ITExamDump는EC-COUNCIL EC0-350시험을 패스할 수 있는 아주 좋은 사이트입니다. ITExamDump은 아주 알맞게 최고의EC-COUNCIL EC0-350시험문제와 답 내용을 만들어 냅니다. 덤프는 기존의 시험문제와 답과 시험문제분석 등입니다. ITExamDump에서 제공하는EC-COUNCIL EC0-350시험자료의 문제와 답은 실제시험의 문제와 답과 아주 비슷합니다.
EC-COUNCIL인증 EC0-350시험은 인기있는 IT자격증을 취득하는데 필요한 국제적으로 인정받는 시험과목입니다. EC-COUNCIL인증 EC0-350시험을 패스하려면 ITExamDump의EC-COUNCIL인증 EC0-350덤프로 시험준비공부를 하는게 제일 좋은 방법입니다. ITExamDump덤프는 IT전문가들이 최선을 다해 연구해낸 멋진 작품입니다. EC-COUNCIL인증 EC0-350덤프구매후 업데이트될시 업데이트버전을 무료서비스료 제공해드립니다.
그렇게 많은 IT인증덤프공부자료를 제공하는 사이트중ITExamDump의 인지도가 제일 높은 원인은 무엇일가요?그건ITExamDump의 제품이 가장 좋다는 것을 의미합니다. ITExamDump에서 제공해드리는 EC-COUNCIL인증 EC0-350덤프공부자료는EC-COUNCIL인증 EC0-350실제시험문제에 초점을 맞추어 시험커버율이 거의 100%입니다. 이 덤프만 공부하시면EC-COUNCIL인증 EC0-350시험패스에 자신을 느끼게 됩니다.
EC-COUNCIL인증 EC0-350시험은 IT인증시험중 가장 인기있는 시험입니다. EC-COUNCIL인증 EC0-350시험패스는 모든 IT인사들의 로망입니다. ITExamDump의 완벽한 EC-COUNCIL인증 EC0-350덤프로 시험준비하여 고득점으로 자격증을 따보세요.
시험 번호/코드: EC0-350
시험 이름: EC-COUNCIL (Ethical hacking and countermeasures)
ITExamDump는 IT인증자격증시험에 대비한 덤프공부가이드를 제공해드리는 사이트인데 여러분의 자격증 취득의 꿈을 이루어드릴수 있습니다. EC-COUNCIL인증 EC0-350시험을 등록하신 분들은 바로ITExamDump의EC-COUNCIL인증 EC0-350덤프를 데려가 주세요. 단기간에 시험패스의 기적을 가져다드리는것을 약속합니다.
IT업계에서 자신만의 위치를 찾으려면 자격증을 많이 취득하는것이 큰 도움이 될것입니다. EC-COUNCIL 인증 EC0-350시험은 아주 유용한 시험입니다. EC-COUNCIL 인증EC0-350시험출제경향을 퍼펙트하게 연구하여ITExamDump에서는EC-COUNCIL 인증EC0-350시험대비덤프를 출시하였습니다. ITExamDump에서 제공해드리는EC-COUNCIL 인증EC0-350시험덤프는 시장에서 판매하고 있는EC-COUNCIL 인증EC0-350덤프중 가장 최신버전덤프로서 덤프에 있는 문제만 공부하시면 시험통과가 쉬워집니다.
많은 사이트에서도 무료EC-COUNCIL EC0-350덤프데모를 제공합니다.우리도 마찬가지입니다.여러분은 그러한EC-COUNCIL EC0-350데모들을 보시고 다시 우리의 덤프와 비교하시면 ,우리의 덤프는 다른 사이트덤프와 차원이 다른 덤프임을 아시될것입니다, 우리ITExamDump에서 제공되는 덤프는 100%보장 도를 자랑하며,여러분은 시험패스로 인해 성공과 더 가까워 졌답니다
EC0-350 덤프무료샘플다운로드하기: http://www.itexamdump.com/EC0-350.html
NO.1 Samantha has been actively scanning the client network for which she is doing a vulnerability
assessment test. While doing a port scan she notices ports open in the 135 to 139 range. What
protocol is most likely to be listening on those ports?
A.FTP
B.SMB
C.Finger
D.Samba
Correct:B
EC-COUNCIL시험문제 EC0-350최신덤프 EC0-350 dumps EC0-350
NO.2 Travis works primarily from home as a medical transcriptionist. He just bought a brand new
Dual Core Pentium computer with over 3 GB of RAM. He uses voice recognition software to help
him transfer what he dictates to electronic documents. The voice recognition software is
processor intensive, which is why he bought the new computer. Travis frequently has to get on
the Internet to do research on what he is working on. After about two months of working on his
new computer, he notices that it is not running nearly as fast as it used to. Travis uses antivirus
software, anti-spyware software, and always keeps the computer up-to-date with Microsoft
patches. After another month of working on the computer, Travis' computer is even more
noticeably slow. Every once in awhile, Travis also notices a window or two pop-up on his screen,
but they quickly disappear.He has seen these windows show up, even when he has not been on
the Internet. Travis is really worried about his computer because he spent a lot of money on it, and
he depends on it to work. Travis scans his computer with all kinds of software, and cannot find
anything out of the ordinary. Travis decides to go through Windows Explorer and check out the
file system, folder by folder, to see if there is anything he can find. He spends over four hours
pouring over the files and folders and cannot find anything.But, before he gives up, he notices
that his computer only has about 10 GB of free space available.Since his hard drive is a 200 GB
hard drive, Travis thinks this is very odd. Travis downloads Space Monger and adds up the sizes
for all the folders and files on his computer. According to his calculations, he should have around
150 GB of free space. What is mostly likely the cause of Travis' problems?
A.Travis's computer is infected with stealth kernel level rootkit
B.Travis's computer is infected with Stealth Trojan Virus
C.Travis's computer is infected with Self-Replication Worm that fills the hard disk space
D.Logic Bomb is triggered at random times creating hidden data consuming junk files
Correct:A
EC-COUNCIL시험문제 EC0-350최신덤프 EC0-350 dumps EC0-350
NO.3 Clive is conducting a pen-test and has just port scanned a system on the network. He has
identified the operating system as Linux and been able to elicit responses from ports 23, 25 and
53. He infers port 23 as running Telnet service, port 25 as running SMTP service and port 53 as
running DNS service. The client confirms these findings and attests to the current availability of
the services. When he tries to telnet to port 23 or 25, he gets a blank screen in response. On
typing other commands, he sees only blank spaces or underscores symbols on the screen. What
are you most likely to infer from this?
A.The services are protected by TCP wrappers
B.There is a honeypot running on the scanned machine
C.An attacker has replaced the services with trojaned ones
D.This indicates that the telnet and SMTP server have crashed
Correct:A
EC-COUNCIL시험문제 EC0-350최신덤프 EC0-350 dumps EC0-350
NO.4 Mark works as a contractor for the Department of Defense and is in charge of network security.
He has spent the last month securing access to his network from all possible entry points. He has
segmented his network into several subnets and has installed firewalls all over the network. He
has placed very stringent rules on all the firewalls, blocking everything in and out except ports
that must be used. He does need to have port 80 open since his company hosts a website that
must be accessed from the Internet. Mark is fairly confident of his perimeter defenses, but is still
worried about programs like Hping2 that can get into a network through covert channels. How
should mark protect his network from an attacker using Hping2 to scan his internal network?
A.Block ICMP type 13 messages
B.Block all incoming traffic on port 53
C.Block all outgoing traffic on port 53
D.Use stateful inspection on the firewalls
Correct:A
EC-COUNCIL시험문제 EC0-350최신덤프 EC0-350 dumps EC0-350
NO.5 Samuel is the network administrator of DataX Communications, Inc. He is trying to configure his
firewall to block password brute force attempts on his network. He enables blocking the intruder's
IP address for a period of 24 hours time after more than three unsuccessful attempts. He is
confident that this rule will secure his network from hackers on the Internet. But he still receives
hundreds of thousands brute-force attempts generated from various IP addresses around the
world. After some investigation he realizes that the intruders are using a proxy somewhere else
on the Internet which has been scripted to enable the random usage of various proxies on each
request so as not to get caught by the firewall rule. Later he adds another rule to his firewall and
enables small sleep on the password attempt so that if the password is incorrect, it would take 45
seconds to return to the user to begin another attempt. Since an intruder may use multiple
machines to brute force the password, he also throttles the number of connections that will be
prepared to accept from a particular IP address. This action will slow the intruder's attempts.
Samuel wants to completely block hackers brute force attempts on his network. What are the
alternatives to defending against possible brute-force password attacks on his site?
A.Enforce a password policy and use account lockouts after three wrong logon attempts even though this
might lock out legit users
B.Enable the IDS to monitor the intrusion attempts and alert you by e-mail about the IP address of the
intruder so that you can block them at the Firewall manually
C.Enforce complex password policy on your network so that passwords are more difficult to brute force
D.You cannot completely block the intruders attempt if they constantly switch proxies
Correct:D
EC-COUNCIL시험문제 EC0-350최신덤프 EC0-350 dumps EC0-350
NO.6 What file system vulnerability does the following command take advantage of? type
c:\anyfile.exe > c:\winnt\system32\calc.exe:anyfile.exe
A.HFS
B.ADS
C.NTFS
D.Backdoor access
Correct:B
EC-COUNCIL시험문제 EC0-350최신덤프 EC0-350 dumps EC0-350
NO.7 Eric notices repeated probes to port 1080. He learns that the protocol being used is designed to
allow a host outside of a firewall to connect transparently and securely through the firewall. He
wonders if his firewall has been breached. What would be your inference?
A.Eric's network has been penetrated by a firewall breach
B.The attacker is using the ICMP protocol to have a covert channel
C.Eric has a Wingate package providing FTP redirection on his network
D.Somebody is using SOCKS on the network to communicate through the firewall
Correct:D
EC-COUNCIL시험문제 EC0-350최신덤프 EC0-350 dumps EC0-350
NO.8 A client has approached you with a penetration test requirement. They are concerned with the
possibility of external threat, and have invested considerable resources in protecting their
Internet exposure. However, their main concern is the possibility of an employee elevating his/her
privileges and gaining access to information outside of their department. What kind of penetration
test would you recommend that would best address the client's concern?
A.A Grey Hat test
B.A Grey Box test
C.A Black Hat test
D.A White Hat test
E.A Black Box test
F.A White Box test
Correct:B
EC-COUNCIL시험문제 EC0-350최신덤프 EC0-350 dumps EC0-350
NO.9 Bob is acknowledged as a hacker of repute and is popular among visitors of 'underground' sites.
Bob is willing to share his knowledge to those who are willing to learn, and many have expressed
their interest in learning from him. However, this knowledge has risks associated with it, as the
same knowledge can be used for malevolent attacks as well. In this context, what would be the
most effective method to bridge the knowledge gap between the "black" hats or crackers and the
"white" hats or computer security professionals?
A.Hire more computer security monitoring personnel to monitor computer systems and networks
B.Educate everyone with books, articles and training on risk analysis, vulnerabilities and safeguards
C.Train more national guard and reservist in the art of computer security to help out in times of emergency
or crises
D.Make obtaining either a computer security certification or accreditation easier to achieve so more
individuals feel that they are a part of something larger than life
Correct:B
EC-COUNCIL시험문제 EC0-350최신덤프 EC0-350 dumps EC0-350
NO.10 Maurine is working as a security consultant for Hinklemeir Associates.She has asked the
Systems Administrator to create a group policy that would not allow null sessions on the network.
The Systems Administrator is fresh out of college and has never heard of null sessions and does
not know what they are used for. Maurine is trying to explain to the Systems Administrator that
hackers will try to create a null session when footprinting the network. Why would an attacker try
to create a null session with a computer on a network?
A.Enumerate users and shares
B.Install a backdoor for later attacks
C.Escalate his/her privileges on the target server
D.To create a user with administrative privileges for later use
Correct:A
EC-COUNCIL시험문제 EC0-350최신덤프 EC0-350 dumps EC0-350
NO.11 What type of port scan is shown below? Scan directed at open port: ClientServer
192.5.2.92:4079 ---------FIN--------->192.5.2.110:23 192.5.2.92:4079 <----NO
RESPONSE------192.5.2.110:23 Scan directed at closed port: ClientServer 192.5.2.92:4079
---------FIN--------->192.5.2.110:23 192.5.2.92:4079<-----RST/ACK----------192.5.2.110:23
A.Idle Scan
B.FIN Scan
C.XMAS Scan
D.Windows Scan
Correct:B
EC-COUNCIL시험문제 EC0-350최신덤프 EC0-350 dumps EC0-350
NO.12 Lori has just been tasked by her supervisor toonduct vulnerability scan on the corporate
network.She has been instructed to perform a very thorough test of the network to ensure that
there are no security holes on any of the machines.Lori's company does not own any commercial
scanning products, so she decides to download a free one off the Internet.Lori has never done a
vulnerability scan before, so she is unsure of some of the settings available in the software she
downloaded.One of the options is to choose which ports that can be scanned.Lori wants to do
exactly what her boss has told her, but she does not know what ports should be scanned. If Lori is
supposed to scan all known TCP ports, how many ports should she select in the software?
A.65536
B.1024
C.1025
D.Lori should not scan TCP ports, only UDP ports
Correct:A
EC-COUNCIL시험문제 EC0-350최신덤프 EC0-350 dumps EC0-350
NO.13 Which programming language is NOT vulnerable to buffer overflow attacks?
A.Java
B.ActiveX
C.C++
D.Assembly Language
Correct:A
EC-COUNCIL시험문제 EC0-350최신덤프 EC0-350 dumps EC0-350
NO.14 Bill has successfully executed a buffer overflow against a Windows IIS web server. He has been
able to spawn an interactive shell and plans to deface the main web page. He first attempts to use
the "Echo" command to simply overwrite index.html and remains unsuccessful. He then attempts
to delete the page and achieves no progress. Finally, he tries to overwrite it with another page in
which also he remains unsuccessful. What is the probable cause of Bill's problem?
A.The system is a honeypot
B.The HTML file has permissions of read only
C.You cannot use a buffer overflow to deface a web page
D.There is a problem with the shell and he needs to run the attack again
Correct:B
EC-COUNCIL시험문제 EC0-350최신덤프 EC0-350 dumps EC0-350
NO.15 Bill has started to notice some slowness on his network when trying to update his company's
website and while trying to access the website from the Internet. Bill asks the help desk manager
if he has received any calls about slowness from the end users, but the help desk manager says
that he has not. Bill receives a number of calls from customers that cannot access the company
website and cannot purchase anything online. Bill logs on to a couple of his routers and notices
that the logs show network traffic is at an all time high.?He also notices that almost all the traffic
is originating from a specific address. Bill decides to use Geotrace to find out where the suspect
IP is originates from. The Geotrace utility runs a traceroute and finds that the IP is coming from
Panama.?Bill knows that none of his customers are in Panama so he immediately thinks that his
company is under a Denial of Service attack. Now Bill needs to find out more about the originating
IP address. What Internet registry should Bill look in to find the IP address?
A.LACNIC
B.ARIN
C.RIPE LACNIC
D.APNIC
Correct:A
EC-COUNCIL시험문제 EC0-350최신덤프 EC0-350 dumps EC0-350
NO.16 A program that defends against a port scanner will attempt to:
A.Sends back bogus data to the port scanner
B.Log a violation and recommend use of security-auditing tools
C.Limit access by the scanning system to publicly available ports only
D.Update a firewall rule in real time to prevent the port scan from being completed
Correct:D
EC-COUNCIL시험문제 EC0-350최신덤프 EC0-350 dumps EC0-350
NO.17 What is the purpose of firewalking?
A.It's a technique used to map routers on a network link
B.It's a technique used to discover Wireless network on foot
C.It's a technique used to discover interface in promiscuous mode
D.It's a technique used to discover what rules are configured on a gateway
Correct:D
EC-COUNCIL시험문제 EC0-350최신덤프 EC0-350 dumps EC0-350
NO.18 Why is Social Engineering considered attractive by hackers and commonly done by experts in
the field?
A.It is not considered illegal
B.It is done by well-known hackers
C.It is easy and extremely effective to gain information
D.It does not require a computer in order to commit a crime
Correct:C
EC-COUNCIL시험문제 EC0-350최신덤프 EC0-350 dumps EC0-350
NO.19 Which of the following built-in C/C++ functions you should avoid to prevent your program from
buffer overflow attacks?
A.strcpy()
B.strcat()
C.streadd()
D.strsock()
Correct:A B C
EC-COUNCIL시험문제 EC0-350최신덤프 EC0-350 dumps EC0-350
NO.20 After a client sends a connection request (SYN) packet to the server, the server will respond
(SYN-ACK) with a sequence number of its choosing, which then must be acknowledged (ACK) by
the client. This sequence number is predictable; the attack connects to a service first with its own
IP address, records the sequence number chosen, and then opens a second connection from a
forged IP address. The attack doesn't see the SYN-ACK (or any other packet) from the server, but
can guess the correct responses. If the source IP address is used for authentication, then the
attacker can use the one-sided communication to break into the server. What attacks can you
successfully launch against a server using the above technique?
A.Session Hijacking attacks
B.Denial of Service attacks
C.Web page defacement attacks
D.IP spoofing attacks
Correct:A
EC-COUNCIL시험문제 EC0-350최신덤프 EC0-350 dumps EC0-350
목표가 있다면 목표를 향해 끊임없이 달려야 멋진 인생이 됩니다. 지금의 현황에 만족하여 아무런 노력도 하지 않는다면 언젠가는 치열한 경쟁을 이겨내지 못하게 될것입니다. IT업종에 종사중이시라면 다른분들이 모두 취득하는 자격증쯤은 마련해야 되지 않겠습니까? EC-COUNCIL인증 EC0-350시험은 요즘 가장 인기있는 자격증 시험의 한과목입니다. IT업계에서 살아남으려면ITExamDump에서EC-COUNCIL인증 EC0-350덤프를 마련하여 자격증에 도전하여 자기의 자리를 찾아보세요.
댓글 없음:
댓글 쓰기