EC-COUNCIL EC-COUNCIL Certifications 312-50V11 Questions & Answers

• Question 301:

  While using your bank's online servicing you notice the following string in the URL bar:

  "http: // www. MyPersonalBank.com/account?id=368940911028389andDamount=10980andCamount=21"

  You observe that if you modify the Damount and Camount values and submit the request, that data on the web page reflects the changes.

  Which type of vulnerability is present on this site?

  A. Cookie Tampering

  B. SQL Injection

  C. Web Parameter Tampering

  D. XSS Reflection

  Correct Answer: C

• Question 302:

  Bob, an attacker, has managed to access a target loT device. He employed an online tool to gather information related to the model of the loT device and the certifications granted to it. Which of the following tools did Bob employ to gather the above Information?

  A. search.com

  B. EarthExplorer

  C. Google image search

  D. FCC ID search

  Correct Answer: D

• Question 303:

  Tony wants to integrate a 128-bit symmetric block cipher with key sizes of 128,192, or 256 bits into a software program, which involves 32 rounds of computational operations that include substitution and permutation operations on four 32-bit word blocks using 8-variable S-boxes with 4-bit entry and 4-bit exit. Which of the following algorithms includes all the above features and can be integrated by Tony into the software program?

  A. TEA

  B. CAST-128

  C. RC5

  D. serpent

  Correct Answer: D

• Question 304:

  As a Certified Ethical Hacker, you were contracted by a private firm to conduct an external security assessment through penetration testing.

  What document describes the specifics of the testing, the associated violations, and essentially protects both the organization's interest and your liabilities as a tester?

  A. Service Level Agreement

  B. Project Scope

  C. Rules of Engagement

  D. Non-Disclosure Agreement

  Correct Answer: C

• Question 305:

  At what stage of the cyber kill chain theory model does data exfiltration occur?

  A. Actions on objectives

  B. Weaponization

  C. installation

  D. Command and control

  Correct Answer: A

  The longer an adversary has this level of access, the greater the impact. Defenders must detect this stage as quickly as possible and deploy tools which can enable them to gather forensic evidence. One example would come with network packet captures, for damage assessment. Only now, after progressing through the primary six phases, can intruders take actions to realize their original objectives. Typically, the target of knowledge exfiltration involves collecting, encrypting and extracting information from the victim(s) environment; violations of knowledge integrity or availability are potential objectives also . Alternatively, and most ordinarily , the intruder may only desire access to the initial victim box to be used as a hop point to compromise additional systems and move laterally inside the network. Once this stage is identified within an environment, the implementation of prepared reaction plans must be initiated. At a minimum, the plan should include a comprehensive communication plan, detailed evidence must be elevated to the very best ranking official or board , the deployment of end-point security tools to dam data loss and preparation for briefing a CIRT Team. Having these resources well established beforehand may be a "MUST" in today's quickly evolving landscape of cybersecurity threats

• Question 306:

  A group of hackers were roaming around a bank office building in a city, driving a luxury car. They were using hacking tools on their laptop with the intention to find a free-access wireless network. What is this hacking process known as?

  A. GPS mapping

  B. Spectrum analysis

  C. Wardriving

  D. Wireless sniffing

  Correct Answer: C

• Question 307:

  env x='(){ :;};echo exploit' bash -c `cat/etc/passwd'

  What is the Shellshock bash vulnerability attempting to do on a vulnerable Linux host?

  A. Removes the passwd file

  B. Changes all passwords in passwd

  C. Add new user to the passwd file

  D. Display passwd content to prompt

  Correct Answer: D

• Question 308:

  The network in ABC company is using the network address 192.168.1.64 with mask 255.255.255.192. In the network the servers are in the addresses 192.168.1.122, 192.168.1.123 and 192.168.1.124. An attacker is trying to find those servers but he cannot see them in his scanning. The command he is using is: nmap 192.168.1.64/28.

  Why he cannot see the servers?

  A. He needs to add the command ""ip address"" just before the IP address

  B. He needs to change the address to 192.168.1.0 with the same mask

  C. He is scanning from 192.168.1.64 to 192.168.1.78 because of the mask /28 and the servers are not in that range

  D. The network must be dawn and the nmap command and IP address are ok

  Correct Answer: C

• Question 309:

  

  Identify the correct terminology that defines the above statement.

  A. Vulnerability Scanning

  B. Penetration Testing

  C. Security Policy Implementation

  D. Designing Network Security

  Correct Answer: B

• Question 310:

  An attacker changes the profile information of a particular user (victim) on the target website. The attacker uses this string to update the victim's profile to a text file and then submit the data to the attacker's database.

  < iframe src=""http://www.vulnweb.com/updateif.php"" style=""display:none"" > < /iframe >

  What is this type of attack (that can use either HTTP GET or HTTP POST) called?

  A. Browser Hacking

  B. Cross-Site Scripting

  C. SQL Injection

  D. Cross-Site Request Forgery

  Correct Answer: D