CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. EC0-350

Free EC0-350 Exam Braindumps (page: 17)

Page 16 of 191
PDF with 878 Questions

Which of the following activities will NOT be considered as passive footprinting?

  1. Go through the rubbish to find out any information that might have been discarded.
  2. Search on financial site such as Yahoo Financial to identify assets.
  3. Scan the range of IP address found in the target DNS database.
  4. Perform multiples queries using a search engine.

Answer(s): C

Explanation:

Passive footprinting is a method in which the attacker never makes contact with the target systems. Scanning the range of IP addresses found in the target DNS is considered making contact to the systems behind the IP addresses that is targeted by the scan.



What is the key advantage of Session Hijacking?

  1. It can be easily done and does not require sophisticated skills.
  2. You can take advantage of an authenticated connection.
  3. You can successfully predict the sequence number generation.
  4. You cannot be traced in case the hijack is detected.

Answer(s): B

Explanation:

As an attacker you don’t have to steal an account and password in order to take advantage of an authenticated connection.



You wish to determine the operating system and type of web server being used. At the same time you wish to arouse no suspicion within the target organization.
While some of the methods listed below work, which holds the least risk of detection?

  1. Make some phone calls and attempt to retrieve the information using social engineering.
  2. Use nmap in paranoid mode and scan the web server.
  3. Telnet to the web server and issue commands to illicit a response.
  4. Use the netcraft web site look for the target organization’s web site.

Answer(s): D

Explanation:

Netcraft is providing research data and analysis on many aspects of the Internet. Netcraft has explored the Internet since 1995 and is a respected authority on the market share of web servers, operating systems, hosting providers, ISPs, encrypted transactions, electronic commerce, scripting languages and content technologies on the internet.



What is the most common vehicle for social engineering attacks?

  1. Phone
  2. Email
  3. In person
  4. P2P Networks

Answer(s): A

Explanation:

Pretexting is the act of creating and using an invented scenario (the pretext) to persuade a target to release information or perform an action and is usually done over the telephone.






Post your Comments and Discuss EC-Council EC0-350 exam with other Community members:

EC0-350 Discussions & Posts