ExamGecko
Search Search Login
Home Home / ECCouncil / 312-50v12

ECCouncil 312-50v12 Practice Test - Questions Answers, Page 15

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

The "Gray-box testing" methodology enforces what kind of restriction?
A new wireless client is configured to join a 802.11 network. This client uses the same hardware and software as many of the other clients on the network. The client can see the network, but cannot connect. A wireless packet sniffer shows that the Wireless Access Point (WAP) is not responding to the association requests being sent by the wireless client. What is a possible source of this problem?
Clark is a professional hacker. He created and configured multiple domains pointing to the same host to switch quickly between the domains and avoid detection. Identify the behavior of the adversary In the above scenario.
In an attempt to damage the reputation of a competitor organization, Hailey, a professional hacker, gathers a list of employee and client email addresses and other related information by using various search engines, social networking sites, and web spidering tools. In this process, she also uses an automated tool to gather a list of words from the target website to further perform a brute-force attack on the previously gathered email addresses. What is the tool used by Hailey for gathering a list of words from the target website?
You are the Network Admin, and you get a complaint that some of the websites are no longer accessible. You try to ping the servers and find them to be reachable. Then you type the IP address and then you try on the browser, and find it to be accessible. But they are not accessible when you try using the URL. What may be the problem?
Which of the following types of SQL injection attacks extends the results returned by the original query, enabling attackers to run two or more statements if they have the same structure as the original one?
Upon establishing his new startup, Tom hired a cloud service provider (CSP) but was dissatisfied with their service and wanted to move to another CSP. What part of the contract might prevent him from doing so?
A pen tester is configuring a Windows laptop for a test. In setting up Wireshark, what river and library are required to allow the NIC to work in promiscuous mode?
A penetration tester was assigned to scan a large network range to find live hosts. The network is known for using strict TCP filtering rules on its firewall, which may obstruct common host discovery techniques. The tester needs a method that can bypass these firewall restrictions and accurately identify live systems. What host discovery technique should the tester use?
Attacker Rony Installed a rogue access point within an organization's perimeter and attempted to Intrude into its internal network. Johnson, a security auditor, identified some unusual traffic in the internal network that is aimed at cracking the authentication mechanism. He immediately turned off the targeted network and tested for any weak and outdated security mechanisms that are open to attack. What is the type of vulnerability assessment performed by Johnson in the above scenario?

Question 141

Report
Export
Collapse

The following is an entry captured by a network IDS. You are assigned the task of analyzing this entry.

You notice the value 0x90, which is the most common NOOP instruction for the Intel processor. You figure that the attacker is attempting a buffer overflow attack.

You also notice "/bin/sh" in the ASCII part of the output.

As an analyst what would you conclude about the attack?

A.
The buffer overflow attack has been neutralized by the IDS
A.
The buffer overflow attack has been neutralized by the IDS
Answers
B.
The attacker is creating a directory on the compromised machine
B.
The attacker is creating a directory on the compromised machine
Answers
C.
The attacker is attempting a buffer overflow attack and has succeeded
C.
The attacker is attempting a buffer overflow attack and has succeeded
Answers
D.
The attacker is attempting an exploit that launches a command-line shell
D.
The attacker is attempting an exploit that launches a command-line shell
Answers
Suggested answer: D

Question 142

Report
Export
Collapse

Based on the following extract from the log of a compromised machine, what is the hacker really trying to steal?

A.
har.txt
A.
har.txt
Answers
B.
SAM file
B.
SAM file
Answers
C.
wwwroot
C.
wwwroot
Answers
D.
Repair file
D.
Repair file
Answers
Suggested answer: B

Question 143

Report
Export
Collapse

As a securing consultant, what are some of the things you would recommend to a company to ensure DNS security?

A.
Use the same machines for DNS and other applications
A.
Use the same machines for DNS and other applications
Answers
B.
Harden DNS servers
B.
Harden DNS servers
Answers
C.
Use split-horizon operation for DNS servers
C.
Use split-horizon operation for DNS servers
Answers
D.
Restrict Zone transfers
D.
Restrict Zone transfers
Answers
E.
Have subnet diversity between DNS servers
E.
Have subnet diversity between DNS servers
Answers
Suggested answer: B, C, D, E

Question 144

Report
Export
Collapse

Why would you consider sending an email to an address that you know does not exist within the company you are performing a Penetration Test for?

A.
To determine who is the holder of the root account
A.
To determine who is the holder of the root account
Answers
B.
To perform a DoS
B.
To perform a DoS
Answers
C.
To create needless SPAM
C.
To create needless SPAM
Answers
D.
To illicit a response back that will reveal information about email servers and how they treat undeliverable mail
D.
To illicit a response back that will reveal information about email servers and how they treat undeliverable mail
Answers
E.
To test for virus protection
E.
To test for virus protection
Answers
Suggested answer: D

Question 145

Report
Export
Collapse

What tool can crack Windows SMB passwords simply by listening to network traffic?

A.
This is not possible
A.
This is not possible
Answers
B.
Netbus
B.
Netbus
Answers
C.
NTFSDOS
C.
NTFSDOS
Answers
D.
L0phtcrack
D.
L0phtcrack
Answers
Suggested answer: D

Question 146

Report
Export
Collapse

A network admin contacts you. He is concerned that ARP spoofing or poisoning might occur on his network. What are some things he can do to prevent it? Select the best answers.

A.
Use port security on his switches.
A.
Use port security on his switches.
Answers
B.
Use a tool like ARPwatch to monitor for strange ARP activity.
B.
Use a tool like ARPwatch to monitor for strange ARP activity.
Answers
C.
Use a firewall between all LAN segments.
C.
Use a firewall between all LAN segments.
Answers
D.
If you have a small network, use static ARP entries.
D.
If you have a small network, use static ARP entries.
Answers
E.
Use only static IP addresses on all PC's.
E.
Use only static IP addresses on all PC's.
Answers
Suggested answer: A, B, D

Question 147

Report
Export
Collapse

Peter, a Network Administrator, has come to you looking for advice on a tool that would help him perform SNMP enquires over the network.

Which of these tools would do the SNMP enumeration he is looking for? Select the best answers.

A.
SNMPUtil
A.
SNMPUtil
Answers
B.
SNScan
B.
SNScan
Answers
C.
SNMPScan
C.
SNMPScan
Answers
D.
Solarwinds IP Network Browser
D.
Solarwinds IP Network Browser
Answers
E.
NMap
E.
NMap
Answers
Suggested answer: A, B, D

Question 148

Report
Export
Collapse

If a token and 4-digit personal identification number (PIN) are used to access a computer system and the token performs off-line checking for the correct PIN, what type of attack is possible?

A.
Birthday
A.
Birthday
Answers
B.
Brute force
B.
Brute force
Answers
C.
Man-in-the-middle
C.
Man-in-the-middle
Answers
D.
Smurf
D.
Smurf
Answers
Suggested answer: B

Question 149

Report
Export
Collapse

Bob is doing a password assessment for one of his clients. Bob suspects that security policies are not in place. He also suspects that weak passwords are probably the norm throughout the company he is evaluating. Bob is familiar with password weaknesses and key loggers.

Which of the following options best represents the means that Bob can adopt to retrieve passwords from his clients hosts and servers?

A.
Hardware, Software, and Sniffing.
A.
Hardware, Software, and Sniffing.
Answers
B.
Hardware and Software Keyloggers.
B.
Hardware and Software Keyloggers.
Answers
C.
Passwords are always best obtained using Hardware key loggers.
C.
Passwords are always best obtained using Hardware key loggers.
Answers
D.
Software only, they are the most effective.
D.
Software only, they are the most effective.
Answers
Suggested answer: A

Question 150

Report
Export
Collapse

Study the snort rule given below:

From the options below, choose the exploit against which this rule applies.

A.
WebDav
A.
WebDav
Answers
B.
SQL Slammer
B.
SQL Slammer
Answers
C.
MS Blaster
C.
MS Blaster
Answers
D.
MyDoom
D.
MyDoom
Answers
Suggested answer: C
Total 573 questions
Go to page: of 58
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms