EC-COUNCIL EC-COUNCIL Certifications 312-50V12 Questions & Answers

• Question 551:

  Robin, a professional hacker, targeted an organization's network to sniff all the traffic. During this process, Robin plugged in a rogue switch to an unused port in the LAN with a priority lower than any other switch in the network, making it the root bridge that would later allow him to sniff all the traffic in the network.

  What is the attack performed by Robin in the above scenario?

  A. ARP spoofing attack

  B. VLAN hopping attack

  C. DNS poisoning attack

  D. STP attack

  Correct Answer: D

  STP prevents bridging loops in a redundant switched network environment. By avoiding loops, you can ensure that broadcast traffic does not become a traffic storm. STP is a hierarchical tree-like topology with a "root" switch at the top. A switch is elected as root based on the lowest configured priority of any switch (0 through 65,535). When a switch boots up, it begins a process of identifying other switches and determining the root bridge. After a root bridge is elected, the topology is established from its perspective of the connectivity. The switches determine the path to the root bridge, and all redundant paths are blocked. STP sends configuration and topology change notifications and acknowledgments (TCN/ TCA) using bridge protocol data units (BPDU). An STP attack involves an attacker spoofing the root bridge in the topology. The attacker broadcasts out an STP configuration/topology change BPDU in an attempt to force an STP recalculation. The BPDU sent out announces that the attacker's system has a lower bridge priority. The attacker can then see a variety of frames forwarded from other switches to it. STP recalculation may also cause a denial-of-service (DoS) condition on the network by causing an interruption of 30 to 45 seconds each time the root bridge changes. An attacker using STP network topology changes to force its host to be elected as the root bridge.

  

  switch

• Question 552:

  Hackers often raise the trust level of a phishing message by modeling the email to look similar to the internal email used by the target company. This includes using logos, formatting, and names of the target company. The phishing message will often use the name of the company CEO, President, or Managers. The time a hacker spends performing research to locate this information about a company is known as?

  A. Exploration

  B. Investigation

  C. Reconnaissance

  D. Enumeration

  Correct Answer: C

• Question 553:

  Which of the following tools is used to detect wireless LANs using the 802.11a/b/g/n WLAN standards on a linux platform?

  A. Kismet

  B. Abel

  C. Netstumbler

  D. Nessus

  Correct Answer: A

  https://en.wikipedia.org/wiki/Kismet_(software)

  Kismet is a network detector, packet sniffer, and intrusion detection system for 802.11 wireless LANs. Kismet will work with any wireless card which supports raw monitoring mode, and can sniff 802.11a, 802.11b, 802.11g, and 802.11n traffic.

• Question 554:

  Which of the following commands checks for valid users on an SMTP server?

  A. RCPT

  B. CHK

  C. VRFY

  D. EXPN

  Correct Answer: C

  The VRFY commands enables SMTP clients to send an invitation to an SMTP server to verify that mail for a selected user name resides on the server. The VRFY command is defined in RFC 821.The server sends a response indicating whether the user is local or not, whether mail are going to be forwarded, and so on. A response of 250 indicates that the user name is local; a response of 251 indicates that the user name isn't local, but the server can forward the message. The server response includes the mailbox name.

• Question 555:

  What ports should be blocked on the firewall to prevent NetBIOS traffic from not coming through the firewall if your network is comprised of Windows NT, 2000, and XP?

  A. 110

  B. 135

  C. 139

  D. 161

  E. 445

  F. 1024

  Correct Answer: BCE

• Question 556:

  An attacker, using a rogue wireless AP, performed an MITM attack and injected an HTML code to embed a malicious applet in all HTTP connections. When users accessed any page, the applet ran and exploited many machines. Which one of the following tools the hacker probably used to inject HTML code?

  A. Wireshark

  B. Ettercap

  C. Aircrack-ng

  D. Tcpdump

  Correct Answer: B

• Question 557:

  Which file is a rich target to discover the structure of a website during web-server footprinting?

  A. Document root

  B. Robots.txt

  C. domain.txt

  D. index.html

  Correct Answer: B

  Web Server Attack Methodolog Information Gathering from Robots.txt File The robots.txt file contains the list of the web server directories and files that the web site owner wants to hide from web crawlers. Poorly written robots.txt files can cause the complete indexing of website files and directories. If confidential files and directories are indexed, an attacker may easily obtain information such as passwords, email addresses, hidden links, and membership areas. (P.1650/1634)

• Question 558:

  What type of virus is most likely to remain undetected by antivirus software?

  A. Cavity virus

  B. Stealth virus

  C. File-extension virus

  D. Macro virus

  Correct Answer: B

• Question 559:

  What do Trinoo, TFN2k, WinTrinoo, T-Sight, and Stracheldraht have in common?

  A. All are hacking tools developed by the legion of doom

  B. All are tools that can be used not only by hackers, but also security personnel

  C. All are DDOS tools

  D. All are tools that are only effective against Windows

  E. All are tools that are only effective against Linux

  Correct Answer: C

• Question 560:

  Jim's company regularly performs backups of their critical servers. But the company cannot afford to send backup tapes to an off-site vendor for long-term storage and archiving. Instead, Jim's company keeps the backup tapes in a safe in the office. Jim's company is audited each year, and the results from this year's audit show a risk because backup tapes are not stored off-site. The Manager of Information Technology has a plan to take the backup tapes home with him and wants to know what two things he can do to secure the backup tapes while in transit?

  A. Encrypt the backup tapes and transport them in a lock box.

  B. Degauss the backup tapes and transport them in a lock box.

  C. Hash the backup tapes and transport them in a lock box.

  D. Encrypt the backup tapes and use a courier to transport them.

  Correct Answer: A