Most of the particular customers prefer to our EC-Council certification dumps, and some ones have got the particular ec0-350 certification. Having a EC-Council EC-Council certification inside hand is a advantage for those who want to make progress inside IT field. If you fail the particular EC-Council certification exam, you can get pleasure from the money back again policy. Or you are able to ask for one more EC-Council EC-Council product swap instead of refund. You should send the particular transcript to claim the refund.

2021 Sep ec0-350 free exam

Q51. An attacker is attempting to telnet into a corporation’s system in the DMZ. The attacker doesn’t want to get caught and is spoofing his IP address. After numerous tries he remains unsuccessful in connecting to the system. The attacker rechecks that the target system is actually listening on Port 23 and he verifies it with both nmap and hping2. He is still unable to connect to the target system. 

What is the most probable reason? 

A. The firewall is blocking port 23 to that system. 

B. He cannot spoof his IP and successfully use TCP. 

C. He needs to use an automated tool to telnet in. 

D. He is attacking an operating system that does not reply to telnet even when open. 

Answer: B 

Explanation: Spoofing your IP will only work if you don’t need to get an answer from the target system. In this case the answer (login prompt) from the telnet session will be sent to the “real” location of the IP address that you are showing as the connection initiator. 


Q52. As a securing consultant, what are some of the things you would recommend to a company to ensure DNS security? 

Select the best answers. 

A. Use the same machines for DNS and other applications 

B. Harden DNS servers 

C. Use split-horizon operation for DNS servers 

D. Restrict Zone transfers 

E. Have subnet diversity between DNS servers 

Answer: BCDE

Explanations: 

A is not a correct answer as it is never recommended to use a DNS server for any other application. Hardening of the DNS servers makes them less vulnerable to attack. It is recommended to split internal and external DNS servers (called split-horizon operation). Zone transfers should only be accepted from authorized DNS servers. By having DNS servers on different subnets, you may prevent both from going down, even if one of your networks goes down. 


Q53. John has performed a scan of the web server with NMAP but did not gather enough information to accurately identify which operating system is running on the remote host. How could you use a web server to help in identifying the OS that is being used? 

A. Telnet to an Open port and grab the banner 

B. Connect to the web server with an FTP client 

C. Connect to the web server with a browser and look at the web page 

D. Telnet to port 8080 on the web server and look at the default page code 

Answer: A 

Explanation: Most Web servers politely identify themselves and the OS to anyone who asks. 


Q54. Michael is the security administrator for the for ABC company. Michael has been charged with strengthening the company’s security policies, including its password policies. Due to certain legacy applications. Michael was only able to enforce a password group policy in Active Directory with a minimum of 10 characters. He has informed the company’s employes, however that the new password policy requires that everyone must have complex passwords with at least 14 characters. Michael wants to ensure that everyone is using complex passwords that meet the new security policy requirements. Michael has just logged on to one of the network’s domain controllers and is about to run the following command: 

What will this command accomplish? 


A. Dumps SAM password hashes to pwd.txt 

B. Password history file is piped to pwd.txt 

C. Dumps Active Directory password hashes to pwd.txt 

D. Internet cache file is piped to pwd.txt 

Answer: A

Explanation: Pwdump is a hack tool that is used to grab Windows password hashes from a remote Windows computer. Pwdump > pwd.txt will redirect the output from pwdump to a text file named pwd.txt 


Q55. Why is Social Engineering considered attractive by hackers and also adopted by experts in the field? 

A. It is done by well known hackers and in movies as well. 

B. It does not require a computer in order to commit a crime. 

C. It is easy and extremely effective to gain information. 

D. It is not considered illegal. 

Answer: C

Explanation: Social engineering is a collection of techniques used to manipulate people into performing actions or divulging confidential information. While similar to a confidence trick or simple fraud, the term typically applies to trickery for information gathering or computer system access and in most (but not all) cases the attacker never comes face-to-face with the victim. The term has been popularized in recent years by well known (reformed) computer criminal and security consultant Kevin Mitnick who points out that it's much easier to trick someone into giving you his or her password for a system than to spend the effort to hack in. He claims it to be the single most effective method in his arsenal. 


ec0-350 exam topics

Renewal ec0-350 free question:

Q56. What is a Trojan Horse? 

A. A malicious program that captures your username and password 

B. Malicious code masquerading as or replacing legitimate code 

C. An unauthorized user who gains access to your user database and adds themselves as a user 

D. A server that is to be sacrificed to all hacking attempts in order to log and monitor the hacking activity 

Answer: B

Explanation: A Trojan Horse is an apparently useful and innocent program containing additional hidden code which allows the unauthorized collection, exploitation, falsification, or destruction of data. 


Q57. A remote user tries to login to a secure network using Telnet, but accidently types in an invalid user name or password. Which responses would NOT be preferred by an experienced Security Manager? (multiple answer) 

A. Invalid Username 

B. Invalid Password 

C. Authentication Failure 

D. Login Attempt Failed 

E. Access Denied 

Answer: AB

Explanation: As little information as possible should be given about a failed login attempt. Invalid username or password is not desirable. 


Q58. What is the algorithm used by LM for Windows2000 SAM ? 

A. MD4 

B. DES 

C. SHA 

D. SSL 

Answer: B

Explanation: Okay, this is a tricky question. We say B, DES, but it could be A “MD4” depending on what their asking - Windows 2000/XP keeps users passwords not "apparently", but as hashes, i.e. actually as "check sum" of the passwords. Let's go into the passwords keeping at large. The most interesting structure of the complex SAM-file building is so called V-block. It's size is 32 bytes and it includes hashes of the password for the local entering: NT Hash of 16-byte length, and hash used during the authentication of access to the common resources of other computers LanMan Hash, or simply LM Hash, of the same 16-byte length. Algorithms of the formation of these hashes are following: NT Hash formation: LM Hash formation: 


Q59. Which DNS resource record can indicate how long any "DNS poisoning" could last? 

A. MX 

B. SOA 

C. NS 

D. TIMEOUT 

Answer: B

Explanation: The SOA contains information of secondary servers, update intervals and expiration times. 


Q60. Maurine is working as a security consultant for Hinklemeir Associate. She has asked the Systems Administrator to create a group policy that would not allow null sessions on the network. The Systems Administrator is fresh out of college and has never heard of null sessions and does not know what they are used for. Maurine is trying to explain to the Systems Administrator that hackers will try to create a null session when footprinting the network. 

Why would an attacker try to create a null session with a computer on a network? 

A. Enumerate users shares 

B. Install a backdoor for later attacks 

C. Escalate his/her privileges on the target server 

D. To create a user with administrative privileges for later use 

Answer: A

Explanation: The Null Session is often referred to as the "Holy Grail" of Windows hacking. Listed as the number 5 windows vulnerability on the SANS/FBI Top 20 list, Null Sessions take advantage of flaws in the CIFS/SMB (Common Internet File System/Server Messaging Block) architecture. You can establish a Null Session with a Windows (NT/2000/XP) host by logging on with a null user name and password. Using these null connections allows you to gather the following information from the host: 

-List of users and groups 

-List of machines 

-List of shares 

-Users and host SID' (Security Identifiers) 


Topic 5, System Hacking 

177. If a token and 4-digit personal identification number (PIN) are used to access a computer system and the token performs off-line checking for the correct PIN, what type of attack is possible? 

A. Birthday 

B. Brute force 

C. Man-in-the-middle 

D. Smurf 

Answer: B

Explanation: Brute force attacks are performed with tools that cycle through many possible character, number, and symbol combinations to guess a password. Since the token allows offline checking of PIN, the cracker can keep trying PINS until it is cracked.