EC-COUNCIL EC-COUNCIL Certifications 312-50V11 Questions & Answers

• Question 51:

  Which protocol is used for setting up secure channels between two devices, typically in VPNs?

  A. PEM

  B. ppp

  C. IPSEC

  D. SET

  Correct Answer: C

• Question 52:

  What port number is used by LDAP protocol?

  A. 110

  B. 389

  C. 464

  D. 445

  Correct Answer: B

• Question 53:

  Jason, an attacker, targeted an organization to perform an attack on its Internet-facing web server with the intention of gaining access to backend servers, which are protected by a firewall. In this process, he used a URL https://xyz.com/feed.php?url:externaIsile.com/feed/to to obtain a remote feed and altered the URL input to the local host to view all the local resources on the target server. What is the type of attack Jason performed In the above scenario?

  A. website defacement

  B. Server-side request forgery (SSRF) attack

  C. Web server misconfiguration

  D. web cache poisoning attack

  Correct Answer: B

  Server-side request forgery (also called SSRF) is a net security vulnerability that allows an assaulter to induce the server-side application to make http requests to associate arbitrary domain of the attacker's choosing. In typical SSRF examples, the attacker might cause the server to make a connection back to itself, or to other web-based services among the organization's infrastructure, or to external third-party systems. Another type of trust relationship that often arises with server-side request forgery is where the application server is able to interact with different back-end systems that aren't directly reachable by users. These systems typically have non- routable private informatics addresses. Since the back-end systems normally ordinarily protected by the topology, they typically have a weaker security posture. In several cases, internal back-end systems contain sensitive functionality that may be accessed while not authentication by anyone who is able to act with the systems. In the preceding example, suppose there's an body interface at the back-end url https://192.168.0.68/ admin. Here, an attacker will exploit the SSRF vulnerability to access the executive interface by submitting the following request: POST /product/stock HTTP/1.0 Content-Type: application/x-www-form-urlencoded Content-Length: 118 stockApi=http://192.168.0.68/admin

• Question 54:

  Which of the following options represents a conceptual characteristic of an anomaly-based IDS over a signature-based IDS?

  A. Produces less false positives

  B. Can identify unknown attacks

  C. Requires vendor updates for a new threat

  D. Cannot deal with encrypted network traffic

  Correct Answer: B

• Question 55:

  In the context of Windows Security, what is a 'null' user?

  A. A user that has no skills

  B. An account that has been suspended by the admin

  C. A pseudo account that has no username and password

  D. A pseudo account that was created for security administration purpose

  Correct Answer: C

• Question 56:

  The security team of Debry Inc. decided to upgrade Wi-Fi security to thwart attacks such as dictionary attacks and key recovery attacks. For this purpose, the security team started implementing cutting-edge technology that uses a modern key establishment protocol called the simultaneous authentication of equals (SAE), also known as dragonfly key exchange, which replaces the PSK concept. What is the Wi-Fi encryption technology implemented by Debry Inc.?

  A. WEP

  B. WPA

  C. WPA2

  D. WPA3

  Correct Answer: C

• Question 57:

  What type of a vulnerability/attack is it when the malicious person forces the user's browser to send an authenticated request to a server?

  A. Session hijacking

  B. Server side request forgery

  C. Cross-site request forgery

  D. Cross-site scripting

  Correct Answer: C

• Question 58:

  Study the snort rule given below: From the options below, choose the exploit against which this rule applies.

  

  A. WebDav

  B. SQL Slammer

  C. MS Blaster

  D. MyDoom

  Correct Answer: C

• Question 59:

  What is one of the advantages of using both symmetric and asymmetric cryptography in SSL/TLS?

  A. Symmetric algorithms such as AES provide a failsafe when asymmetric methods fail.

  B. Asymmetric cryptography is computationally expensive in comparison. However, it is well-suited to securely negotiate keys for use with symmetric cryptography.

  C. Symmetric encryption allows the server to securely transmit the session keys out-of- band.

  D. Supporting both types of algorithms allows less-powerful devices such as mobile phones to use symmetric encryption instead.

  Correct Answer: D

• Question 60:

  By performing a penetration test, you gained access under a user account. During the test, you established a connection with your own machine via the SMB service and occasionally entered your login and password in plaintext.

  Which file do you have to clean to clear the password?

  A. .X session-log

  B. .bashrc

  C. .profile

  D. .bash_history

  Correct Answer: D

  File created by Bash, a Unix-based shell program commonly used on Mac OS X and Linux operating systems; stores a history of user commands entered at the command prompt; used for viewing old commands that are executed.BASH_HISTORY files are hidden files with no filename prefix. They always use the filename .bash_history.NOTE: Bash is that the shell program employed by Apple Terminal.Our goal is to assist you understand what a file with a *.bash_history suffix is and the way to open it.The Bash History file type, file format description, and Mac and Linux programs listed on this page are individually researched and verified by the FileInfo team. we attempt for 100% accuracy and only publish information about file formats that we've tested and validated.