EC-COUNCIL EC-COUNCIL Certifications 312-50 Questions & Answers

• Question 621:

  What type of session hijacking attack is shown in the exhibit?

  

  A. Session Sniffing Attack

  B. Cross-site scripting Attack

  C. SQL Injection Attack

  D. Token sniffing Attack

  Correct Answer: A

• Question 622:

  Which port, when configured on a switch receives a copy of every packet that passes through it?

  

  A. R-DUPE Port

  B. MIRROR port

  C. SPAN port

  D. PORTMON

  Correct Answer: C

• Question 623:

  Attackers send an ACK probe packet with random sequence number, no response means port is filtered (Stateful firewall is present) and RST response means the port is not filtered. What type of Port Scanning is this?

  A. RST flag scanning

  B. FIN flag scanning

  C. SYN flag scanning

  D. ACK flag scanning

  Correct Answer: D

• Question 624:

  What type of encryption does WPA2 use?

  A. DES 64 bit

  B. AES-CCMP 128 bit

  C. MD5 48 bit

  D. SHA 160 bit

  Correct Answer: B

• Question 625:

  Charlie is the network administrator for his company. Charlie just received a new Cisco router and wants to test its capabilities out and to see if it might be susceptible to a DoS attack resulting in its locking up. The IP address of the Cisco switch is 172.16.0.45. What command can Charlie use to attempt this task?

  A. Charlie can use the command: ping -l 56550 172.16.0.45 -t.

  B. Charlie can try using the command: ping 56550 172.16.0.45.

  C. By using the command ping 172.16.0.45 Charlie would be able to lockup the router

  D. He could use the command: ping -4 56550 172.16.0.45.

  Correct Answer: A

• Question 626:

  One of the ways to map a targeted network for live hosts is by sending an ICMP ECHO request to the broadcast or the network address. The request would be broadcasted to all hosts on the targeted network. The live hosts will send an ICMP ECHO Reply to the attacker's source IP address.

  You send a ping request to the broadcast address 192.168.5.255.

  

  There are 40 computers up and running on the target network. Only 13 hosts send a reply while others do not. Why?

  A. Windows machines will not generate an answer (ICMP ECHO Reply) to an ICMP ECHO request aimed at the broadcast address or at the network address.

  B. Linux machines will not generate an answer (ICMP ECHO Reply) to an ICMP ECHO request aimed at the broadcast address or at the network address.

  C. You should send a ping request with this command ping ? 192.168.5.0-255

  D. You cannot ping a broadcast address. The above scenario is wrong.

  Correct Answer: A

• Question 627:

  NetBIOS over TCP/IP allows files and/or printers to be shared over the network. You are trying to intercept the traffic from a victim machine to a corporate network printer. You are attempting to hijack the printer network connection from your laptop by sniffing the wire. Which port does SMB over TCP/IP use?

  A. 443

  B. 139

  C. 179

  D. 445

  Correct Answer: D

• Question 628:

  In which location, SAM hash passwords are stored in Windows 7?

  A. c:\windows\system32\config\SAM

  B. c:\winnt\system32\machine\SAM

  C. c:\windows\etc\drivers\SAM

  D. c:\windows\config\etc\SAM

  Correct Answer: A

• Question 629:

  File extensions provide information regarding the underlying server technology. Attackers can use this information to search vulnerabilities and launch attacks. How would you disable file extensions in Apache servers?

  A. Use disable-eXchange

  B. Use mod_negotiation

  C. Use Stop_Files

  D. Use Lib_exchanges

  Correct Answer: B

• Question 630:

  How do you defend against MAC attacks on a switch?

  

  A. Disable SPAN port on the switch

  B. Enable SNMP Trap on the switch

  C. Configure IP security on the switch

  D. Enable Port Security on the switch

  Correct Answer: D