EC-COUNCIL EC-COUNCIL Certifications 312-50V11 Questions & Answers

• Question 101:

  Eve is spending her day scanning the library computers. She notices that Alice is using a computer whose port 445 is active and listening. Eve uses the ENUM tool to enumerate Alice machine. From the command prompt, she types the following command.

  

  What is Eve trying to do?

  A. Eve is trying to connect as a user with Administrator privileges

  B. Eve is trying to enumerate all users with Administrative privileges

  C. Eve is trying to carry out a password crack for user Administrator

  D. Eve is trying to escalate privilege of the null user to that of Administrator

  Correct Answer: C

• Question 102:

  Chandler works as a pen-tester in an IT-firm in New York. As a part of detecting viruses in the systems, he uses a detection method where the anti-virus executes the malicious codes on a virtual machine to simulate CPU and memory activities. Which type of virus detection method did Chandler use in this context?

  A. Heuristic Analysis

  B. Code Emulation

  C. Scanning

  D. Integrity checking

  Correct Answer: B

• Question 103:

  Why is a penetration test considered to be more thorough than vulnerability scan?

  A. Vulnerability scans only do host discovery and port scanning by default.

  B. A penetration test actively exploits vulnerabilities in the targeted infrastructure, while a vulnerability scan does not typically involve active exploitation.

  C. It is not ?a penetration test is often performed by an automated tool, while a vulnerability scan requires active engagement.

  D. The tools used by penetration testers tend to have much more comprehensive vulnerability databases.

  Correct Answer: B

• Question 104:

  What hacking attack is challenge/response authentication used to prevent?

  A. Replay attacks

  B. Scanning attacks

  C. Session hijacking attacks

  D. Password cracking attacks

  Correct Answer: A

• Question 105:

  While scanning with Nmap, Patin found several hosts which have the IP ID of incremental sequences. He then decided to conduct: nmap -Pn -p- -si kiosk.adobe.com www.riaa.com. kiosk.adobe.com is the host with incremental IP ID sequence. What is the purpose of using "-si" with Nmap?

  A. Conduct stealth scan

  B. Conduct ICMP scan

  C. Conduct IDLE scan

  D. Conduct silent scan

  Correct Answer: A

• Question 106:

  Vlady works in a fishing company where the majority of the employees have very little understanding of IT let alone IT Security. Several information security issues that Vlady often found includes, employees sharing password, writing his/her password on a post it note and stick it to his/her desk, leaving the computer unlocked, didn't log out from emails or other social media accounts, and etc.

  After discussing with his boss, Vlady decided to make some changes to improve the security environment in his company. The first thing that Vlady wanted to do is to make the employees understand the importance of keeping confidential information, such as password, a secret and they should not share it with other persons.

  Which of the following steps should be the first thing that Vlady should do to make the employees in his company understand to importance of keeping confidential information a secret?

  A. Warning to those who write password on a post it note and put it on his/her desk

  B. Developing a strict information security policy

  C. Information security awareness training

  D. Conducting a one to one discussion with the other employees about the importance of information security

  Correct Answer: A

• Question 107:

  Nicolas just found a vulnerability on a public-facing system that is considered a zero-day vulnerability. He sent an email to the owner of the public system describing the problem and how the owner can protect themselves from that vulnerability. He also sent an email to Microsoft informing them of the problem that their systems are exposed to. What type of hacker is Nicolas?

  A. Red hat

  B. white hat

  C. Black hat

  D. Gray hat

  Correct Answer: B

  A white hat (or a white hat hacker) is an ethical computer hacker, or a computer security expert, who focuses on penetration testing and in other testing methodologies that ensures the safety of an organization's information systems. Ethical hacking may be a term meant to imply a broader category than simply penetration testing. Contrasted with black hat, a malicious hacker, the name comes from Western films, where heroic and antagonistic cowboys might traditionally wear a white and a black hat respectively. While a white hat hacker hacks under good intentions with permission, and a black hat hacker, most frequently unauthorized, has malicious intent, there's a 3rd kind referred to as a gray hat hacker who hacks with good intentions but sometimes without permission.White hat hackers can also add teams called "sneakers and/or hacker clubs",red teams, or tiger teams.While penetration testing concentrates on attacking software and computer systems from the beginning ?scanning ports, examining known defects in protocols and applications running on the system and patch installations, as an example ?ethical hacking may include other things. A full-blown ethical hack might include emailing staff to invite password details, searching through executive's dustbins and typically breaking and entering, without the knowledge and consent of the targets. Only the owners, CEOs and Board Members (stake holders) who asked for such a censoring of this magnitude are aware. to undertake to duplicate a number of the destructive techniques a true attack might employ, ethical hackers may arrange for cloned test systems, or organize a hack late in the dark while systems are less critical. In most up-to-date cases these hacks perpetuate for the long-term con (days, if not weeks, of long-term human infiltration into an organization). Some examples include leaving USB/flash key drives with hidden auto-start software during a public area as if someone lost the tiny drive and an unsuspecting employee found it and took it.Some other methods of completing these include:?DoS attacks?Social engineering tactics?Reverse engineering? Network security?Disk and memory forensics?Vulnerability research?Security scanners such as:?W3af?Nessus?Burp suite? Frameworks such as:?Metasploit?Training PlatformsThese methods identify and exploit known security vulnerabilities and plan to evade security to realize entry into secured areas. they're ready to do that by hiding software and system `back-doors' which will be used as a link to information or access that a non-ethical hacker, also referred to as `black-hat' or `grey-hat', might want to succeed in .

• Question 108:

  Which Metasploit Framework tool can help penetration tester for evading Anti-virus Systems?

  A. msfpayload

  B. msfcli

  C. msfd

  D. msfencode

  Correct Answer: D

• Question 109:

  Attacker Rony Installed a rogue access point within an organization's perimeter and attempted to Intrude into its internal network. Johnson, a security auditor, identified some unusual traffic in the internal network that is aimed at cracking the authentication mechanism. He immediately turned off the targeted network and tested for any weak and outdated security mechanisms that are open to attack. What is the type of vulnerability assessment performed by Johnson in the above scenario?

  A. Distributed assessment

  B. Wireless network assessment

  C. Most-based assessment

  D. Application assessment

  Correct Answer: B

  Expanding your network capabilities are often done well using wireless networks, but it also can be a source of harm to your data system . Deficiencies in its implementations or configurations can allow tip to be accessed in an unauthorized manner.This makes it imperative to closely monitor your wireless network while also conducting periodic Wireless Network assessment.It identifies flaws and provides an unadulterated view of exactly how vulnerable your systems are to malicious and unauthorized accesses.Identifying misconfigurations and inconsistencies in wireless implementations and rogue access points can improve your security posture and achieve compliance with regulatory frameworks.

• Question 110:

  Which of the following tools performs comprehensive tests against web servers, including dangerous files and CGIs?

  A. Nikto

  B. John the Ripper

  C. Dsniff

  D. Snort

  Correct Answer: A