Summer Special Limited Time 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: big60

ECCouncil Updated EC0-350 Exam Questions and Answers by raul

Page: 19 / 32

ECCouncil EC0-350 Exam Overview :

Exam Name: Ethical Hacking and Countermeasures V8
Exam Code: EC0-350 Dumps
Vendor: ECCouncil Certification: Certified Ethical Hacker
Questions: 878 Q&A's Shared By: raul
Question 76

Which of the following lists are valid data-gathering activities associated with a risk assessment?

Options:

A.

Threat identification, vulnerability identification, control analysis

B.

Threat identification, response identification, mitigation identification

C.

Attack profile, defense profile, loss profile

D.

System profile, vulnerability identification, security determination

Discussion
Question 77

An attacker has been successfully modifying the purchase price of items purchased on the company's web site. The security administrators verify the web server and Oracle database have not been compromised directly. They have also verified the Intrusion Detection System (IDS) logs and found no attacks that could have caused this. What is the mostly likely way the attacker has been able to modify the purchase price?

Options:

A.

By using SQL injection

B.

By changing hidden form values

C.

By using cross site scripting

D.

By utilizing a buffer overflow attack

Discussion
Question 78

A Security Engineer at a medium-sized accounting firm has been tasked with discovering how much information can be obtained from the firm's public facing web servers. The engineer decides to start by using netcat to port 80.

The engineer receives this output:

HTTP/1.1 200 OK

Server: Microsoft-IIS/6

Expires: Tue, 17 Jan 2011 01:41:33 GMT

DatE. Mon, 16 Jan 2011 01:41:33 GMT

Content-TypE. text/html

Accept-Ranges: bytes

Last-ModifieD. Wed, 28 Dec 2010 15:32:21 GMT

ETaG. "b0aac0542e25c31:89d"

Content-Length: 7369

Which of the following is an example of what the engineer performed?

Options:

A.

Cross-site scripting

B.

Banner grabbing

C.

SQL injection

D.

Whois database query

Discussion
Yusra
I passed my exam. Cramkey Dumps provides detailed explanations for each question and answer, so you can understand the concepts better.
Alisha (not set)
I recently used their dumps for the certification exam I took and I have to say, I was really impressed.
Billy
It was like deja vu! I was confident going into the exam because I had already seen those questions before.
Vincent (not set)
Definitely. And the best part is, I passed! I feel like all that hard work and preparation paid off. Cramkey is the best resource for all students!!!
Conor
I recently used these dumps for my exam and I must say, I was impressed with their authentic material.
Yunus (not set)
Exactly…….The information in the dumps is so authentic and up-to-date. Plus, the questions are very similar to what you'll see on the actual exam. I felt confident going into the exam because I had studied using Cramkey Dumps.
Alaia
These Dumps are amazing! I used them to study for my recent exam and I passed with flying colors. The information in the dumps is so valid and up-to-date. Thanks a lot!!!
Zofia (not set)
That's great to hear! I've been struggling to find good study material for my exam. I will ty it for sure.
Nylah
I've been looking for good study material for my upcoming certification exam. Need help.
Dolly (not set)
Then you should definitely give Cramkey Dumps a try. They have a huge database of questions and answers, making it easy to study and prepare for the exam. And the best part is, you can be sure the information is accurate and relevant.
Question 79

If a tester is attempting to ping a target that exists but receives no response or a response that states the destination is unreachable, ICMP may be disabled and the network may be using TCP. Which other option could the tester use to get a response from a host using TCP?

Options:

A.

Hping

B.

Traceroute

C.

TCP ping

D.

Broadcast ping

Discussion
Page: 19 / 32
Title
Questions
Posted

EC0-350
PDF

$40  $99.99

EC0-350 Testing Engine

$48  $119.99

EC0-350 PDF + Testing Engine

$64  $159.99