EC0-350 ECCouncil Ethical Hacking and Countermeasures V8 exact Exam Questions

Ethical Hacking and Countermeasures V8

Last Update 14 hours ago Total Questions : 878

The Ethical Hacking and Countermeasures V8 content is now fully updated, with all current exam questions added 14 hours ago. Deciding to include EC0-350 practice exam questions in your study plan goes far beyond basic test preparation.

You'll find that our EC0-350 exam questions frequently feature detailed scenarios and practical problem-solving exercises that directly mirror industry challenges. Engaging with these EC0-350 sample sets allows you to effectively manage your time and pace yourself, giving you the ability to finish any Ethical Hacking and Countermeasures V8 practice test comfortably within the allotted time.

Question # 101

Buffer X in an Accounting application module for Brownies Inc. can contain 200 characters. The programmer makes an assumption that 200 characters are more than enough. Because there were no proper boundary checks being conducted, Bob decided to insert 400 characters into the 200-character buffer. (Overflows the buffer). Below is the code snippet:

How can you protect/fix the problem of your application as shown above?

Because the counter starts with 0, we would stop when the counter is less than 200

Because the counter starts with 0, we would stop when the counter is more than 200

Add a separate statement to signify that if we have written less than 200 characters to the buffer, the stack should stop because it cannot hold any more data

Add a separate statement to signify that if we have written 200 characters to the buffer, the stack should stop because it cannot hold any more data

Question # 102

What is the IV key size used in WPA2?

128

Question # 103

Jess the hacker runs L0phtCrack ' s built-in sniffer utility that grabs SMB password hashes and stores them for offline cracking. Once cracked, these passwords can provide easy access to whatever network resources the user account has access to. But Jess is not picking up hashes from the network. Why?

The network protocol is configured to use SMB Signing

The physical network wire is on fibre optic cable

The network protocol is configured to use IPSEC

L0phtCrack SMB sniffing only works through Switches and not Hubs

Question # 104

Which of the following statement correctly defines ICMP Flood Attack? (Select 2 answers)

Bogus ECHO reply packets are flooded on the network spoofing the IP and MAC address

The ICMP packets signal the victim system to reply and the combination of traffic saturates the bandwidth of the victim ' s network

ECHO packets are flooded on the network saturating the bandwidth of the subnet causing denial of service

A DDoS ICMP flood attack occurs when the zombies send large volumes of ICMP_ECHO_REPLY packets to the victim system.

Question # 105

An ethical hacker for a large security research firm performs penetration tests, vulnerability tests, and risk assessments. A friend recently started a company and asks the hacker to perform a penetration test and vulnerability assessment of the new company as a favor. What should the hacker ' s next step be before starting work on this job?

Start by foot printing the network and mapping out a plan of attack.

Ask the employer for authorization to perform the work outside the company.

Begin the reconnaissance phase with passive information gathering and then move into active information gathering.

Use social engineering techniques on the friend ' s employees to help identify areas that may be susceptible to attack.

Question # 106

What is the name of the international standard that establishes a baseline level of confidence in the security functionality of IT products by providing a set of requirements for evaluation?

Blue Book

ISO 26029

Common Criteria

The Wassenaar Agreement

Question # 107

Which of the following is used to indicate a single-line comment in structured query language (SQL)?

' '

Question # 108

Which of the following network attacks relies on sending an abnormally large packet size that exceeds TCP/IP specifications?

Ping of death

SYN flooding

TCP hijacking

Smurf attack

Question # 109

A Certificate Authority (CA) generates a key pair that will be used for encryption and decryption of email. The integrity of the encrypted email is dependent on the security of which of the following?

Public key

Private key

Modulus length

Email server certificate

Question # 110

Which system consists of a publicly available set of databases that contain domain name registration contact information?

WHOIS

IANA

CAPTCHA

IETF

Question # 111

What are common signs that a system has been compromised or hacked? (Choose three.)

Increased amount of failed logon events

Patterns in time gaps in system and/or event logs

New user accounts created

Consistency in usage baselines

Partitions are encrypted

Server hard drives become fragmented

Question # 112

Pentest results indicate that voice over IP traffic is traversing a network. Which of the following tools will decode a packet capture and extract the voice conversations?

Cain

John the Ripper

Nikto

Hping

Question # 113

What are the three types of authentication?

Something you: know, remember, prove

Something you: have, know, are

Something you: show, prove, are

Something you: show, have, prove

Question # 114

Which of the following describes the characteristics of a Boot Sector Virus?

Moves the MBR to another location on the RAM and copies itself to the original location of the MBR

Moves the MBR to another location on the hard disk and copies itself to the original location of the MBR

Modifies directory table entries so that directory entries point to the virus code instead of the actual program

Overwrites the original MBR and only executes the new virus code

Question # 115

ICMP ping and ping sweeps are used to check for active systems and to check

if ICMP ping traverses a firewall.

the route that the ICMP ping took.

the location of the switchport in relation to the ICMP ping.

the number of hops an ICMP ping takes to reach a destination.

Question # 116

Which of the following is a component of a risk assessment?

Physical security

Administrative safeguards

DMZ

Logical interface

Question # 117

A hacker searches in Google for filetype:pcf to find Cisco VPN config files. Those files may contain connectivity passwords that can be decoded with which of the following?

Cupp

Nessus

Cain and Abel

John The Ripper Pro

Question # 118

An organization hires a tester to do a wireless penetration test. Previous reports indicate that the last test did not contain management or control packets in the submitted traces. Which of the following is the most likely reason for lack of management or control packets?

The wireless card was not turned on.

The wrong network card drivers were in use by Wireshark.

On Linux and Mac OS X, only 802.11 headers are received in promiscuous mode.

Certain operating systems and adapters do not collect the management or control packets.