EC-COUNCIL EC-COUNCIL Certifications 312-50V11 Questions & Answers

• Question 141:

  Which of the following are well known password-cracking programs?

  A. L0phtcrack

  B. NetCat

  C. Jack the Ripper

  D. Netbus

  E. John the Ripper

  Correct Answer: AE

• Question 142:

  Taylor, a security professional, uses a tool to monitor her company's website, analyze the website's traffic, and track the geographical location of the users visiting the company's website. Which of the following tools did Taylor employ in the above scenario?

  A. WebSite Watcher

  B. web-Stat

  C. Webroot

  D. WAFW00F

  Correct Answer: B

  Increase your web site's performance and grow! Add Web-Stat to your site (it's free!) and watch individuals act together with your pages in real time. Learn how individuals realize your web site. Get details concerning every visitor's path through your web site and track pages that flip browsers into consumers. One-click install. observe locations, in operation systems, browsers and screen sizes and obtain alerts for new guests and conversions

• Question 143:

  Alex, a cloud security engineer working in Eyecloud Inc. is tasked with isolating applications from the underlying infrastructure and stimulating communication via well- defined channels. For this purpose, he used an open-source technology that helped him in developing, packaging, and running applications; further, the technology provides PaaS through OS-level visualization, delivers containerized software packages, and promotes fast software delivery. What is the cloud technology employed by Alex in the above scenario?

  A. Virtual machine

  B. Serverless computing

  C. Docker

  D. Zero trust network

  Correct Answer: C

• Question 144:

  Which of the following programming languages is most susceptible to buffer overflow attacks, due to its lack of a built-in bounds checking mechanism?

  Code:

  #include int main(){char buffer[8];

  strcpy(buffer, ""11111111111111111111111111111"");} Output: Segmentation fault

  A. C#

  B. Python

  C. Java

  D. C++

  Correct Answer: D

• Question 145:

  Kate dropped her phone and subsequently encountered an issue with the phone's internal speaker. Thus, she is using the phone's loudspeaker for phone calls and other activities. Bob, an attacker, takes advantage of this vulnerability and secretly exploits the hardware of Kate's phone so that he can monitor the loudspeaker's output from data sources such as voice assistants, multimedia messages, and audio files by using a malicious app to breach speech privacy. What is the type of attack Bob performed on Kate in the above scenario?

  A. Man-in-the-disk attack

  B. aLTEr attack

  C. SIM card attack

  D. Spearphone attack

  Correct Answer: D

• Question 146:

  Which of the following is a command line packet analyzer similar to GUI-based Wireshark?

  A. nessus

  B. tcpdump

  C. ethereal

  D. jack the ripper

  Correct Answer: B

• Question 147:

  In the field of cryptanalysis, what is meant by a "rubber-hose" attack?

  A. Attempting to decrypt cipher text by making logical assumptions about the contents of the original plain text.

  B. Extraction of cryptographic secrets through coercion or torture.

  C. Forcing the targeted key stream through a hardware-accelerated device such as an ASIC.

  D. A backdoor placed into a cryptographic algorithm by its creator.

  Correct Answer: B

• Question 148:

  Sam is a penetration tester hired by Inception Tech, a security organization. He was asked to perform port scanning on a target host in the network. While performing the given task, Sam sends FIN/ACK probes and determines that an RST packet is sent in response by the target host, indicating that the port is closed.

  What is the port scanning technique used by Sam to discover open ports?

  A. Xmas scan

  B. IDLE/IPID header scan

  C. TCP Maimon scan

  D. ACK flag probe scan

  Correct Answer: D

• Question 149:

  While performing online banking using a Web browser, a user receives an email that contains a link to an interesting Web site. When the user clicks on the link, another Web browser session starts and displays a video of cats playing a piano. The next business day, the user receives what looks like an email from his bank, indicating that his bank account has been accessed from a foreign country. The email asks the user to call his bank and verify the authorization of a funds transfer that took place. What Web browser-based security vulnerability was exploited to compromise the user?

  A. Clickjacking

  B. Cross-Site Scripting

  C. Cross-Site Request Forgery D. Web form input validation

  Correct Answer: C

  Cross Site Request Forgery (XSRF) was committed against the poor individual. Fortunately the user's bank checked with the user prior to sending the funds. If it would be Cross Site Request Forgery than transaction shouldn't be shown from foreign country. Because CSRF sends request from current user session. It seems XSS attack where attacker stolen the cookie and made a transaction using that cookie from foreign country.

• Question 150:

  To create a botnet. the attacker can use several techniques to scan vulnerable machines. The attacker first collects Information about a large number of vulnerable machines to create a list. Subsequently, they infect the machines. The list Is divided by assigning half of the list to the newly compromised machines. The scanning process runs simultaneously. This technique ensures the spreading and installation of malicious code in little time.

  Which technique is discussed here?

  A. Hit-list-scanning technique

  B. Topological scanning technique

  C. Subnet scanning technique

  D. Permutation scanning technique

  Correct Answer: A

  One of the biggest problems a worm faces in achieving a very fast rate of infection is "getting off the ground." although a worm spreads exponentially throughout the early stages of infection, the time needed to infect say the first 10,000 hosts dominates the infection time. There is a straightforward way for an active worm a simple this obstacle, that we term hit- list scanning. Before the worm is free, the worm author collects a listing of say ten,000 to 50,000 potentially vulnerable machines, ideally ones with sensible network connections. The worm, when released onto an initial machine on this hit-list, begins scanning down the list. once it infects a machine, it divides the hit-list in half, communicating half to the recipient worm, keeping the other half. This fast division ensures that even if only 10-20% of the machines on the hit-list are actually vulnerable, an active worm can quickly bear the hit-list and establish itself on all vulnerable machines in only some seconds. though the hit-list could begin at 200 kilobytes, it quickly shrinks to nothing during the partitioning. This provides a great benefit in constructing a quick worm by speeding the initial infection. The hit-list needn't be perfect: a simple list of machines running a selected server sort could serve, though larger accuracy can improve the unfold. The hit-list itself is generated victimization one or many of the following techniques, ready well before, typically with very little concern of detection. Stealthy scans. Portscans are so common and then wide ignored that even a quick scan of the whole net would be unlikely to attract law enforcement attention or over gentle comment within the incident response community. However, for attackers wish to be particularly careful, a randomised sneaky scan taking many months would be not possible to attract much attention, as most intrusion detection systems are not currently capable of detecting such low-profile scans. Some portion of the scan would be out of date by the time it had been used, however abundant of it'd not. Distributed scanning. an assailant might scan the web using a few dozen to some thousand already-compromised "zombies," the same as what DDOS attackers assemble in a very fairly routine fashion. Such distributed scanning has already been seen within the wildawrence Berkeley National Laboratory received ten throughout the past year. DNS searches. Assemble a list of domains (for example, by using wide offered spam mail lists, or trolling the address registries). The DNS will then be searched for the science addresses of mail-servers (via mx records) or net servers (by looking for www.domain.com). Spiders. For net server worms (like Code Red), use Web-crawling techniques the same as search engines so as to produce a list of most Internet-connected web sites. this would be unlikely to draw in serious attention. Public surveys. for many potential targets there may be surveys available listing them, like the Netcraft survey. Just listen. Some applications, like peer-to-peer networks, wind up advertising many of their servers. Similarly, many previous worms effectively broadcast that the infected machine is vulnerable to further attack. easy, because of its widespread scanning, during the Code Red I infection it was easy to select up the addresses of upwards of 300,000 vulnerable IIS serversecause each came knock on everyone's door!