EC-COUNCIL EC-COUNCIL Certifications 312-50V11 Questions & Answers

• Question 411:

  An organization is performing a vulnerability assessment tor mitigating threats. James, a pen tester, scanned the organization by building an inventory of the protocols found on the organization's machines to detect which ports are attached to services such as an email server, a web server or a database server. After identifying the services, he selected the vulnerabilities on each machine and started executing only the relevant tests. What is the type of vulnerability assessment solution that James employed in the above scenario?

  A. Product-based solutions

  B. Tree-based assessment

  C. Service-based solutions

  D. inference-based assessment

  Correct Answer: C

  As systems approaches to the event of biological models become more mature, attention is increasingly that specialize in the matter of inferring parameter values within those models from experimental data. However, particularly for nonlinear models, it's not obvious, either from inspection of the model or from the experimental data, that the inverse problem of parameter fitting will have a singular solution, or maybe a non-unique solution that constrains the parameters to lie within a plausible physiological range. Where parameters can't be constrained they're termed `unidentifiable'. We specialise in gaining insight into the causes of unidentifiability using inference-based methods, and compare a recently developed measure-theoretic approach to inverse sensitivity analysis to the favored Markov chain Monte Carlo and approximate Bayesian computation techniques for Bayesian inference. All three approaches map the uncertainty in quantities of interest within the output space to the probability of sets of parameters within the input space. The geometry of those sets demonstrates how unidentifiability are often caused by parameter compensation and provides an intuitive approach to inference-based experimental design.

• Question 412:

  During the enumeration phase. Lawrence performs banner grabbing to obtain information such as OS details and versions of services running. The service that he enumerated runs directly on TCP port 445.

  Which of the following services is enumerated by Lawrence in this scenario?

  A. Server Message Block (SMB)

  B. Network File System (NFS)

  C. Remote procedure call (RPC)

  D. Telnet

  Correct Answer: A

  Worker Message Block (SMB) is an organization document sharing and information texture convention. SMB is utilized by billions of gadgets in a different arrangement of working frameworks, including Windows, MacOS, iOS , Linux, and Android. Customers use SMB to get to information on workers. This permits sharing of records, unified information the board, and brought down capacity limit needs for cell phones. Workers additionally use SMB as a feature of the Software- characterized Data Center for outstanding burdens like grouping and replication. Since SMB is a far off record framework, it requires security from assaults where a Windows PC may be fooled into reaching a pernicious worker running inside a confided in organization or to a far off worker outside the organization edge. Firewall best practices and arrangements can upgrade security keeping malevolent traffic from leaving the PC or its organization. For Windows customers and workers that don't have SMB shares, you can obstruct all inbound SMB traffic utilizing the Windows Defender Firewall to keep far off associations from malignant or bargained gadgets. In the Windows Defender Firewall, this incorporates the accompanying inbound principles.

  

  You should also create a new blocking rule to override any other inbound firewall rules. Use the following suggested settings for any Windows clients or servers that do not host SMB Shares: Name: Block all inbound SMB 445 Description: Blocks all inbound SMB TCP 445 traffic. Not to be applied to domain controllers or computers that host SMB shares. Action: Block the connection Programs: All Remote Computers: Any Protocol Type: TCP Local Port: 445 Remote Port: Any Profiles: All Scope (Local IP Address): Any Scope (Remote IP Address): Any Edge Traversal: Block edge traversal You must not globally block inbound SMB traffic to domain controllers or file servers. However, you can restrict access to them from trusted IP ranges and devices to lower their attack surface. They should also be restricted to Domain or Private firewall profiles and not allow Guest/Public traffic.

• Question 413:

  Emily, an extrovert obsessed with social media, posts a large amount of private information, photographs, and location tags of recently visited places. Realizing this. James, a professional hacker, targets Emily and her acquaintances, conducts a location search to detect their geolocation by using an automated tool, and gathers information to perform other sophisticated attacks. What is the tool employed by James in the above scenario?

  A. ophcrack

  B. Hootsuite

  C. VisualRoute

  D. HULK

  Correct Answer: B

  Hootsuite may be a social media management platform that covers virtually each side of a social media manager's role. With only one platform users area unit ready to do the easy stuff like reverend cool content and schedule posts on social media in all the high to managing team members and measure ROI. There area unit many totally different plans to decide on from, from one user set up up to a bespoken enterprise account that's appropriate for much larger organizations.

• Question 414:

  Which of the following Linux commands will resolve a domain name into IP address?

  A. >host-t a hackeddomain.com

  B. >host-t ns hackeddomain.com

  C. >host -t soa hackeddomain.com

  D. >host -t AXFR hackeddomain.com

  Correct Answer: A

• Question 415:

  Windows LAN Manager (LM) hashes are known to be weak.

  Which of the following are known weaknesses of LM? (Choose three.)

  A. Converts passwords to uppercase.

  B. Hashes are sent in clear text over the network.

  C. Makes use of only 32-bit encryption.

  D. Effective length is 7 characters.

  Correct Answer: ABD

• Question 416:

  You went to great lengths to install all the necessary technologies to prevent hacking attacks, such as expensive firewalls, antivirus software, anti-spam systems and intrusion detection/prevention tools in your company's network. You have configured the most secure policies and tightened every device on your network. You are confident that hackers will never be able to gain access to your network with complex security system in place.

  Your peer, Peter Smith who works at the same department disagrees with you.

  He says even the best network security technologies cannot prevent hackers gaining access to the network because of presence of "weakest link" in the security chain.

  What is Peter Smith talking about?

  A. Untrained staff or ignorant computer users who inadvertently become the weakest link in your security chain

  B. "zero-day" exploits are the weakest link in the security chain since the IDS will not be able to detect these attacks

  C. "Polymorphic viruses" are the weakest link in the security chain since the Anti-Virus scanners will not be able to detect these attacks

  D. Continuous Spam e-mails cannot be blocked by your security system since spammers use different techniques to bypass the filters in your gateway

  Correct Answer: A

• Question 417:

  if you send a TCP ACK segment to a known closed port on a firewall but it does not respond with an RST. what do you know about the firewall you are scanning?

  A. There is no firewall in place.

  B. This event does not tell you encrypting about the firewall.

  C. It is a stateful firewall

  D. It Is a non-stateful firewall.

  Correct Answer: B

• Question 418:

  An attacker runs netcat tool to transfer a secret file between two hosts.

  

  He is worried about information being sniffed on the network.

  How would the attacker use netcat to encrypt the information before transmitting onto the wire?

  A. Machine A: netcat -l -p -s password 1234 < testfileMachine B: netcat

  B. Machine A: netcat -l -e magickey -p 1234 < testfileMachine B: netcat

  C. Machine A: netcat -l -p 1234 < testfile -pw passwordMachine B: netcat 1234 -pw password

  D. Use cryptcat instead of netcat

  Correct Answer: D

• Question 419:

  What is the purpose of a demilitarized zone on a network?

  A. To scan all traffic coming through the DMZ to the internal network

  B. To only provide direct access to the nodes within the DMZ and protect the network behind it

  C. To provide a place to put the honeypot

  D. To contain the network devices you wish to protect

  Correct Answer: B

• Question 420:

  What is the main security service a cryptographic hash provides?

  A. Integrity and ease of computation

  B. Message authentication and collision resistance

  C. Integrity and collision resistance

  D. Integrity and computational in-feasibility

  Correct Answer: D