EC-Council Ethical Hacking and Countermeasures EC0-350 Dumps in PDF

Free EC-Council EC0-350 Real Questions (page: 2)

Virus Scrubbers and other malware detection program can only detect items that they are aware of. Which of the following tools would allow you to detect unauthorized changes or modifications of binary files on your system by unknown malware?

  1. System integrity verification tools
  2. Anti-Virus Software
  3. A properly configured gateway
  4. There is no way of finding out until a new updated signature file is released

Answer(s): A

Explanation:

Programs like Tripwire aids system administrators and users in monitoring a designated set of files for any changes. Used with system files on a regular (e.g., daily) basis, Tripwire can notify system administrators of corrupted or tampered files, so damage control measures can be taken in a timely manner.



Sandra is conducting a penetration test for ABC.com. She knows that ABC.com is using wireless networking for some of the offices in the building right down the street. Through social engineering she discovers that they are using 802.11g. Sandra knows that 802.11g uses the same 2.4GHz frequency range as 802.11b. Using NetStumbler and her 802.11b wireless NIC, Sandra drives over to the building to map the wireless networks. However, even though she repositions herself around the building several times, Sandra is not able to detect a single AP.
What do you think is the reason behind this?

  1. Netstumbler does not work against 802.11g.
  2. You can only pick up 802.11g signals with 802.11a wireless cards.
  3. The access points probably have WEP enabled so they cannot be detected.
  4. The access points probably have disabled broadcasting of the SSID so they cannot be detected.
  5. 802.11g uses OFDM while 802.11b uses DSSS so despite the same frequency and 802.11b card cannot see an 802.11g signal.
  6. Sandra must be doing something wrong, as there is no reason for her to not see the signals.

Answer(s): D

Explanation:

Netstumbler can not detect networks that do not respond to broadcast requests.



Joseph has just been hired on to a contractor company of the Department of Defense as their senior Security Analyst. Joseph has been instructed on the Company’s strict security policies that have been implemented and the policies that have yet to be put in place. Per the Department of Defense, all DoD users and the users of their contractors must use two-factor authentication to access their networks. Joseph has been delegated the task of researching and implementing the best two-factor authentication method for his company. Joseph’s supervisor has told him that they would like to use some type of hardware device in tandem with a security or identifying pin number.
Joseph’s company has already researched using smart cards and all the resources needed to implement them, but found the smart cards to not be cost effective. What type of device should Joseph use for two-factor authentication?

  1. Security token
  2. Biometric device
  3. OTP
  4. Proximity cards

Answer(s): A

Explanation:

A security token (sometimes called an authentication token) is a small hardware device that the owner carries to authorize access to a network service. The device may be in the form of a smart card or may be embedded in a commonly used object such as a key fob. Security tokens provide an extra level of assurance through a method known as two-factor authentication: the user has a personal identification number (PIN), which authorizes them as the owner of that particular device; the device then displays a number which uniquely identifies the user to the service, allowing them to log in.



Exhibit

Study the log given in the exhibit,
Precautionary measures to prevent this attack would include writing firewall rules. Of these firewall rules, which among the following would be appropriate?

  1. Disallow UDP 53 in from outside to DNS server
  2. Allow UDP 53 in from DNS server to outside
  3. Disallow TCP 53 in from secondaries or ISP server to DNS server
  4. Block all UDP traffic

Answer(s): C

Explanation:

According to the exhibit, the question is regarding the DNS Zone Transfer. Since Zone Transfers are done with TCP port 53, you should not allow this connect external to you organization.



Windump is the windows port of the famous TCPDump packet sniffer available on a variety of platforms. In order to use this tool on the Windows platform you must install a packet capture library.
What is the name of this library?

  1. NTPCAP
  2. LibPCAP
  3. WinPCAP
  4. PCAP

Answer(s): C

Explanation:

WinPcap is the industry-standard tool for link-layer network access in Windows environments: it allows applications to capture and transmit network packets bypassing the protocol stack, and has additional useful features, including kernel-level packet filtering, a network statistics engine and support for remote packet capture.



Share your comments for EC-Council EC0-350 exam with other users:

P
PAYAL
10/17/2023 7:14:00 AM

17 should be d ,for morequery its scale out

K
Karthik
10/12/2023 10:51:00 AM

nice question

G
Godmode
5/7/2023 10:52:00 AM

yes.

B
Bhuddhiman
7/30/2023 1:18:00 AM

good mateial

K
KJ
11/17/2023 3:50:00 PM

good practice exam

S
sowm
10/29/2023 2:44:00 PM

impressivre qustion

C
CW
7/6/2023 7:06:00 PM

questions seem helpful

L
luke
9/26/2023 10:52:00 AM

good content

Z
zazza
6/16/2023 9:08:00 AM

question 21 answer is alerts

A
Abwoch Peter
7/4/2023 3:08:00 AM

am preparing for exam

M
mohamed
9/12/2023 5:26:00 AM

good one thanks

M
Mfc
10/23/2023 3:35:00 PM

only got thru 5 questions, need more to evaluate

W
Whizzle
7/24/2023 6:19:00 AM

q26 should be b

S
sarra
1/17/2024 3:44:00 AM

the aaa triad in information security is authentication, accounting and authorisation so the answer should be d 1, 3 and 5.

D
DBS
5/14/2023 12:56:00 PM

need to attend this

D
Da_costa
8/1/2023 5:28:00 PM

these are free brain dumps i understand, how can one get free pdf

V
vikas
10/28/2023 6:57:00 AM

provide access

A
Abdullah
9/29/2023 2:06:00 AM

good morning

R
Raj
6/26/2023 3:12:00 PM

please upload the ncp-mci 6.5 dumps, really need to practice this one. thanks guys

M
Miguel
10/5/2023 12:21:00 PM

question 16: https://help.salesforce.com/s/articleview?id=sf.care_console_overview.htm&type=5

H
Hiren Ladva
7/8/2023 10:34:00 PM

yes i m prepared exam

O
oliverjames
10/24/2023 5:37:00 AM

my experience was great with this site as i studied for the ms-900 from here and got 900/1000 on the test. my main focus was on the tutorials which were provided and practice questions. thanks!

B
Bhuddhiman
7/20/2023 11:52:00 AM

great course

A
Anuj
1/14/2024 4:07:00 PM

very good question

S
Saravana Kumar TS
12/8/2023 9:49:00 AM

question: 93 which statement is true regarding the result? sales contain 6 columns and values contain 7 columns so c is not right answer.

L
Lue
3/30/2023 11:43:00 PM

highly recommend just passed my exam.

D
DC
1/7/2024 10:17:00 AM

great practice! thanks

A
Anonymus
11/9/2023 5:41:00 AM

anyone who wrote this exam recently?

K
Khalid Javid
11/17/2023 3:46:00 PM

kindly share the dump

N
Na
8/9/2023 8:39:00 AM

could you please upload cfe fraud prevention and deterrence questions? it will be very much helpful.

S
shime
10/23/2023 10:03:00 AM

this is really very very helpful for mcd level 1

V
Vnu
6/3/2023 2:39:00 AM

very helpful!

S
Steve
8/17/2023 2:19:00 PM

question #18s answer should be a, not d. this should be corrected. it should be minvalidityperiod

R
RITEISH
12/24/2023 4:33:00 AM

thanks for the exact solution

AI Tutor 👋 I’m here to help!