Latest EADE105 Practice Tests with Actual Questions

Get Complete pool of questions with Premium PDF and Test Engine

Exam Code : EADE105
Exam Name : ArcGIS Desktop Entry 10.5
Vendor Name : "Esri"







EC1-350 Dumps EC1-350 Braindumps

EC1-350 Real Questions EC1-350 Practice Test EC1-350 Actual Questions


killexams.com EC-Council EC1-350


Ethical Hacking and Countermeasures V7


https://killexams.com/pass4sure/exam-detail/EC1-350



Question: 250

The traditional traceroute sends out ICMP ECHO packets with a TTL of one, and increments the TTL until the destination has been reached. By printing the gateways that generate ICMP time exceeded messages along the way, it is able to determine the path packets take to reach the destination. The problem is that with the widespread use of firewalls on the Internet today, many of the packets that traceroute sends out end up being filtered, making it impossible to completely trace the path to the destination.


How would you overcome the Firewall restriction on ICMP ECHO packets?


  1. Firewalls will permit inbound TCP packets to specific ports that hosts sitting behind the firewall are listening for connections. By sending out TCP SYN packets instead of ICMP ECHO packets, traceroute can bypass the most common firewall filters.

  2. Firewalls will permit inbound UDP packets to specific ports that hosts sitting behind the firewall are listening for connections. By sending out TCP SYN packets instead of ICMP ECHO packets, traceroute can bypass the most common firewall filters.

  3. Firewalls will permit inbound UDP packets to specific ports that hosts sitting behind the firewall are listening for connections. By sending out TCP SYN packets instead of ICMP ECHO packets, traceroute can bypass the most common firewall filters.

  4. Do not use traceroute command to determine the path packets take to reach the destination instead use the custom hacking tool JOHNTHETRACER and run with the command

  5. \> JOHNTHETRACER www.eccouncil.org -F -evade




Answer: A



Question: 251

Simon is security analyst writing signatures for a Snort node he placed internally that captures all mirrored traffic from his border firewall. From the following signature, what will Snort look for in the payload of the suspected packets?

alert tcp $EXTERNAL_NET any -> $HOME_NET 27374 (msg: "BACKDOOR SIG – SubSseven 22";flags: A+; content: "|0d0a5b52504c5d3030320d0a|"; reference:arachnids,485;) alert


  1. The payload of 485 is what this Snort signature will look for.

  2. Snort will look for 0d0a5b52504c5d3030320d0a in the payload.

  3. Packets that contain the payload of BACKDOOR SIG - SubSseven 22 will be flagged.

  4. From this snort signature, packets with HOME_NET 27374 in the payload will be flagged.




Answer: B



Question: 252

You are trying to package a RAT Trojan so that Anti-Virus software will not detect it. Which of the listed technique will NOT be effective in evading Anti-Virus scanner?


  1. Convert the Trojan.exe file extension to Trojan.txt disguising as text file

  2. Break the Trojan into multiple smaller files and zip the individual pieces

  3. Change the content of the Trojan using hex editor and modify the checksum

  4. Encrypt the Trojan using multiple hashing algorithms like MD5 and SHA-1




Answer: A



Question: 253

What will the following command produce on a website's login page if executed successfully? SELECT email, passwd, login_id, full_name FROM members WHERE email

= 'someone@somewhere.com'; DROP TABLE members; --'


  1. This code will insert the someone@somewhere.com email address into the members table.

  2. This command will delete the entire members table.

  3. It retrieves the password for the first user in the members table.




Answer: B



Question: 254

Oregon Corp is fighting a litigation suit with Scamster Inc. Oregon has assigned a private investigative agency to go through garbage, recycled paper, and other rubbish at Scamster's office site in order to find relevant information. What would you call this kind of activity?


  1. CI Gathering

  2. Scanning

  3. Dumpster Diving

  4. Garbage Scooping




Answer: C



Question: 255

What type of port scan is represented here.



  1. Stealth Scan

  2. Full Scan

  3. XMAS Scan

  4. FIN Scan




Answer: A



Question: 256

is found in all versions of NTFS and is described as the ability to fork file data into existing files without affecting their functionality, size, or display to traditional file browsing utilities like dir or Windows Explorer


  1. Alternate Data Streams

  2. Merge Streams

  3. Steganography




Answer: A



Question: 257

Justin is checking some network traffic logs on his firewall. Justin finds some IP packets from a computer purporting to be on the internal network. The packets originate from 172.16.1.44 with an IPID number of 3422. The received response from 172.16.1.44 has an IPID number of 512. What can he infer from this traffic log?


  1. The traffic from 172.16.1.44 is from a Windows 7 computer.

  2. The IPID number differences means the client computer is on wireless.

  3. Traffic from 172.16.1.44 was being spoofed.

  4. The client computer at 172.16.1.44 is a zombie computer.




Answer: C



Question: 258

A company is legally liable for the content of email that is sent from its systems, regardless of whether the message was sent for private or business-related purposes. This could lead to prosecution for the sender and for the company's directors if, for example, outgoing email was found to contain material that was pornographic, racist, or likely to incite someone to commit an act of terrorism. You can always defend yourself by "ignorance of the law" clause.


  1. true

  2. false




Answer: B



Question: 259

Paul has just finished setting up his wireless network. He has enabled numerous security features such as changing the default SSID, enabling WPA encryption, and enabling MAC filtering on his wireless router. Paul notices that when he uses his wireless connection, the speed is sometimes 54 Mbps and sometimes it is only 24Mbps or less. Paul connects to his wireless router's management utility and notices that a machine with an unfamiliar name is connected through his wireless connection. Paul checks the router's logs and notices that the unfamiliar machine has the same MAC address as his laptop. What is Paul seeing here?


  1. MAC spoofing

  2. Macof

  3. ARP spoofing

  4. DNS spoofing




Answer: A



Question: 260

What two things will happen if a router receives an ICMP packet, which has a TTL value of 1, and the destination host is several hops away? (Select 2 answers)


  1. The router will discard the packet

  2. The router will decrement the TTL value and forward the packet to the next router on the path to the destination host

  3. The router will send a time exceeded message to the source host

  4. The router will increment the TTL value and forward the packet to the next router on the path to the destination host.

  5. The router will send an ICMP Redirect Message to the source host




Answer: A, C



Question: 261

Which of the following LM hashes represents a password of less than 8 characters?


A. 0182BD0BD4444BF836077A718CCDF409

B. 44EFCE164AB921CQAAD3B435B51404EE C. BA810DBA98995F1817306D272A9441BB D. CEC52EB9C8E3455DC2265B23734E0DAC E. B757BF5C0D87772FAAD3B435B51404EE F. E52CAC67419A9A224A3B108F3FA6CB6D




Answer: C, E