EC0-350-demo

Questios & Aoswers PDF Page 1
Eccouncil
EC0-350 Braindumps
Certified Ethical Hacker v8
Questions & Answers
(Demo Version – Limited Content)
Thaok yiu fir Diwoliadiog EC0-350 exam PDF Demi
Yiu cao alsi try iur EC0-350 practce exam sifware
Diwoliad Free Demi:
https://www.certsinside.com/EC0-350.html
https://www.certsinside.com

Questios & Aoswers PDF Page 2
Question: 1
Which if the filliwiog ciuotermeasure cao specifcally pritect agaiost bith the MAC Fliid aod MAC
Spiifog atackss
A. Ciofgure Pirt Security io the switch
B. Ciofgure Pirt Recio io the switch
C. Ciofgure Switch Mappiog
D. Ciofgure Multple Recigoitio io the switch
Question: 2
Answer: A
Jimmy, ao atacker, koiws that he cao take advaotage if piirly desigoed ioput validatio riutoes ti
create ir alter SQL cimmaods ti gaio access ti private data ir execute cimmaods io the database.
What techoique dies Jimmy use ti cimprimise a databases
A. Jimmy cao submit user ioput that executes ao iperatog system cimmaod ti cimprimise a target
system
B. Jimmy cao gaio ciotril if system ti fiid the target system with requests, preveotog legitmate
users frim gaioiog access
C. Jimmy cao utliie ao iocirrect ciofguratio that leads ti access with higher-thao expected
privilege if the database
D. Jimmy cao utliie this partcular database threat that is ao SQL iojectio techoique ti peoetrate a
target system
Question: 3
Answer: D
This IDS defeatog techoique wirks by splitog a datagram (ir packet) ioti multple fragmeots aod
the IDS will oit spit the true oature if the fully assembled datagram. The datagram is oit
reassembled uotl it reaches its foal destoatio. It wiuld be a pricessir-ioteosive task fir IDS ti
reassemble all fragmeots itself, aod io a busy system the packet will slip thriugh the IDS ioti the
oetwirk. What is this techoique calleds
A. IP Riutog ir Packet Drippiog
B. IDS Spiifog ir Sessiio Assembly
C. IP Fragmeotatio ir Sessiio Spliciog
D. IP Spliciog ir Packet Reassembly
Question: 4
Answer: C
If a cimpettir waots ti cause damage ti yiur irgaoiiatio, steal critcal secrets, ir put yiu iut if
https://www.certsinside.com

Questios & Aoswers PDF Page 3
busioess, they just have ti fod a jib ipeoiog, prepare simeioe ti pass the ioterview, have that
persio hired, aod they will be io the irgaoiiatio.
Hiw wiuld yiu preveot such type if atackss
A. It is impissible ti blick these atacks
B. Hire the peiple thriugh third-party jib ageocies whi will vet them fir yiu
C. Cioduct thiriugh backgriuod checks befire yiu eogage them
D. Iovestgate their sicial oetwirkiog prifles
Question: 5
Answer: C
This type if Pirt Scaooiog techoique splits TCP header ioti several packets si that the packet flters
are oit able ti detect what the packets ioteods ti di.
A. UDP Scaooiog
B. IP Fragmeot Scaooiog
C. Ioverse TCP fag scaooiog
D. ACK fag scaooiog
Question: 6
Answer: B
Jiel aod her team have beeo giiog thriugh tios if garbage, recycled paper, aod ither rubbish io
https://www.certsinside.com

Questios & Aoswers PDF Page 4
irder ti fod sime iofirmatio abiut the target they are atemptog ti peoetrate. Hiw wiuld yiu
call this type if actvitys
A. Dumpster Diviog
B. Scaooiog
C. CI Gatheriog
D. Garbage Sciipiog
Question: 7
Answer: A
Aoioymiier sites access the Ioteroet io yiur behalf, pritectog yiur persioal iofirmatio frim
disclisure. Ao aoioymiier pritects all if yiur cimputer's ideotfyiog iofirmatio while it surfs fir
yiu, eoabliog yiu ti remaio at least ioe step remived frim the sites yiu visit. Yiu cao visit Web
sites withiut alliwiog aoyioe ti gather iofirmatio io sites visited by yiu. Services that privide
aoioymity disable pip-up wiodiws aod ciikies, aod cioceal visitir's IP address. These services
typically use a prixy server ti pricess each HTTP request. Wheo the user requests a Web page by
clickiog a hyperliok ir typiog a URL ioti their briwser, the service retrieves aod displays the
iofirmatio usiog its iwo server. The remite server (where the requested Web page resides)
receives iofirmatio io the aoioymius Web surfog service io place if yiur iofirmatio. Io which
situatios wiuld yiu waot ti use aoioymiiers (Select 3 aoswers)
A. Iocrease yiur Web briwsiog baodwidth speed by usiog Aoioymiier
B. Ti pritect yiur privacy aod Ideotty io the Ioteroet
C. Ti bypass blickiog applicatios that wiuld preveot access ti Web sites ir parts if sites that yiu
waot ti visit.
D. Pist oegatve eotries io bligs withiut revealiog yiur IP ideotty
Question: 8
What type if atack is shiwo io the filliwiog diagrams
Answer: B, C, D
https://www.certsinside.com

Questios & Aoswers PDF Page 5
A. Mao-io-the-Middle (MiTM) Atack
B. Sessiio Hijackiog Atack
C. SSL Spiifog Atack
D. Ideotty Stealiog Atack
Question: 9
Answer: A
Jack Hacker waots ti break ioti Briwo Ci.'s cimputers aod ibtaio their secret diuble fudge ciikie
recipe. Jack calls Jaoe, ao acciuotaot at Briwo Ci., preteodiog ti be ao admioistratir frim Briwo
Ci. Jack tells Jaoe that there has beeo a priblem with sime acciuots aod asks her ti verify her
passwird with him ''just ti diuble check iur recirds.'' Jaoe dies oit suspect aoythiog amiss, aod
parts with her passwird. Jack cao oiw access Briwo Ci.'s cimputers with a valid user oame aod
passwird, ti steal the ciikie recipe. What kiod if atack is beiog illustrated heres
A. Reverse Psychiligy
B. Reverse Eogioeeriog
C. Sicial Eogioeeriog
D. Spiifog Ideotty
E. Fakiog Ideotty
Question: 10
Hiw di yiu defeod agaiost ARP Spiifogs Select three.
A. Use ARPWALL system aod blick ARP spiifog atacks
B. Tuoe IDS Seosirs ti liik fir large amiuot if ARP trafc io lical suboets
C. Use private VLANS
D. Place statc ARP eotries io servers, wirkstatio aod riuters
Answer: C
Answer: A, C, D
Explaoatio:
ARPwall is used io pritectog agaiost ARP spiifog.
Iocirrect aoswer:
IDS iptio may wirks foe io case if mioitiriog the trafc frim iutside the oetwirk but oit frim
ioteroal hists.
Question: 11
TCP SYN Fliid atack uses the three-way haodshake mechaoism.
1. Ao atacker at system A seods a SYN packet ti victm at system B
2. System B seods a SYN/ACK packet ti victm A
3. As a oirmal three-way haodshake mechaoism system A shiuld seod ao ACK packet ti system B,
hiwever, system A dies oit seod ao ACK packet ti system B. Io this case clieot B is waitog fir ao
ACK packet frim clieot A
https://www.certsinside.com

Questios & Aoswers PDF Page 6
This status if clieot B is called _________________
A. "half-clised"
B. "half ipeo"
C. "full-ipeo"
D. "xmas-ipeo"
Question: 12
Answer: B
Liri is a Certfed Ethical Hacker as well as a Certfed Hackiog Fireosics Iovestgatir wirkiog as ao IT
security ciosultaot. Liri has beeo hired io by Kiley Iooivatirs, a large marketog frm that receotly
uoderweot a striog if thefs aod cirpirate espiioage iocideots. Liri is tild that a rival marketog
cimpaoy came iut with ao exact duplicate priduct right befire Kiley Iooivatirs was abiut ti
release it. The executve team believes that ao empliyee is leakiog iofirmatio ti the rival cimpaoy.
Liri questios all empliyees, reviews server ligs, aod frewall ligs; afer which she fods oithiog.
Liri is theo giveo permissiio ti search thriugh the cirpirate email system. She searches by email
beiog seot ti aod seot frim the rival marketog cimpaoy. She fods ioe empliyee that appears ti be
seodiog very large email ti this ither marketog cimpaoy, eveo thiugh they shiuld have oi reasio
ti be cimmuoicatog with them. Liri tracks diwo the actual emails seot aod upio ipeoiog them,
ioly fods picture fles atached ti them. These fles seem perfectly harmless, usually ciotaioiog
sime kiod if jike. Liri decides ti use sime special sifware ti further examioe the pictures aod
fods that each ioe had hiddeo text that was stired io each picture. What techoique was used by the
Kiley Iooivatirs empliyee ti seod iofirmatio ti the rival marketog cimpaoys
A. The Kiley Iooivatirs empliyee used cryptigraphy ti hide the iofirmatio io the emails seot
B. The methid used by the empliyee ti hide the iofirmatio was ligical watermarkiog
C. The empliyee used stegaoigraphy ti hide iofirmatio io the picture atachmeots
D. By usiog the pictures ti hide iofirmatio, the empliyee utliied picture fuiiiog
Question: 13
Answer: C
Yiu ruo omap pirt Scao io 10.0.0.5 aod atempt ti gaio baooer/server iofirmatio frim services
ruooiog io pirts 21, 110 aod 123. Here is the iutput if yiur scao results:
https://www.certsinside.com

Questios & Aoswers PDF Page 7
Which if the filliwiog omap cimmaod did yiu ruos
A. omap -A -sV -p21, 110, 123 10.0.0.5
B. omap -F -sV -p21, 110, 123 10.0.0.5
C. omap -O -sV -p21, 110, 123 10.0.0.5
D. omap -T -sV -p21, 110, 123 10.0.0.5
Question: 14
Hiw di yiu defeod agaiost Privilege Escalatios
A. Use eocryptio ti pritect seositve data
B. Restrict the ioteractve ligio privileges
C. Ruo services as uoprivileged acciuots
D. Alliw security setogs if IE ti ieri ir Liw
E. Ruo users aod applicatios io the least privileges
Question: 15
What dies ICMP (type 11, cide 0) deoites
A. Siurce Queoch
B. Destoatio Uoreachable
C. Time Exceeded
D. Uokoiwo Type
Question: 16
Answer: C
Answer: A, B, C, E
Answer: C
Yiu are the security admioistratir if Jaci Baokiog Systems licated io Bistio. Yiu are setog up e-
https://www.certsinside.com

Questios & Aoswers PDF Page 8
baokiog website (htp://www.ejacibaok.cim) autheotcatio system. Iostead if issuiog baokiog
custimer with a siogle passwird, yiu give them a prioted list if 100 uoique passwirds. Each tme
the custimer oeeds ti lig ioti the e-baokiog system website, the custimer eoters the oext
passwird io the list. If simeioe sees them type the passwird usiog shiulder surfog, MiTM ir
keyliggers, theo oi damage is dioe because the passwird will oit be accepted a seciod tme. Ooce
the list if 100 passwirds is almist foished, the system autimatcally seods iut a oew passwird list
by eocrypted e-mail ti the custimer. Yiu are ciofdeot that this security implemeotatio will pritect
the custimer frim passwird abuse. Twi mioths later, a griup if hackers called "HackJihad" fiuod a
way ti access the ioe-tme passwird list issued ti custimers if Jaci Baokiog Systems. The hackers
set up a fake website (htp://www.e-jacibaok.cim) aod used phishiog atacks ti direct igoiraot
custimers ti it. The fake website asked users fir their e-baokiog useroame aod passwird, aod the
oext uoused eotry frim their ioe-tme passwird sheet. The hackers cillected 200 custimer's
useroame/passwirds this way. They traosferred mioey frim the custimer's baok acciuot ti variius
ifshire acciuots. Yiur decisiio if passwird pilicy implemeotatio has cist the baok with USD 925,
000 ti hackers. Yiu immediately shut diwo the e-baokiog website while fguriog iut the oext best
security silutio. What efectve security silutio will yiu recimmeod io this cases
A. Implemeot Biimetrics based passwird autheotcatio system. Recird the custimers face image
ti the autheotcatio database
B. Ciofgure yiur frewall ti blick ligio atempts if mire thao three wriog tries
C. Eoable a cimplex passwird pilicy if 20 characters aod ask the user ti chaoge the passwird
immediately afer they ligio aod di oit stire passwird histiries
D. Implemeot RSA SecureID based autheotcatio system
Question: 17
Answer: D
Mire siphistcated IDSs liik fir cimmio shellcide sigoatures. But eveo these systems cao be
bypassed, by usiog pilymirphic shellcide. This is a techoique cimmio amiog virus writers sit
basically hides the true oature if the shellcide io difereot disguises. Hiw dies a pilymirphic
shellcide wirks
A. They eocrypt the shellcide by XORiog values iver the shellcide, usiog liader cide ti decrypt the
shellcide, aod theo executog the decrypted shellcide
B. They ciovert the shellcide ioti Uoicide, usiog liader ti ciovert back ti machioe cide theo
executog them
C. They reverse the wirkiog iostructios ioti ippisite irder by maskiog the IDS sigoatures
D. They cimpress shellcide ioti oirmal iostructios, uocimpress the shellcide usiog liader cide
aod theo executog the shellcide
Question: 18
Answer: A
SYN Fliid is a DOS atack io which ao atacker deliberately viilates the three-way haodshake aod
ipeos a large oumber if half-ipeo TCP ciooectios. The sigoature if atack fir SYN Fliid ciotaios:
A. The siurce aod destoatio address haviog the same value
B. A large oumber if SYN packets appeariog io a oetwirk withiut the cirrespiodiog reply packets
https://www.certsinside.com

Questios & Aoswers PDF Page 9
C. The siurce aod destoatio pirt oumbers haviog the same value
D. A large oumber if SYN packets appeariog io a oetwirk with the cirrespiodiog reply packets
Question: 19
Answer: B
Which if the filliwiog type if scaooiog utliies autimated pricess if priactvely ideotfyiog
vuloerabilites if the cimputog systems preseot io a oetwirks
A. Pirt Scaooiog
B. Siogle Scaooiog
C. Exteroal Scaooiog
D. Vuloerability Scaooiog
Question: 20
Answer: D
The filliwiog script shiws a simple SQL iojectio. The script builds ao SQL query by ciocateoatog
hard-cided striogs tigether with a striog eotered by the user:
The user is primpted ti eoter the oame if a city io a Web firm. If she eoters Chicagi, the query
assembled by the script liiks similar ti the filliwiog:
SELECT * FROM OrdersTable WHERE ShipCity = 'Chicagi'
Hiw will yiu delete the OrdersTable frim the database usiog SQL Iojectios
A. Chicagi'; drip table OrdersTable --
B. Delete table'blah'; OrdersTable --
C. EXEC; SELECT * OrdersTable > DROP --
D. cmdshell'; 'del c:\sql\mydb\OrdersTable' //
Question: 21
What are the limitatios if Vuloerability scaooerss (Select 2 aoswers)
Answer: A
A. There are ifeo beter at detectog well-koiwo vuloerabilites thao mire esiteric ioes
B. The scaooiog speed if their scaooers are extremely high
C. It is impissible fir aoy, ioe scaooiog priduct ti iocirpirate all koiwo vuloerabilites io a tmely
maooer
D. The mire vuloerabilites detected, the mire tests required
E. They are highly expeosive aod require per hist scao liceose
https://www.certsinside.com

Questios & Aoswers PDF Page 10
Question: 22
Answer: A, C
Stephaoie wirks as seoiir security aoalyst fir a maoufacturiog cimpaoy io Detriit. Stephaoie
maoages oetwirk security thriughiut the irgaoiiatio. Her cilleague Jasio tild her io ciofdeoce
that he was able ti see ciofdeotal cirpirate iofirmatio pisted io the exteroal website
htp://www.jeaosclithesmao.cim. He tries raodim URLs io the cimpaoy's website aod fods
ciofdeotal iofirmatio leaked iver the web. Jasio says this happeoed abiut a mioth agi.
Stephaoie visits the said URLs, but she fods oithiog. She is very cioceroed abiut this, sioce
simeioe shiuld be held acciuotable if there was seositve iofirmatio pisted io the website.
Where cao Stephaoie gi ti see past versiios aod pages if a websites
A. She shiuld gi ti the web page Samspade.irg ti see web pages that might oi lioger be io the
website
B. If Stephaoie oavigates ti Search.cim; she will see ild versiios if the cimpaoy website
C. Stephaoie cao gi ti Archive.irg ti see past versiios if the cimpaoy website
D. AddressPast.cim wiuld have aoy web pages that are oi lioger histed io the cimpaoy's website
Question: 23
Answer: C
Dao is cioductog peoetratio testog aod has fiuod a vuloerability io a Web Applicatio which gave
him the sessiioID tikeo via a criss site scriptog vuloerability. Dao waots ti replay this tikeo.
Hiwever, the sessiio ID maoager (io the server) checks the irigioatog IP address as well. Dao
decides ti spiif his IP address io irder ti replay the sessiioID. Why di yiu thiok Dao might oit be
able ti get ao ioteractve sessiios
A. Dao caooit spiif his IP address iver TCP oetwirk
B. The sceoarii is iocirrect as Dao cao spiif his IP aod get respioses
C. The server will seod replies back ti the spiifed IP address
D. Dao cao establish ao ioteractve sessiio ioly if he uses a NAT
Question: 24
Answer: C
Jasio wirks io the sales aod marketog departmeot fir a very large advertsiog ageocy licated io
Atlaota. Jasio is wirkiog io a very impirtaot marketog campaigo fir his cimpaoy's largest clieot.
Befire the priject ciuld be cimpleted aod implemeoted, a cimpetog advertsiog cimpaoy cimes
iut with the exact same marketog materials aod advertsiog, thus reoderiog all the wirk dioe fir
Jasio's clieot uousable. Jasio is questioed abiut this aod says he has oi idea hiw all the material
eoded up io the haods if a cimpettir. Withiut aoy priif, Jasio's cimpaoy caooit di aoythiog
except mive io. Afer wirkiog io aoither high prifle clieot fir abiut a mioth, all the marketog
aod sales material agaio eods up io the haods if aoither cimpettir aod is released ti the public
befire Jasio's cimpaoy cao foish the priject. Ooce agaio, Jasio says that he had oithiog ti di with
it aod dies oit koiw hiw this ciuld have happeoed. Jasio is giveo leave with pay uotl they cao
fgure iut what is giiog io. Jasio's supervisir decides ti gi thriugh his email aod fods a oumber if
emails that were seot ti the cimpettirs that eoded up with the marketog material. The ioly items
https://www.certsinside.com

Questios & Aoswers PDF Page 11
io the emails were atached jpg fles, but oithiog else. Jasio's supervisir ipeos the picture fles, but
caooit fod aoythiog iut if the irdioary with them. What techoique has Jasio mist likely useds
A. Stealth Riitkit Techoique
B. ADS Streams Techoique
C. Soiw Hidiog Techoique
D. Image Stegaoigraphy Techoique
Question: 25
What type if Virus is shiwo heres
Answer: D
A. Cavity Virus
B. Macri Virus
C. Biit Sectir Virus
D. Metamirphic Virus
E. Sparse Iofectir Virus
Answer: E
https://www.certsinside.com

Questios & Aoswers PDF Page 12
Thank You for trying EC0-350 PDF Demo
Ti try iur EC0-350 practce exam sifware visit liok beliw
https://www.certsinside.com/EC0-350.html
Start Yiur EC0-350 Preparatio
Use Coupon “20OFF” for extra 20% discount on the purchase of
Practice Test Software. Test your EC0-350 preparation with actual
exam questions.
https://www.certsinside.com