[Free] 2018(Jan) Latesttests Examcollection ECCouncil EC0-350 Dumps with VCE and PDF 621-630

2018 Jan ECCouncil Official New Released EC0-350
100% Free Download! 100% Pass Guaranteed!

Ethical Hacking and Countermeasures V8

Question No: 621 – (Topic 7)

You have retrieved the raw hash values from a Windows 2000 Domain Controller. Using

social engineering, you come to know that they are enforcing strong passwords. You understand that all users are required to use passwords that are at least 8 characters in length. All passwords must also use 3 of the 4 following categories: lower case letters, capital letters, numbers and special characters.

With your existing knowledge of users, likely user account names and the possibility that they will choose the easiest passwords possible, what would be the fastest type of password cracking attack you can run against these hash values and still get results?

  1. Online Attack

  2. Dictionary Attack

  3. Brute Force Attack

  4. Hybrid Attack

Answer: D

Explanation: A dictionary attack will not work as strong passwords are enforced, also the minimum length of 8 characters in the password makes a brute force attack time consuming. A hybrid attack where you take a word from a dictionary and exchange a number of letters with numbers and special characters will probably be the fastest way to crack the passwords.

Question No: 622 – (Topic 7)

A network admin contacts you. He is concerned that ARP spoofing or poisoning might occur on his network. What are some things he can do to prevent it?

Select the best answers.

  1. Use port security on his switches.

  2. Use a tool like ARPwatch to monitor for strange ARP activity.

  3. Use a firewall between all LAN segments.

  4. If you have a small network, use static ARP entries.

  5. Use only static IP addresses on all PC#39;s.

Answer: A,B,D Explanation: Explanations:

By using port security on his switches, the switches will only allow the first MAC address that is connected to the switch to use that port, thus preventing ARP spoofing.ARPWatch is a tool that monitors for strange ARP activity. This may help identify ARP spoofing when it

happens. Using firewalls between all LAN segments is possible and may help, but is usually pretty unrealistic. On a very small network, static ARP entries are a possibility. However, on a large network, this is not an realistic option. ARP spoofing doesn#39;t have anything to do with static or dynamic IP addresses. Thus, this option won#39;t help you.

Question No: 623 – (Topic 7)

Fingerprinting an Operating System helps a cracker because:

  1. It defines exactly what software you have installed

  2. It opens a security-delayed window based on the port being scanned

  3. It doesn#39;t depend on the patches that have been applied to fix existing security holes

  4. It informs the cracker of which vulnerabilities he may be able to exploit on your system

Answer: D

Explanation: When a cracker knows what OS and Services you use he also knows which exploits might work on your system. If he would have to try all possible exploits for all possible Operating Systems and Services it would take too long time and the possibility of being detected increases.

Question No: 624 – (Topic 7)

A remote user tries to login to a secure network using Telnet, but accidently types in an invalid user name or password. Which responses would NOT be preferred by an experienced Security Manager? (multiple answer)

  1. Invalid Username

  2. Invalid Password

  3. Authentication Failure

  4. Login Attempt Failed

  5. Access Denied

Answer: A,B Explanation:

As little information as possible should be given about a failed login attempt. Invalid username or password is not desirable.

Question No: 625 – (Topic 7)

Bob wants to prevent attackers from sniffing his passwords on the wired network. Which of the following lists the best options?

  1. RSA, LSA, POP

  2. SSID, WEP, Kerberos

  3. SMB, SMTP, Smart card

  4. Kerberos, Smart card, Stanford SRP

Answer: D

Explanation: Kerberos, Smart cards and Stanford SRP are techniques where the password never leaves the computer.

Question No: 626 – (Topic 7)

A file integrity program such as Tripwire protects against Trojan horse attacks by:

  1. Automatically deleting Trojan horse programs

  2. Rejecting packets generated by Trojan horse programs

  3. Using programming hooks to inform the kernel of Trojan horse behavior

  4. Helping you catch unexpected changes to a system utility file that might indicate it had been replaced by a Trojan horse

Answer: D

Explanation: Tripwire generates a database of the most common files and directories on your system. Once it is generated, you can then check the current state of your system against the original database and get a report of all the files that have been modified, deleted or added. This comes in handy if you allow other people access to your machine and even if you don#39;t, if someone else does get access, you#39;ll know if they tried to modify files such as /bin/login etc.

Question No: 627 – (Topic 7)

Bob is doing a password assessment for one of his clients. Bob suspects that security policies are not in place. He also suspects that weak passwords are probably the norm throughout the company he is evaluating. Bob is familiar with password weaknesses and key loggers.

Which of the following options best represents the means that Bob can adopt to retrieve passwords from his clients hosts and servers?

  1. Hardware, Software, and Sniffing.

  2. Hardware and Software Keyloggers.

  3. Passwords are always best obtained using Hardware key loggers.

  4. Software only, they are the most effective.

Answer: A

Explanation: Different types of keylogger planted into the environment would retrieve the passwords for Bob.

Question No: 628 – (Topic 7)

You are attempting to crack LM Manager hashed from Windows 2000 SAM file. You will be using LM Brute force hacking tool for decryption.

What encryption algorithm will you be decrypting?

  1. MD4

  2. DES

  3. SHA

  4. SSL

    Answer: B

    Explanation: The LM hash is computed as follows.

    1. The user’s password as an OEM string is converted to uppercase.

    2. This password is either null-padded or truncated to 14 bytes.

    3. The “fixed-length” password is split into two 7-byte halves.

    4. These values are used to create two DES keys, one from each 7-byte half.

    5. Each of these keys is used to DES-encrypt the constant ASCII string “KGS!@#$%”, resulting in two 8-byte ciphertext values.

    6. These two ciphertext values are concatenated to form a 16-byte value, which is the LM hash.

      Question No: 629 – (Topic 7)

      Password cracking programs reverse the hashing process to recover passwords.(True/False.

      1. True

      2. False

Answer: B

Explanation: Password cracking programs do not reverse the hashing process. Hashing is a one-way process. What these programs can do is to encrypt words, phrases, and characters using the same encryption process and compare them to the original password. A hashed match reveals the true password.

Question No: 630 – (Topic 7)

Which of the following is not considered to be a part of active sniffing?

  1. MAC Flooding

  2. ARP Spoofing

  3. SMAC Fueling

  4. MAC Duplicating

Answer: C

100% Free Download!
Download Free Demo:EC0-350 Demo PDF
100% Pass Guaranteed!
Download 2018 Latesttests EC0-350 Full Exam PDF and VCE

Latesttests ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2018 Latesttests IT Certification PDF and VCE

Leave a Reply