

C.

Poisoned the local DNS cache of the server

D.

Grabbed the Operating System banner

Discussion
Question 31

After a client sends a connection request (SYN) packet to the server, the server will respond (SYN-ACK) with a sequence number of its choosing, which then must be acknowledged (ACK) by the client. This sequence number is predictable; the attack connects to a service first with its own IP address, records the sequence number chosen, and then opens a second connection from a forged IP address. The attack doesn't see the SYN-ACK (or any other packet) from the server, but can guess the correct responses. If the source IP address is used for authentication, then the attacker can use the one-sided communication to break into the server. What attacks can you successfully launch against a server using the above technique?

Options:

A.

Denial of Service attacks

B.

Session Hijacking attacks

C.

Web page defacement attacks

D.

IP spoofing attacks

Discussion
Page: 7 / 32
Title
Questions
Posted

EC0-350
PDF

$36.75  $104.99

EC0-350 Testing Engine

$43.75  $124.99

EC0-350 PDF + Testing Engine

$57.75  $164.99