ExamGecko
Search Search Login
Home Home / ECCouncil / 312-50v12

ECCouncil 312-50v12 Practice Test - Questions Answers, Page 17

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

The "Gray-box testing" methodology enforces what kind of restriction?
A new wireless client is configured to join a 802.11 network. This client uses the same hardware and software as many of the other clients on the network. The client can see the network, but cannot connect. A wireless packet sniffer shows that the Wireless Access Point (WAP) is not responding to the association requests being sent by the wireless client. What is a possible source of this problem?
Clark is a professional hacker. He created and configured multiple domains pointing to the same host to switch quickly between the domains and avoid detection. Identify the behavior of the adversary In the above scenario.
In an attempt to damage the reputation of a competitor organization, Hailey, a professional hacker, gathers a list of employee and client email addresses and other related information by using various search engines, social networking sites, and web spidering tools. In this process, she also uses an automated tool to gather a list of words from the target website to further perform a brute-force attack on the previously gathered email addresses. What is the tool used by Hailey for gathering a list of words from the target website?
You are the Network Admin, and you get a complaint that some of the websites are no longer accessible. You try to ping the servers and find them to be reachable. Then you type the IP address and then you try on the browser, and find it to be accessible. But they are not accessible when you try using the URL. What may be the problem?
Which of the following types of SQL injection attacks extends the results returned by the original query, enabling attackers to run two or more statements if they have the same structure as the original one?
Upon establishing his new startup, Tom hired a cloud service provider (CSP) but was dissatisfied with their service and wanted to move to another CSP. What part of the contract might prevent him from doing so?
A pen tester is configuring a Windows laptop for a test. In setting up Wireshark, what river and library are required to allow the NIC to work in promiscuous mode?
A penetration tester was assigned to scan a large network range to find live hosts. The network is known for using strict TCP filtering rules on its firewall, which may obstruct common host discovery techniques. The tester needs a method that can bypass these firewall restrictions and accurately identify live systems. What host discovery technique should the tester use?
Attacker Rony Installed a rogue access point within an organization's perimeter and attempted to Intrude into its internal network. Johnson, a security auditor, identified some unusual traffic in the internal network that is aimed at cracking the authentication mechanism. He immediately turned off the targeted network and tested for any weak and outdated security mechanisms that are open to attack. What is the type of vulnerability assessment performed by Johnson in the above scenario?

Question 161

Report
Export
Collapse

Fingerprinting an Operating System helps a cracker because:

A.
It defines exactly what software you have installed
A.
It defines exactly what software you have installed
Answers
B.
It opens a security-delayed window based on the port being scanned
B.
It opens a security-delayed window based on the port being scanned
Answers
C.
It doesn't depend on the patches that have been applied to fix existing security holes
C.
It doesn't depend on the patches that have been applied to fix existing security holes
Answers
D.
It informs the cracker of which vulnerabilities he may be able to exploit on your system
D.
It informs the cracker of which vulnerabilities he may be able to exploit on your system
Answers
Suggested answer: D

Question 162

Report
Export
Collapse

In the context of Windows Security, what is a 'null' user?

A.
A user that has no skills
A.
A user that has no skills
Answers
B.
An account that has been suspended by the admin
B.
An account that has been suspended by the admin
Answers
C.
A pseudo account that has no username and password
C.
A pseudo account that has no username and password
Answers
D.
A pseudo account that was created for security administration purpose
D.
A pseudo account that was created for security administration purpose
Answers
Suggested answer: C

Question 163

Report
Export
Collapse

What does the following command in netcat do? nc -l -u -p55555 < /etc/passwd

A.
logs the incoming connections to /etc/passwd file
A.
logs the incoming connections to /etc/passwd file
Answers
B.
loads the /etc/passwd file to the UDP port 55555
B.
loads the /etc/passwd file to the UDP port 55555
Answers
C.
grabs the /etc/passwd file when connected to UDP port 55555
C.
grabs the /etc/passwd file when connected to UDP port 55555
Answers
D.
deletes the /etc/passwd file when connected to the UDP port 55555
D.
deletes the /etc/passwd file when connected to the UDP port 55555
Answers
Suggested answer: C

Question 164

Report
Export
Collapse

What hacking attack is challenge/response authentication used to prevent?

A.
Replay attacks
A.
Replay attacks
Answers
B.
Scanning attacks
B.
Scanning attacks
Answers
C.
Session hijacking attacks
C.
Session hijacking attacks
Answers
D.
Password cracking attacks
D.
Password cracking attacks
Answers
Suggested answer: A

Question 165

Report
Export
Collapse

In this attack, a victim receives an e-mail claiming from PayPal stating that their account has been disabled and confirmation is required before activation. The attackers then scam to collect not one but two credit card numbers, ATM PIN number and other personal details. Ignorant users usually fall prey to this scam.

Which of the following statement is incorrect related to this attack?

A.
Do not reply to email messages or popup ads asking for personal or financial information
A.
Do not reply to email messages or popup ads asking for personal or financial information
Answers
B.
Do not trust telephone numbers in e-mails or popup ads
B.
Do not trust telephone numbers in e-mails or popup ads
Answers
C.
Review credit card and bank account statements regularly
C.
Review credit card and bank account statements regularly
Answers
D.
Antivirus, anti-spyware, and firewall software can very easily detect these type of attacks
D.
Antivirus, anti-spyware, and firewall software can very easily detect these type of attacks
Answers
E.
Do not send credit card numbers, and personal or financial information via e-mail
E.
Do not send credit card numbers, and personal or financial information via e-mail
Answers
Suggested answer: D

Question 166

Report
Export
Collapse

Bob is going to perform an active session hijack against Brownies Inc. He has found a target that allows session oriented connections (Telnet) and performs the sequence prediction on the target operating system. He manages to find an active session due to the high level of traffic on the network. What is Bob supposed to do next?

A.
Take over the session
A.
Take over the session
Answers
B.
Reverse sequence prediction
B.
Reverse sequence prediction
Answers
C.
Guess the sequence numbers
C.
Guess the sequence numbers
Answers
D.
Take one of the parties offline
D.
Take one of the parties offline
Answers
Suggested answer: C

Question 167

Report
Export
Collapse

ViruXine.W32 virus hides their presence by changing the underlying executable code.

This Virus code mutates while keeping the original algorithm intact, the code changes itself each time it runs, but the function of the code (its semantics) will not change at all.

Here is a section of the Virus code:

What is this technique called?

A.
Polymorphic Virus
A.
Polymorphic Virus
Answers
B.
Metamorphic Virus
B.
Metamorphic Virus
Answers
C.
Dravidic Virus
C.
Dravidic Virus
Answers
D.
Stealth Virus
D.
Stealth Virus
Answers
Suggested answer: A

Question 168

Report
Export
Collapse

Identify the correct terminology that defines the above statement.

A.
Vulnerability Scanning
A.
Vulnerability Scanning
Answers
B.
Penetration Testing
B.
Penetration Testing
Answers
C.
Security Policy Implementation
C.
Security Policy Implementation
Answers
D.
Designing Network Security
D.
Designing Network Security
Answers
Suggested answer: B

Question 169

Report
Export
Collapse

Nathan is testing some of his network devices. Nathan is using Macof to try and flood the ARP cache of these switches.

If these switches' ARP cache is successfully flooded, what will be the result?

A.
The switches will drop into hub mode if the ARP cache is successfully flooded.
A.
The switches will drop into hub mode if the ARP cache is successfully flooded.
Answers
B.
If the ARP cache is flooded, the switches will drop into pix mode making it less susceptible to attacks.
B.
If the ARP cache is flooded, the switches will drop into pix mode making it less susceptible to attacks.
Answers
C.
Depending on the switch manufacturer, the device will either delete every entry in its ARP cache or reroute packets to the nearest switch.
C.
Depending on the switch manufacturer, the device will either delete every entry in its ARP cache or reroute packets to the nearest switch.
Answers
D.
The switches will route all traffic to the broadcast address created collisions.
D.
The switches will route all traffic to the broadcast address created collisions.
Answers
Suggested answer: A

Question 170

Report
Export
Collapse

You are programming a buffer overflow exploit and you want to create a NOP sled of 200 bytes in the program exploit.c

What is the hexadecimal value of NOP instruction?

A.
0x60
A.
0x60
Answers
B.
0x80
B.
0x80
Answers
C.
0x70
C.
0x70
Answers
D.
0x90
D.
0x90
Answers
Suggested answer: D
Total 573 questions
Go to page: of 58
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms