EC-COUNCIL EC-COUNCIL Certifications 312-50V12 Questions & Answers

• Question 491:

  _________ is a type of phishing that targets high-profile executives such as CEOs, CFOs, politicians, and celebrities who have access to confidential and highly valuable information.

  A. Spear phishing

  B. Whaling

  C. Vishing

  D. Phishing

  Correct Answer: B

• Question 492:

  What did the following commands determine?

  

  A. That the Joe account has a SID of 500

  B. These commands demonstrate that the guest account has NOT been disabled

  C. These commands demonstrate that the guest account has been disabled

  D. That the true administrator is Joe

  E. Issued alone, these commands prove nothing

  Correct Answer: D

• Question 493:

  Although FTP traffic is not encrypted by default, which layer 3 protocol would allow for end- to-end encryption of the connection?

  A. SFTP

  B. Ipsec

  C. SSL

  D. FTPS

  Correct Answer: B

  https://en.wikipedia.org/wiki/IPsec Internet Protocol Security (IPsec) is a secure network protocol suite that authenticates and encrypts the packets of data to provide secure encrypted communication between two computers over an Internet Protocol network. It is used in virtual private networks (VPNs). IPsec includes protocols for establishing mutual authentication between agents at the beginning of a session and negotiation of cryptographic keys to use during the session. IPsec can protect data flows between a pair of hosts (host-to-host), between a pair of security gateways (network-to-network), or between a security gateway and a host (network-to-host). IPsec uses cryptographic security services to protect communications over Internet Protocol (IP) networks. It supports network-level peer authentication, data- origin authentication, data integrity, data confidentiality (encryption), and replay protection. The initial IPv4 suite was developed with few security provisions. As a part of the IPv4 enhancement, IPsec is a layer 3 OSI model or internet layer end-to-end security scheme. In contrast, while some other Internet security systems in widespread use operate above layer 3, such as Transport Layer Security (TLS) that operates at the Transport Layer and Secure Shell (SSH) that operates at the Application layer, IPsec can automatically secure applications at the IP layer.

• Question 494:

  Which of the following scanning method splits the TCP header into several packets and makes it difficult for packet filters to detect the purpose of the packet?

  A. ACK flag probe scanning

  B. ICMP Echo scanning

  C. SYN/FIN scanning using IP fragments

  D. IPID scanning

  Correct Answer: C

  SYN/FIN scanning using IP fragments is a process of scanning that was developed to avoid false positives generated by other scans because of a packet filtering device on the target system. The TCP header splits into several packets to evade the packet filter. For any transmission, every TCP header must have the source and destination port for the initial packet (8-octet, 64-bit). The initialized flags in the next packet allow the remote host to reassemble the packets upon receipt via an Internet protocol module that detects the fragmented data packets using field-equivalent values of the source, destination, protocol, and identification.

• Question 495:

  An attacker utilizes a Wi-Fi Pineapple to run an access point with a legitimate-looking SSID for a nearby business in order to capture the wireless password. What kind of attack is this?

  A. MAC spoofing attack

  B. Evil-twin attack

  C. War driving attack

  D. Phishing attack

  Correct Answer: B

• Question 496:

  Which of the following Bluetooth hacking techniques does an attacker use to send messages to users without the recipient's consent, similar to email spamming?

  A. Bluesmacking

  B. BlueSniffing

  C. Bluejacking

  D. Bluesnarfing

  Correct Answer: C

  https://en.wikipedia.org/wiki/Bluejacking Bluejacking is the sending of unsolicited messages over Bluetooth to Bluetooth-enabled devices such as mobile phones, PDAs or laptop computers, sending a vCard which typically contains a message

  in the name field (i.e., for bluedating or bluechat) to another Bluetooth-enabled device via the OBEX protocol.

  Bluejacking is usually harmless, but because bluejacked people generally don't know what has happened, they may think that their phone is malfunctioning. Usually, a bluejacker will only send a text message, but with modern phones it's

  possible to send images or sounds as well. Bluejacking has been used in guerrilla marketing campaigns to promote advergames.

  Bluejacking is also confused with Bluesnarfing, which is the way in which mobile phones are illegally hacked via Bluetooth.

• Question 497:

  Which of the following Metasploit post-exploitation modules can be used to escalate privileges on Windows systems?

  A. getsystem

  B. getuid

  C. keylogrecorder

  D. autoroute

  Correct Answer: A

• Question 498:

  In an attempt to increase the security of your network, you implement a solution that will help keep your wireless network undiscoverable and accessible only to those that know it. How do you accomplish this?

  A. Delete the wireless network

  B. Remove all passwords

  C. Lock all users

  D. Disable SSID broadcasting

  Correct Answer: D

  The SSID (service set identifier) is the name of your wireless network. SSID broadcast is how your router transmits this name to surrounding devices. Its primary function is to make your network visible and easily accessible. Most routers

  broadcast their SSIDs automatically. To disable or enable SSID broadcast, you need to change your router's settings.

  Disabling SSID broadcast will make your Wi-FI network name invisible to other users. However, this only hides the name, not the network itself. You cannot disguise the router's activity, so hackers can still attack it. With your network invisible

  to wireless devices, connecting becomes a bit more complicated. Just giving a Wi-FI password to your guests is no longer enough. They have to configure their settings manually by including the network name, security mode, and other

  relevant info.

  Disabling SSID might be a small step towards online security, but by no means should it be your final one. Before considering it as a security measure, consider the following aspects:

  -

  Disabling SSID broadcast will not hide your network completely Disabling SSID broadcast only hides the network name, not the fact that it exists. Your router constantly transmits so-called beacon frames to announce the presence of a

  wireless network. They contain essential information about the network and help the device connect.

  -

  Third-party software can easily trace a hidden network Programs such as NetStumbler or Kismet can easily locate hidden networks. You can try using them yourself to see how easy it is to find available networks ?hidden or not.

  -You might attract unwanted attention.

  Disabling your SSID broadcast could also raise suspicion. Most of us assume that when somebody hides something, they have a reason to do so. Thus, some hackers might be attracted to your network.

• Question 499:

  Which among the following is the best example of the third step (delivery) in the cyber kill chain?

  A. An intruder sends a malicious attachment via email to a target.

  B. An intruder creates malware to be used as a malicious attachment to an email.

  C. An intruder's malware is triggered when a target opens a malicious email attachment.

  D. An intruder's malware is installed on a target's machine.

  Correct Answer: A

• Question 500:

  Which mode of IPSec should you use to assure security and confidentiality of data within the same LAN?

  A. ESP transport mode

  B. ESP confidential

  C. AH permiscuous

  D. AH Tunnel mode

  Correct Answer: A