EC-COUNCIL EC-COUNCIL Certifications 312-50V9 Questions & Answers

• Question 321:

  Which of the following tools is used to analyze the files produced by several packet-capture programs such as tcpdump, WinDump, Wireshark, and EtherPeek?

  A. tcptrace

  B. tcptraceroute

  C. Nessus

  D. OpenVAS

  Correct Answer: A Section: (none)

  tcptrace is a tool for analysis of TCP dump files. It can take as input the files produced by several popular packet-capture programs, including tcpdump/WinDump/Wireshark, snoop, EtherPeek, and Agilent NetMetrix.

  References: https://en.wikipedia.org/wiki/Tcptrace

• Question 322:

  Which of the following tools performs comprehensive tests against web servers, including dangerous files and CGIs?

  A. Nikto

  B. Snort

  C. John the Ripper

  D. Dsniff

  Correct Answer: A Section: (none)

  Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6700 potentially dangerous files/CGIs, checks for outdated versions of over 1250 servers, and version specific problems on over 270 servers. It also checks for server configuration items such as the presence of multiple index files, HTTP server options, and will attempt to identify installed web servers and software. Scan items and plugins are frequently updated and can be automatically updated.

  References: https://en.wikipedia.org/wiki/Nikto_Web_Scanner

• Question 323:

  What is the most common method to exploit the "Bash Bug" or "ShellShock" vulnerability?

  A. Through Web servers utilizing CGI (Common Gateway Interface) to send a malformed environment variable to a vulnerable Web server

  B. Manipulate format strings in text fields

  C. SSH

  D. SYN Flood

  Correct Answer: A Section: (none)

  Shellshock, also known as Bashdoor, is a family of security bugs in the widely used Unix Bash shell. One specific exploitation vector of the Shellshock bug is CGI-based web servers.

  Note: When a web server uses the Common Gateway Interface (CGI) to handle a document request, it passes various details of the request to a handler program in the environment variable list. For example, the variable HTTP_USER_AGENT has a value that, in normal usage, identifies the program sending the request. If the request handler is a Bash script, or if it executes one for example using the system call, Bash will receive the environment variables passed by the server and will process them. This provides a means for an attacker to trigger the Shellshock vulnerability with a specially crafted server request.

  References: https://en.wikipedia.org/wiki/Shellshock_(software_bug)#Specific_exploitation_vectors

• Question 324:

  Which method of password cracking takes the most time and effort?

  A. Brute force

  B. Rainbow tables

  C. Dictionary attack

  D. Shoulder surfing

  Correct Answer: A Section: (none)

  Brute-force cracking, in which a computer tries every possible key or password until it succeeds, is typically very time consuming. More common methods of password cracking, such as dictionary attacks, pattern checking, word list substitution, etc. attempt to reduce the number of trials required and will usually be attempted before brute force.

  References: https://en.wikipedia.org/wiki/Password_cracking

• Question 325:

  PGP, SSL, and IKE are all examples of which type of cryptography?

  A. Public Key

  B. Secret Key

  C. Hash Algorithm

  D. Digest

  Correct Answer: A Section: (none)

  Public-key algorithms are fundamental security ingredients in cryptosystems, applications and protocols. They underpin various Internet standards, such as Secure Sockets Layer (SSL),Transport Layer Security (TLS), S/MIME, PGP, Internet Key Exchange (IKE or IKEv2), and GPG.

  References: https://en.wikipedia.org/wiki/Public-key_cryptography

• Question 326:

  Which of the following is a low-tech way of gaining unauthorized access to systems?

  A. Social Engineering

  B. Sniffing

  C. Eavesdropping

  D. Scanning

  Correct Answer: A Section: (none)

  Social engineering, in the context of information security, refers to psychological manipulation of people into performing actions or divulging confidential information. A type of confidence trick for the purpose of information gathering, fraud, or system access.

  References: https://en.wikipedia.org/wiki/Social_engineering_(security)

• Question 327:

  Which of the following is designed to identify malicious attempts to penetrate systems?

  A. Intrusion Detection System

  B. Firewall

  C. Proxy

  D. Router

  Correct Answer: A Section: (none)

  An intrusion detection system (IDS) is a device or software application that monitors network or system activities for malicious activities or policy violations and produces electronic reports to a management station.

  References: https://en.wikipedia.org/wiki/Intrusion_detection_system

• Question 328:

  Risks = Threats x Vulnerabilities is referred to as the:

  A. Risk equation

  B. Threat assessment

  C. BIA equation

  D. Disaster recovery formula

  Correct Answer: A Section: (none)

  The most effective way to define risk is with this simple equation:

  Risk = Threat x Vulnerability x Cost

  This equation is fundamental to all information security.

  References: http://www.icharter.org/articles/risk_equation.html

• Question 329:

  What term describes the amount of risk that remains after the vulnerabilities are classified and the countermeasures have been deployed?

  A. Residual risk

  B. Inherent risk

  C. Deferred risk

  D. Impact risk

  Correct Answer: A Section: (none)

  The residual risk is the risk or danger of an action or an event, a method or a (technical) process that, although being abreast with science, still conceives these dangers, even if all theoretically possible safety measures would be applied (scientifically conceivable measures); in other words, the amount of risk left over after natural or inherent risks have been reduced by risk controls.

  References: https://en.wikipedia.org/wiki/Residual_risk

• Question 330:

  Which of these options is the most secure procedure for storing backup tapes?

  A. In a climate controlled facility offsite

  B. On a different floor in the same building

  C. Inside the data center for faster retrieval in a fireproof safe

  D. In a cool dry environment

  Correct Answer: A Section: (none)

  An effective disaster data recovery strategy should consist of producing backup tapes and housing them in an offsite storage facility. This way the data isn't compromised if a natural disaster affects the business' office. It is highly recommended that the backup tapes be handled properly and stored in a secure, climate controlled facility. This provides peace of mind, and gives the business almost immediate stability after a disaster.

  References: http://www.entrustrm.com/blog/1132/why-is-offsite-tape-storage-the-best-disaster-recoverystrategy