EC-COUNCIL EC-COUNCIL Certifications 312-50V11 Questions & Answers

• Question 491:

  What do Trinoo, TFN2k, WinTrinoo, T-Sight, and Stracheldraht have in common?

  A. All are hacking tools developed by the legion of doom

  B. All are tools that can be used not only by hackers, but also security personnel

  C. All are DDOS tools

  D. All are tools that are only effective against Windows

  E. All are tools that are only effective against Linux

  Correct Answer: C

• Question 492:

  What type of virus is most likely to remain undetected by antivirus software?

  A. Cavity virus

  B. Stealth virus

  C. File-extension virus

  D. Macro virus

  Correct Answer: B

• Question 493:

  Which file is a rich target to discover the structure of a website during web-server footprinting?

  A. Document root

  B. Robots.txt

  C. domain.txt

  D. index.html

  Correct Answer: C

  File TXT records are a type of Domain Name System (DNS) record that contains text information for sources outside of your domain. You add these records to your domain settings. You can use TXT records for various purposes. Google uses them to verify domain ownership and to ensure email security. You verify your domain through your domain host (typically where you purchased your domain name). Your domain host maintains settings called DNS records that direct internet traffic to your domain name. For details, see Identify your domain host. Google gives you a TXT verification record to add to your domain host's DNS records. When Google sees the record exists, your domain ownership is confirmed. The verification record does not affect your website or email.

• Question 494:

  An attacker, using a rogue wireless AP, performed an MITM attack and injected an HTML code to embed a malicious applet in all HTTP connections.

  When users accessed any page, the applet ran and exploited many machines. Which one of the following tools the hacker probably used to inject HTML code?

  A. Wireshark

  B. Ettercap

  C. Aircrack-ng

  D. Tcpdump

  Correct Answer: B

• Question 495:

  What ports should be blocked on the firewall to prevent NetBIOS traffic from not coming through the firewall if your network is comprised of Windows NT, 2000, and XP?

  A. 110

  B. 135

  C. 139

  D. 161

  E. 445

  F. 1024

  Correct Answer: BCE

• Question 496:

  Ethical backer jane Doe is attempting to crack the password of the head of the it department of ABC company. She Is utilizing a rainbow table and notices upon entering a password that extra characters are added to the password after submitting. What countermeasure is the company using to protect against rainbow tables?

  A. Password key hashing

  B. Password salting

  C. Password hashing

  D. Account lockout

  Correct Answer: B

  Passwords are usually delineated as "hashed and salted". salting is simply the addition of a unique, random string of characters renowned solely to the site to every parole before it's hashed, typically this "salt" is placed in front of each password. The salt value needs to be hold on by the site, which means typically sites use the same salt for each parole. This makes it less effective than if individual salts are used. The use of unique salts means that common passwords shared by multiple users ?like "123456" or "password" ?aren't revealed revealed when one such hashed password is known ?because despite the passwords being the same the immediately and hashed values are not. Large salts also protect against certain methods of attack on hashes, including rainbow tables or logs of hashed passwords previously broken. Both hashing and salting may be repeated more than once to increase the issue in breaking the security.

• Question 497:

  Mary found a high vulnerability during a vulnerability scan and notified her server team. After analysis, they sent her proof that a fix to that issue had already been applied. The vulnerability that Marry found is called what?

  A. False-negative

  B. False-positive

  C. Brute force attack

  D. Backdoor

  Correct Answer: B

• Question 498:

  How does a denial-of-service attack work?

  A. A hacker prevents a legitimate user (or group of users) from accessing a service

  B. A hacker uses every character, word, or letter he or she can think of to defeat authentication

  C. A hacker tries to decipher a password by using a system, which subsequently crashes the network

  D. A hacker attempts to imitate a legitimate user by confusing a computer or even another person

  Correct Answer: A

• Question 499:

  Stephen, an attacker, targeted the industrial control systems of an organization. He generated a fraudulent email with a malicious attachment and sent it to employees of the target organization. An employee who manages the sales software of the operational plant opened the fraudulent email and clicked on the malicious attachment. This resulted in the malicious attachment being downloaded and malware being injected into the sales software maintained in the victim's system. Further, the malware propagated itself to other networked systems, finally damaging the industrial automation components. What is the attack technique used by Stephen to damage the industrial systems?

  A. Spear-phishing attack

  B. SMishing attack

  C. Reconnaissance attack D. HMI-based attack

  Correct Answer: A

• Question 500:

  An organization decided to harden its security against web-application and web-server attacks. John, a security personnel in the organization, employed a security scanner to automate web-application security testing and to guard the organization's web infrastructure against web-application threats. Using that tool, he also wants to detect XSS, directory transversal problems, fault injection, SQL injection, attempts to execute commands, and several other attacks. Which of the following security scanners will help John perform the above task?

  A. AlienVault OSSIM

  B. Syhunt Hybrid

  C. Saleae Logic Analyzer

  D. Cisco ASA

  Correct Answer: B