Testking EC-Council EC0-350
Visited 1040 times, 2 so far today
Exam Number/Code: EC0-350
Exam Name: ethical hacking and countermeasures
Testking EC0-350 Exam will provide you with exam simulation questions and actual answers that reflect the actual exam
Preparing for the Testking EC0-350 exam? Searching EC0-350 Test Questions, EC0-350 Practice Exam, EC0-350 Braindumps?
EC0-350 practice exam covers all the practice test objectives to pass EC0-350 exam.
Pass your exam at first attempt with our Testking EC0-350study guide, EC0-350 Braindumps, As well Audio exam, Realistic
Practice Labs, and Interactive Testing Engine.
Our Testking practice test covers the information associated with each EC0-350 exam topics in details and includes information
found in no other practice test sites on the web.
Our challenging questions with Correct Answers built to simulate the actual exam. Unlimited, FREE auto-updates so you’re
never behind on any topic. The whole package comes as an automatic download so there’s no waiting or shipping. Our most
questions and answers along with explanations. Our practice test will determine you to take your EC0-350 certification exam
and pass the official exam on your first try, guaranteed
Now guaranteed Testking EC0-350 exam training is available in various formats to best suit your needs and learning style.
Whether you are a hands-on tactile learner, visually or even a textbook training veteran, Real-Exams has the EC0-350 pdf vce
format resources that will enable you to pass your EC0-350 test with flying colors.
Comprehensive questions with complete explanations about actualtests EC0-350 exam
download EC0-350 exam questions accompanied by exhibits
Verified Answers Researched by Industry Experts and almost 100% correct
EC0-350 exam questions updated on regular basis
QUESTION 1
What is the essential difference between an ‘Ethical Hacker’ and a ‘Cracker’?
A. The ethical hacker does not use the same techniques or skills as a cracker.
B. The ethical hacker does it strictly for financial motives unlike a cracker.
C. The ethical hacker has authorization from the owner of the target.
D. The ethical hacker is just a cracker who is getting paid.
Answer: C
QUESTION 2
What does the term “Ethical Hacking” mean?
A. Someone who is hacking for ethical reasons.
B. Someone who is using his/her skills for ethical reasons.
C. Someone who is using his/her skills for defensive purposes.
D. Someone who is using his/her skills for offensive purposes.
Answer: C
QUESTION 3
Who is an Ethical Hacker?
A. A person whohacksfor ethical reasons
B. A person whohacksfor an ethical cause
C. A person whohacksfor defensive purposes
D. A person whohacksfor offensive purposes
Answer: C
Explanation:
He is a security professional who applies his hacking skills for defensive purposes.
QUESTION 4
What is “Hacktivism”?
A. Hacking for a cause
B. Hacking ruthlessly
C. An association which groups activists
D. None of the above
Answer: A
QUESTION 5
Where should a security tester be looking for information that could be used by an
attacker against an organization? (Select all that apply)
A. CHAT rooms
B. WHOIS database
C. News groups
D. Web sites
E. Search engines
F. Organization’s own web site
Answer: A, B, C, D, E, F
QUESTION 6
What are the two basic types of attacks?(Choose two.
A. DoS
B. Passive
C. Sniffing
D. Active
E. Cracking
Answer: B, D
Explanation: Passive and active attacks are the two basic types of attacks.
QUESTION 7
You are footprinting Acme.com to gather competitive intelligence. You visit the
acme.com websire for contact information and telephone number numbers but do
not find it listed there. You know that they had the entire staff directory listed on
their website 12 months ago but now it is not there. How would it be possible for you
to retrieve information from the website that is outdated?
A. Visit google search engine and view the cached copy.
B. Visit Archive.org site to retrieve the Internet archive of the acme website.
C. Crawl the entire website and store them into your computer.
D. Visit the company’s partners and customers website for this information.
Answer: B
QUESTION 8
User which Federal Statutes does FBI investigate for computer crimes involving
e-mail scams and mail fraud?
A. 18 U.S.C 1029 Possession of Access Devices
B. 18 U.S.C 1030 Fraud and related activity in connection with computers
C. 18 U.S.C 1343 Fraud by wire, radio or television
D. 18 U.S.C 1361 Injury to Government Property
E. 18 U.S.C 1362 Government communication systems
F. 18 U.S.C 1831 Economic Espionage Act
G. 18 U.S.C 1832 Trade Secrets Act
Answer: B
QUESTION 9
Which of the following activities will NOT be considered as passive footprinting?
A. Go through the rubbish to find out any information that might have been discarded.
B. Search on financial site such as Yahoo Financial to identify assets.
C. Scan the range of IP address found in the target DNS database.
D. Perform multiples queries using a search engine.
Answer: C
QUESTION 10
Which one of the following is defined as the process of distributing incorrect
Internet Protocol (IP) addresses/names with the intent of diverting traffic?
A. Network aliasing
B. Domain Name Server (DNS) poisoning
C. Reverse Address Resolution Protocol (ARP)
D. Port scanning
Answer: B
Explanation:
This reference is close to the one listed DNS poisoning is the correct answer.
This is how DNS DOS attack can occur. If the actual DNS records are unattainable to the
attacker for him to alter in this fashion, which they should be, the attacker can insert this
data into the cache of there server instead of replacing the actual records, which is
referred to as cache poisoning.
QUESTION 11
You are footprinting an organization to gather competitive intelligence. You visit
the company’s website for contact information and telephone numbers but do not
find it listed there. You know that they had the entire staff directory listed on their
website 12 months ago but not it is not there.
How would it be possible for you to retrieve information from the website that is
outdated?
A. Visit google’s search engine and view the cached copy.
B. Visit Archive.org web site to retrieve the Internet archive of the company’s website.
C. Crawl the entire website and store them into your computer.
D. Visit the company’s partners and customers website for this information.
Answer: B
Explanation: Archive.org mirrors websites and categorizes them by date and month
depending on the crawl time. Archive.org dates back to 1996, Google is incorrect
because the cache is only as recent as the latest crawl, the cache is over-written on each
subsequent crawl. Download the websiteis incorrect because that’s the same as what you
see online. Visiting customer partners websites is just bogus. The answer is then Firmly,
C, archive.org
QUESTION 12
A Certkiller security System Administrator is reviewing the network system log files.
He notes the following:
- Network log files are at 5 MB at 12:00 noon.
- At 14:00 hours, the log files at 3 MB.
What should he assume has happened and what should he do about the situation?
A. He should contact the attacker’s ISP as soon as possible and have the connection
disconnected.
B. He should log the event as suspicious activity, continue to investigate, and take further
steps according to site security policy.
C. He should log the file size, and archive the information, because the router crashed.
D. He should run a file system check, because the Syslog server has a self correcting file
system problem.
E. He should disconnect from the Internet discontinue any further unauthorized use,
because an attack has taken place.
Answer: B
Explanation:
You should never assume a host has been compromised without verification. Typically,
disconnecting a server is an extreme measure and should only be done when it is
confirmed there is a compromise or the server contains such sensitive data that the loss of
service outweighs the risk. Never assume that any administrator or automatic process is
making changes to a system. Always investigate the root cause of the change on the
system and follow your organizations security policy.
Testking EC0-350
TK Questions&Answers(Q & As with Expert Explanations)? 458 Q&A
Updated? 22/10/2008
Free Down: Testking EC0-350
Free Down: Pass4sure EC0-350
Dowload PassGuide Practice Test Questions
One Comment on “Testking EC-Council EC0-350”