Amazon
Avaya
Cisco
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL
Juniper
Microsoft
NVIDIA
Okta
Palo Alto Networks
Salesforce
SAP
ServiceNow
All Vendors
  1. Home
  2. EC-Council
  3. EC0-350

EC-Council Ethical Hacking and Countermeasures EC0-350 Exam Questions in PDF

Free EC-Council EC0-350 Dumps Questions (page: 9)

EC0-350 PDF — 878 Questions

You have chosen a 22 character word from the dictionary as your password. How long will it take to crack the password by an attacker?

  1. 5 minutes
  2. 23 days
  3. 200 years
  4. 16 million years

Answer(s): A

Explanation:

A dictionary password cracker simply takes a list of dictionary words, and one at a time encrypts them to see if they encrypt to the one way hash from the system. If the hashes are equal, the password is considered cracked, and the word tried from the dictionary list is the password. As long as you use a word found in or similar to a word found in a dictionary the password is considered to be weak.



Bank of Timbuktu was a medium-sized, regional financial institution in Timbuktu. The bank has deployed a new Internet-accessible Web application recently, using which customers could access their account balances, transfer money between accounts, pay bills and conduct online financial business using a Web browser.
John Stevens was in charge of information security at Bank of Timbuktu. After one month in production, several customers complained about the Internet enabled banking application. Strangely, the account balances of many bank’s customers has been changed! However, money hadn’t been removed from the bank. Instead, money was transferred between accounts. Given this attack profile, John Stevens reviewed the Web application’s logs and found the following entries:
Attempted login of unknown user: John
Attempted login of unknown user: sysaR
Attempted login of unknown user: sencat
Attempted login of unknown user: pete ‘’;
Attempted login of unknown user: ‘ or 1=1--
Attempted login of unknown user: ‘; drop table logins--
Login of user jason, sessionID= 0x75627578626F6F6B
Login of user daniel, sessionID= 0x98627579539E13BE
Login of user rebecca, sessionID= 0x90627579944CCB811
Login of user mike, sessionID= 0x9062757935FB5C64
Transfer Funds user jason
Pay Bill user mike
Logout of user mike
What kind of attack did the Hacker attempt to carry out at the bank? (Choose the best answer)

  1. The Hacker attempted SQL Injection technique to gain access to a valid bank login ID.
  2. The Hacker attempted Session hijacking, in which the Hacker opened an account with the bank, then logged in to receive a session ID, guessed the next ID and took over Jason’s session.
  3. The Hacker attempted a brute force attack to guess login ID and password using password cracking tools.
  4. The Hacker used a random generator module to pass results to the Web server and exploited Web application CGI vulnerability.

Answer(s): A

Explanation:

The following part:
Attempted login of unknown user: pete ‘’;
Attempted login of unknown user: ‘ or 1=1--
Attempted login of unknown user: ‘; drop table logins--
Clearly shows a hacker trying to perform a SQL injection by bypassing the login with the statement 1=1 and then dumping the logins table.



Bob is a very security conscious computer user. He plans to test a site that is known to have malicious applets, code, and more. Bob always make use of a basic Web Browser to perform such testing.
Which of the following web browser can adequately fill this purpose?

  1. Internet Explorer
  2. Mozila
  3. Lynx
  4. Tiger

Answer(s): C

Explanation:

Lynx is a program used to browse the World Wide Web, which works on simple text terminals, rather than requiring a graphical computer display terminal.



What is a Trojan Horse?

  1. A malicious program that captures your username and password
  2. Malicious code masquerading as or replacing legitimate code
  3. An unauthorized user who gains access to your user database and adds themselves as a user
  4. A server that is to be sacrificed to all hacking attempts in order to log and monitor the hacking activity

Answer(s): B

Explanation:

A Trojan Horse is an apparently useful and innocent program containing additional hidden code which allows the unauthorized collection, exploitation, falsification, or destruction of data.



Which one of the following instigates a SYN flood attack?

  1. Generating excessive broadcast packets.
  2. Creating a high number of half-open connections.
  3. Inserting repetitive Internet Relay Chat (IRC) messages.
  4. A large number of Internet Control Message Protocol (ICMP) traces.

Answer(s): B

Explanation:

A SYN attack occurs when an attacker exploits the use of the buffer space during a Transmission Control Protocol (TCP) session initialization handshake. The attacker floods the target system's small "in-process" queue with connection requests, but it does not respond when a target system replies to those requests. This causes the target system to time out while waiting for the proper response, which makes the system crash or become unusable.



Viewing page 9 of 153

Share your comments for EC-Council EC0-350 exam with other users:

S
SH
5/16/2023 1:43:00 PM

these questions are not valid , they dont come for the exam now

UNITED STATES
S
sudhagar
9/6/2023 3:02:00 PM

question looks valid

UNITED STATES
V
Van
11/24/2023 4:02:00 AM

good for practice

Anonymous
D
Divya
8/2/2023 6:54:00 AM

need more q&a to go ahead

Anonymous
R
Rakesh
10/6/2023 3:06:00 AM

question 59 - a newly-created role is not assigned to any user, nor granted to any other role. answer is b https://docs.snowflake.com/en/user-guide/security-access-control-overview

Anonymous
N
Nik
11/10/2023 4:57:00 AM

just passed my exam today. i saw all of these questions in my text today. so i can confirm this is a valid dump.

HONG KONG
D
Deep
6/12/2023 7:22:00 AM

needed dumps

INDIA
T
tumz
1/16/2024 10:30:00 AM

very helpful

UNITED STATES
N
NRI
8/27/2023 10:05:00 AM

will post once the exam is finished

UNITED STATES
K
kent
11/3/2023 10:45:00 AM

relevant questions

Anonymous
Q
Qasim
6/11/2022 9:43:00 AM

just clear exam on 10/06/2202 dumps is valid all questions are came same in dumps only 2 new questions total 46 questions 1 case study with 5 question no lab/simulation in my exam please check the answers best of luck

Anonymous
C
Cath
10/10/2023 10:09:00 AM

q.112 - correct answer is c - the event registry is a module that provides event definitions. answer a - not correct as it is the definition of event log

VIET NAM
S
Shiji
10/15/2023 1:31:00 PM

good and useful.

INDIA
A
Ade
6/25/2023 1:14:00 PM

good questions

Anonymous
P
Praveen P
11/8/2023 5:18:00 AM

good content

UNITED STATES
A
Anastasiia
12/28/2023 9:06:00 AM

totally not correct answers. 21. you have one gcp account running in your default region and zone and another account running in a non-default region and zone. you want to start a new compute engine instance in these two google cloud platform accounts using the command line interface. what should you do? correct: create two configurations using gcloud config configurations create [name]. run gcloud config configurations activate [name] to switch between accounts when running the commands to start the compute engine instances.

Anonymous
P
Priyanka
7/24/2023 2:26:00 AM

kindly upload the dumps

Anonymous
N
Nabeel
7/25/2023 4:11:00 PM

still learning

Anonymous
G
gure
7/26/2023 5:10:00 PM

excellent way to learn

UNITED STATES
C
ciken
8/24/2023 2:55:00 PM

help so much

Anonymous
B
Biswa
11/20/2023 9:28:00 AM

understand sql col.

Anonymous
S
Saint Pierre
10/24/2023 6:21:00 AM

i would give 5 stars to this website as i studied for az-800 exam from here. it has all the relevant material available for preparation. i got 890/1000 on the test.

Anonymous
R
Rose
7/24/2023 2:16:00 PM

this is nice.

Anonymous
A
anon
10/15/2023 12:21:00 PM

q55- the ridac workflow can be modified using flow designer, correct answer is d not a

UNITED STATES
N
NanoTek3
6/13/2022 10:44:00 PM

by far this is the most accurate exam dumps i have ever purchased. all questions are in the exam. i saw almost 90% of the questions word by word.

UNITED STATES
E
eriy
11/9/2023 5:12:00 AM

i cleared the az-104 exam by scoring 930/1000 on the exam. it was all possible due to this platform as it provides premium quality service. thank you!

UNITED STATES
M
Muhammad Rawish Siddiqui
12/8/2023 8:12:00 PM

question # 232: accessibility, privacy, and innovation are not data quality dimensions.

SAUDI ARABIA
V
Venkat
12/27/2023 9:04:00 AM

looks wrong answer for 443 question, please check and update

Anonymous
V
Varun
10/29/2023 9:11:00 PM

great question

Anonymous
D
Doc
10/29/2023 9:36:00 PM

question: a user wants to start a recruiting posting job posting. what must occur before the posting process can begin? 3 ans: comment- option e is incorrect reason: as part of enablement steps, sap recommends that to be able to post jobs to a job board, a user need to have the correct permission and secondly, be associated with one posting profile at minimum

UNITED KINGDOM
I
It‘s not A
9/17/2023 5:31:00 PM

answer to question 72 is d [sys_user_role]

Anonymous
I
indira m
8/14/2023 12:15:00 PM

please provide the pdf

UNITED STATES
R
ribrahim
8/1/2023 6:05:00 AM

hey guys, just to let you all know that i cleared my 312-38 today within 1 hr with 100 questions and passed. thank you so much brain-dumps.net all the questions that ive studied in this dump came out exactly the same word for word "verbatim". you rock brain-dumps.net!!! section name total score gained score network perimeter protection 16 11 incident response 10 8 enterprise virtual, cloud, and wireless network protection 12 8 application and data protection 13 10 network défense management 10 9 endpoint protection 15 12 incident d

SINGAPORE
A
Andrew
8/23/2023 6:02:00 PM

very helpful

Anonymous
AI Tutor 👋 I’m here to help!