EC-COUNCIL EC-COUNCIL Certifications 312-50V11 Questions & Answers

• Question 91:

  An attacker attaches a rogue router in a network. He wants to redirect traffic to a LAN attached to his router as part of a man-in-the-middle attack. What measure on behalf of the legitimate admin can mitigate this attack?

  A. Make sure that legitimate network routers are configured to run routing protocols with authentication.

  B. Disable all routing protocols and only use static routes

  C. Only using OSPFv3 will mitigate this risk.

  D. Redirection of the traffic cannot happen unless the admin allows it explicitly.

  Correct Answer: A

• Question 92:

  Which of the following is not a Bluetooth attack?

  A. Bluedriving

  B. Bluesmacking

  C. Bluejacking

  D. Bluesnarfing

  Correct Answer: A

• Question 93:

  When purchasing a biometric system, one of the considerations that should be reviewed is the processing speed. Which of the following best describes what it is meant by processing?

  A. The amount of time and resources that are necessary to maintain a biometric system

  B. How long it takes to setup individual user accounts

  C. The amount of time it takes to be either accepted or rejected from when an individual provides identification and authentication information

  D. The amount of time it takes to convert biometric data into a template on a smart card

  Correct Answer: C

• Question 94:

  Susan, a software developer, wants her web API to update other applications with the latest information. For this purpose, she uses a user-defined HTTP tailback or push APIs that are raised based on trigger events: when invoked, this feature supplies data to other applications so that users can instantly receive real-time Information.

  Which of the following techniques is employed by Susan?

  A. web shells

  B. Webhooks

  C. REST API

  D. SOAP API

  Correct Answer: B

  Webhooks are one of a few ways internet applications will communicate with one another.

  It allows you to send real-time data from one application to another whenever a given event happens.

  For example, let's say you've created an application using the Foursquare API that tracks when people

  check into your restaurant. You ideally wish to be able to greet customers by name and provide a

  complimentary drink when they check in. What a webhook will is notify you any time someone checks in,

  therefore you'd be able to run any processes that you simply had in your application once this event is

  triggered. The data is then sent over the web from the application wherever the event originally occurred, to the receiving application that handles the data.

  

  Here's a visual representation of what that looks like:

  A webhook url is provided by the receiving application, and acts as a phone number that the other application will call once an event happens. Only it's more complicated than a phone number, because data about the event is shipped

  

  Here's an example of what a webhook url looks like with the payload it's carrying:

• Question 95:

  Which of the following provides a security professional with most information about the system's security posture?

  A. Phishing, spamming, sending trojans

  B. Social engineering, company site browsing tailgating

  C. Wardriving, warchalking, social engineering

  D. Port scanning, banner grabbing service identification

  Correct Answer: D

• Question 96:

  Peter is surfing the internet looking for information about DX Company. Which hacking process is Peter doing?

  A. Scanning

  B. Footprinting

  C. Enumeration

  D. System Hacking

  Correct Answer: B

• Question 97:

  Abel, a security professional, conducts penetration testing in his client organization to check for any security loopholes. He launched an attack on the DHCP servers by broadcasting forged DHCP requests and leased all the DHCP addresses available in the DHCP scope until the server could not issue any more IP addresses. This led to a Dos attack, and as a result, legitimate employees were unable to access the clients network. Which of the following attacks did Abel perform in the above scenario?

  A. VLAN hopping

  B. DHCP starvation

  C. Rogue DHCP server attack

  D. STP attack

  Correct Answer: B

  A DHCP starvation assault is a pernicious computerized assault that objectives DHCP workers. During a DHCP assault, an unfriendly entertainer floods a DHCP worker with false DISCOVER bundles until the DHCP worker debilitates its stock of IP addresses. When that occurs, the aggressor can deny genuine organization clients administration, or even stock an other DHCP association that prompts a Man-in-the-Middle (MITM) assault. In a DHCP Starvation assault, a threatening entertainer sends a huge load of false DISCOVER parcels until the DHCP worker thinks they've used their accessible pool. Customers searching for IP tends to find that there are no IP addresses for them, and they're refused assistance. Furthermore, they may search for an alternate DHCP worker, one which the unfriendly entertainer may give. What's more, utilizing a threatening or sham IP address, that unfriendly entertainer would now be able to peruse all the traffic that customer sends and gets. In an unfriendly climate, where we have a malevolent machine running some sort of an instrument like Yersinia, there could be a machine that sends DHCP DISCOVER bundles. This malevolent customer doesn't send a modest bunch ?it sends a great many vindictive DISCOVER bundles utilizing sham, madeup MAC addresses as the source MAC address for each solicitation. In the event that the DHCP worker reacts to every one of these false DHCP DISCOVER parcels, the whole IP address pool could be exhausted, and that DHCP worker could trust it has no more IP delivers to bring to the table to legitimate DHCP demands. When a DHCP worker has no more IP delivers to bring to the table, ordinarily the following thing to happen would be for the aggressor to get their own DHCP worker. This maverick DHCP worker at that point starts giving out IP addresses. The advantage of that to the assailant is that if a false DHCP worker is distributing IP addresses, including default DNS and door data, customers who utilize those IP delivers and begin to utilize that default passage would now be able to be directed through the aggressor's machine. That is all that an unfriendly entertainer requires to play out a man-in- the-center (MITM) assault.

• Question 98:

  Which of the following Google advanced search operators helps an attacker in gathering information about websites that are similar to a specified target URL?

  A. [inurl:]

  B. [related:]

  C. [info:]

  D. [site:]

  Correct Answer: B

• Question 99:

  Firewalk has just completed the second phase (the scanning phase) and a technician receives the output shown below. What conclusions can be drawn based on these scan results?

  TCP port 21 no response

  TCP port 22 no response

  TCP port 23 Time-to-live exceeded

  A. The lack of response from ports 21 and 22 indicate that those services are not running on the destination server

  B. The scan on port 23 was able to make a connection to the destination host prompting the firewall to respond with a TTL error

  C. The scan on port 23 passed through the filtering device. This indicates that port 23 was not blocked at the firewall

  D. The firewall itself is blocking ports 21 through 23 and a service is listening on port 23 of the target host

  Correct Answer: C

• Question 100:

  You need a tool that can do network intrusion prevention and intrusion detection, function as a network sniffer, and record network activity, what tool would you most likely select?

  A. Nmap

  B. Cain and Abel

  C. Nessus

  D. Snort

  Correct Answer: D