CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. EC0-350

Free EC0-350 Exam Braindumps (page: 11)

Page 10 of 191
PDF with 878 Questions

User which Federal Statutes does FBI investigate for computer crimes involving e-mail scams and mail fraud?

  1. 18 U.S.C 1029 Possession of Access Devices
  2. 18 U.S.C 1030 Fraud and related activity in connection with computers
  3. 18 U.S.C 1343 Fraud by wire, radio or television
  4. 18 U.S.C 1361 Injury to Government Property
  5. 18 U.S.C 1362 Government communication systems
  6. 18 U.S.C 1831 Economic Espionage Act
  7. 18 U.S.C 1832 Trade Secrets Act

Answer(s): B

Explanation:

http://www.law.cornell.edu/uscode/html/uscode18/usc_sec_18_00001030----000-.html



John is using tokens for the purpose of strong authentication. He is not confident that his security is considerably strong.
In the context of Session hijacking why would you consider this as a false sense of security?

  1. The token based security cannot be easily defeated.
  2. The connection can be taken over after authentication.
  3. A token is not considered strong authentication.
  4. Token security is not widely used in the industry.

Answer(s): B

Explanation:

A token will give you a more secure authentication, but the tokens will not help against attacks that are directed against you after you have been authenticated.



You have successfully run a buffer overflow attack against a default IIS installation running on a Windows 2000 Server. The server allows you to spawn a shell. In order to perform the actions you intend to do, you need elevated permission. You need to know what your current privileges are within the shell. Which of the following options would be your current privileges?

  1. Administrator
  2. IUSR_COMPUTERNAME
  3. LOCAL_SYSTEM
  4. Whatever account IIS was installed with

Answer(s): C

Explanation:

If you manage to get the system to start a shell for you, that shell will be running as LOCAL_SYSTEM.



Why is Social Engineering considered attractive by hackers and also adopted by experts in the field?

  1. It is done by well known hackers and in movies as well.
  2. It does not require a computer in order to commit a crime.
  3. It is easy and extremely effective to gain information.
  4. It is not considered illegal.

Answer(s): C

Explanation:

Social engineering is a collection of techniques used to manipulate people into performing actions or divulging confidential information. While similar to a confidence trick or simple fraud, the term typically applies to trickery for information gathering or computer system access and in most (but not all) cases the attacker never comes face-to-face with the victim. The term has been popularized in recent years by well known (reformed) computer criminal and security consultant Kevin Mitnick who points out that it's much easier to trick someone into giving you his or her password for a system than to spend the effort to hack in. He claims it to be the single most effective method in his arsenal.






Post your Comments and Discuss EC-Council EC0-350 exam with other Community members:

EC0-350 Discussions & Posts