ExamGecko
Search Search Login
Home Home / ECCouncil / 312-38
Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following tools are NOT used for logging network activities in the Linux operating system? Each correct answer represents a complete solution. Choose all that apply.
Which of the following is a management process that provides a framework for promoting quick recovery and the capability for an effective response to protect the interests of its brand, reputation, and stakeholders?
John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com . He is using a tool to crack the wireless encryption keys. The description of the tool is as follows: „It is a Linux-based WLAN WEP cracking tool that recovers encryption keys. It operates by passively monitoring transmissions. It uses Ciphertext Only Attack and captures approximately 5 to 10 million packets to decrypt the WEP keys." Which of the following tools is John using to crack the wireless encryption keys?
Emmanuel works as a Windows system administrator at an MNC. He uses PowerShell to enforce the script execution policy. He wants to allow the execution of the scripts that are signed by a trusted publisher. Which ofthe following script execution policy setting this?
Which of the follow ng security models enable strict identity verification for every user or device attempting to access the network resources?
Which of the following IEEE standards defines a physical bus topology?
Which of the following standards defines Logical Link Control (LLC)?
Sam wants to implement a network-based IDS and finalizes an IDS solution that works based on pattern matching. Which type of network-based IDS is Sam implementing?
Which of the following types of RAID is also known as disk striping?
Which of the following is designed to detect unwanted changes by observing the flame of the environment associated with combustion?

Question 18 - 312-38 discussion

Report
Export

FILL BLANK

Fill in the blank with the appropriate term.

______________ is an enumeration technique used to glean information about computer systems on a network and the services running its open ports.

A.
Banner grabbing
Answers
A.
Banner grabbing
Suggested answer: A

Explanation:

Banner grabbing is an enumeration technique used to glean information about computer systems on a network and the services running its open ports.

Administrators can use this to take inventory of the systems and services on their network. An intruder however can use banner grabbing in order to find network hosts that are running versions of applications and operating systems with known exploits.

Some examples of service ports used for banner grabbing are those used by Hyper Text Transfer Protocol (HTTP), File Transfer Protocol (FTP), and Simple Mail Transfer Protocol (SMTP); ports 80, 21, and 25 respectively. Tools commonly used to perform banner grabbing are Telnet, which is included with most operating systems, and Netcat.

For example, one could establish a connection to a target host running a Web service with netcat, then send a bad html request in order to get information about the service on the host: [root@prober] nc www.targethost.com 80

HEAD / HTTP/1.1

HTTP/1.1 200 OK

Date: Mon, 11 May 2009 22:10:40 EST

Server: Apache/2.0.46 (Unix) (Red Hat/Linux)

Last-Modified: Thu, 16 Apr 2009 11:20:14 PST

ETag: "1986-69b-123a4bc6"

Accept-Ranges: bytes

Content-Length: 1110

Connection: close

Content-Type: text/html

The administrator can now catalog this system or an intruder now knows what version of Apache to look for exploits.

Show Answer
asked 18/09/2024
Spandana Gangavaram
32 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms