EC-Council Ethical Hacking and Countermeasures EC0-350 Dumps in PDF

Free EC-Council EC0-350 Real Questions (page: 9)

You have chosen a 22 character word from the dictionary as your password. How long will it take to crack the password by an attacker?

  1. 5 minutes
  2. 23 days
  3. 200 years
  4. 16 million years

Answer(s): A

Explanation:

A dictionary password cracker simply takes a list of dictionary words, and one at a time encrypts them to see if they encrypt to the one way hash from the system. If the hashes are equal, the password is considered cracked, and the word tried from the dictionary list is the password. As long as you use a word found in or similar to a word found in a dictionary the password is considered to be weak.



Bank of Timbuktu was a medium-sized, regional financial institution in Timbuktu. The bank has deployed a new Internet-accessible Web application recently, using which customers could access their account balances, transfer money between accounts, pay bills and conduct online financial business using a Web browser.
John Stevens was in charge of information security at Bank of Timbuktu. After one month in production, several customers complained about the Internet enabled banking application. Strangely, the account balances of many bank’s customers has been changed! However, money hadn’t been removed from the bank. Instead, money was transferred between accounts. Given this attack profile, John Stevens reviewed the Web application’s logs and found the following entries:
Attempted login of unknown user: John
Attempted login of unknown user: sysaR
Attempted login of unknown user: sencat
Attempted login of unknown user: pete ‘’;
Attempted login of unknown user: ‘ or 1=1--
Attempted login of unknown user: ‘; drop table logins--
Login of user jason, sessionID= 0x75627578626F6F6B
Login of user daniel, sessionID= 0x98627579539E13BE
Login of user rebecca, sessionID= 0x90627579944CCB811
Login of user mike, sessionID= 0x9062757935FB5C64
Transfer Funds user jason
Pay Bill user mike
Logout of user mike
What kind of attack did the Hacker attempt to carry out at the bank? (Choose the best answer)

  1. The Hacker attempted SQL Injection technique to gain access to a valid bank login ID.
  2. The Hacker attempted Session hijacking, in which the Hacker opened an account with the bank, then logged in to receive a session ID, guessed the next ID and took over Jason’s session.
  3. The Hacker attempted a brute force attack to guess login ID and password using password cracking tools.
  4. The Hacker used a random generator module to pass results to the Web server and exploited Web application CGI vulnerability.

Answer(s): A

Explanation:

The following part:
Attempted login of unknown user: pete ‘’;
Attempted login of unknown user: ‘ or 1=1--
Attempted login of unknown user: ‘; drop table logins--
Clearly shows a hacker trying to perform a SQL injection by bypassing the login with the statement 1=1 and then dumping the logins table.



Bob is a very security conscious computer user. He plans to test a site that is known to have malicious applets, code, and more. Bob always make use of a basic Web Browser to perform such testing.
Which of the following web browser can adequately fill this purpose?

  1. Internet Explorer
  2. Mozila
  3. Lynx
  4. Tiger

Answer(s): C

Explanation:

Lynx is a program used to browse the World Wide Web, which works on simple text terminals, rather than requiring a graphical computer display terminal.



What is a Trojan Horse?

  1. A malicious program that captures your username and password
  2. Malicious code masquerading as or replacing legitimate code
  3. An unauthorized user who gains access to your user database and adds themselves as a user
  4. A server that is to be sacrificed to all hacking attempts in order to log and monitor the hacking activity

Answer(s): B

Explanation:

A Trojan Horse is an apparently useful and innocent program containing additional hidden code which allows the unauthorized collection, exploitation, falsification, or destruction of data.



Which one of the following instigates a SYN flood attack?

  1. Generating excessive broadcast packets.
  2. Creating a high number of half-open connections.
  3. Inserting repetitive Internet Relay Chat (IRC) messages.
  4. A large number of Internet Control Message Protocol (ICMP) traces.

Answer(s): B

Explanation:

A SYN attack occurs when an attacker exploits the use of the buffer space during a Transmission Control Protocol (TCP) session initialization handshake. The attacker floods the target system's small "in-process" queue with connection requests, but it does not respond when a target system replies to those requests. This causes the target system to time out while waiting for the proper response, which makes the system crash or become unusable.



Share your comments for EC-Council EC0-350 exam with other users:

S
Shiji
10/15/2023 1:08:00 PM

helpful to check your understanding.

D
Da Costa
8/27/2023 11:43:00 AM

question 128 the answer should be static not auto

B
bot
7/26/2023 6:45:00 PM

more comments here

K
Kaleemullah
12/31/2023 1:35:00 AM

great support to appear for exams

B
Bsmaind
8/20/2023 9:26:00 AM

useful dumps

B
Blessious Phiri
8/13/2023 8:37:00 AM

making progress

N
Nabla
9/17/2023 10:20:00 AM

q31 answer should be d i think

V
vladputin
7/20/2023 5:00:00 AM

is this real?

N
Nick W
9/29/2023 7:32:00 AM

q10: c and f are also true. q11: this is outdated. you no longer need ownership on a pipe to operate it

N
Naveed
8/28/2023 2:48:00 AM

good questions with simple explanation

C
cert
9/24/2023 4:53:00 PM

admin guide (windows) respond to malicious causality chains. when the cortex xdr agent identifies a remote network connection that attempts to perform malicious activity—such as encrypting endpoint files—the agent can automatically block the ip address to close all existing communication and block new connections from this ip address to the endpoint. when cortex xdrblocks an ip address per endpoint, that address remains blocked throughout all agent profiles and policies, including any host-firewall policy rules. you can view the list of all blocked ip addresses per endpoint from the action center, as well as unblock them to re-enable communication as appropriate. this module is supported with cortex xdr agent 7.3.0 and later. select the action mode to take when the cortex xdr agent detects remote malicious causality chains: enabled (default)—terminate connection and block ip address of the remote connection. disabled—do not block remote ip addresses. to allow specific and known s

Y
Yves
8/29/2023 8:46:00 PM

very inciting

M
Miguel
10/16/2023 11:18:00 AM

question 5, it seems a instead of d, because: - care plan = case - patient = person account - product = product2;

B
Byset
9/25/2023 12:49:00 AM

it look like real one

D
Debabrata Das
8/28/2023 8:42:00 AM

i am taking oracle fcc certification test next two days, pls share question dumps

N
nITA KALE
8/22/2023 1:57:00 AM

i need dumps

C
CV
9/9/2023 1:54:00 PM

its time to comptia sec+

S
SkepticReader
8/1/2023 8:51:00 AM

question 35 has an answer for a different question. i believe the answer is "a" because it shut off the firewall. "0" in registry data means that its false (aka off).

N
Nabin
10/16/2023 4:58:00 AM

helpful content

B
Blessious Phiri
8/15/2023 3:19:00 PM

oracle 19c is complex db

S
Sreenivas
10/24/2023 12:59:00 AM

helpful for practice

L
Liz
9/11/2022 11:27:00 PM

support team is fast and deeply knowledgeable. i appreciate that a lot.

N
Namrata
7/15/2023 2:22:00 AM

helpful questions

L
lipsa
11/8/2023 12:54:00 PM

thanks for question

E
Eli
6/18/2023 11:27:00 PM

the software is provided for free so this is a big change. all other sites are charging for that. also that fucking examtopic site that says free is not free at all. you are hit with a pay-wall.

O
open2exam
10/29/2023 1:14:00 PM

i need exam questions nca 6.5 any help please ?

G
Gerald
9/11/2023 12:22:00 PM

just took the comptia cybersecurity analyst (cysa+) - wished id seeing this before my exam

R
ryo
9/10/2023 2:27:00 PM

very helpful

J
Jamshed
6/20/2023 4:32:00 AM

i need this exam

R
Roberto Capra
6/14/2023 12:04:00 PM

nice questions... are these questions the same of the exam?

S
Synt
5/23/2023 9:33:00 PM

need to view

V
Vey
5/27/2023 12:06:00 AM

highly appreciate for your sharing.

T
Tshepang
8/18/2023 4:41:00 AM

kindly share this dump. thank you

J
Jay
9/26/2023 8:00:00 AM

link plz for download

AI Tutor 👋 I’m here to help!