EC-COUNCIL EC-COUNCIL Certifications 312-50V9 Questions & Answers

• Question 361:

  > NMAP -sn 192.168.11.200-215

  The NMAP command above performs which of the following?

  A. A ping scan

  B. A trace sweep

  C. An operating system detect

  D. A port scan

  Correct Answer: A Section: (none)

  NMAP -sn (No port scan)

  This option tells Nmap not to do a port scan after host discovery, and only print out the available hosts that

  responded to the host discovery probes. This is often known as a "ping scan", but you can also request

  that traceroute and NSE host scripts be run.

  References: https://nmap.org/book/man-host-discovery.html

• Question 362:

  The purpose of a __________ is to deny network access to local area networks and other information assets by unauthorized wireless devices.

  A. Wireless Intrusion Prevention System

  B. Wireless Access Point

  C. Wireless Access Control List

  D. Wireless Analyzer

  Correct Answer: A Section: (none)

  A wireless intrusion prevention system (WIPS) is a network device that monitors the radio spectrum for the presence of unauthorized access points (intrusion detection), and can automatically take countermeasures (intrusion prevention).

  References: https://en.wikipedia.org/wiki/Wireless_intrusion_prevention_system

• Question 363:

  This phase will increase the odds of success in later phases of the penetration test. It is also the very first step in Information Gathering, and it will tell you what the "landscape" looks like.

  What is the most important phase of ethical hacking in which you need to spend a considerable amount of time?

  A. footprinting

  B. network mapping

  C. gaining access

  D. escalating privileges

  Correct Answer: A Section: (none)

  Footprinting is a first step that a penetration tester used to evaluate the security of any IT infrastructure, footprinting means to gather the maximum information about the computer system or a network and about the devices that are attached to this network.

  References: http://www.ehacking.net/2011/02/footprinting-first-step-of-ethical.html

• Question 364:

  Which of the following is not a Bluetooth attack?

  A. Bluedriving

  B. Bluejacking

  C. Bluesmacking

  D. Bluesnarfing

  Correct Answer: A Section: (none)

  Incorrect Answers:

  B: Bluejacking is the sending of unsolicited messages over Bluetooth to Bluetooth-enabled devices such as mobile phones, PDAs or laptop computers, sending a vCard which typically contains a message in the name field (i.e., for bluedating or bluechat) to another Bluetooth-enabled device via the OBEX protocol.

  C: BlueSmack is a Bluetooth attack that knocks out some Bluetooth-enabled devices immediately. This Denial of Service attack can be conducted using standard tools that ship with the official Linux Bluez utils package.

  D: Bluesnarfing is the unauthorized access of information from a wireless device through a Bluetooth connection, often between phones, desktops, laptops, and PDAs (personal digital assistant.). This allows access to a calendar, contact list, emails and text messages, and on some phones, users can copy pictures and private videos.

  References: https://en.wikipedia.org/wiki/Bluejacking http://trifinite.org/trifinite_stuff_bluesmack.html https://en.wikipedia.org/wiki/Bluesnarfing

• Question 365:

  A penetration tester is conducting a port scan on a specific host. The tester found several ports opened that were confusing in concluding the Operating System (OS) version installed. Considering the NMAP result below, which of the following is likely to be installed on the target machine by the OS?

  

  A. The host is likely a printer.

  B. The host is likely a Windows machine.

  C. The host is likely a Linux machine.

  D. The host is likely a router.

  Correct Answer: A Section: (none)

  The Internet Printing Protocol (IPP) uses port 631.

  References: https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers

• Question 366:

  Which of the following is the least-likely physical characteristic to be used in biometric control that supports a large company?

  A. Height and Weight

  B. Voice

  C. Fingerprints

  D. Iris patterns

  Correct Answer: A Section: (none)

  There are two main types of biometric identifiers:

  1.

  Physiological characteristics: The shape or composition of the body.

  2.

  Behavioral characteristics: The behavior of a person.

  Examples of physiological characteristics used for biometric authentication include fingerprints; DNA; face, hand, retina or ear features; and odor. Behavioral characteristics are related to the pattern of the behavior of a person, such as typing rhythm, gait, gestures and voice.

  References: http://searchsecurity.techtarget.com/definition/biometrics

• Question 367:

  You have several plain-text firewall logs that you must review to evaluate network traffic. You know that in order to do fast, efficient searches of the logs you must use regular expressions.

  Which command-line utility are you most likely to use?

  A. Grep

  B. Notepad

  C. MS Excel

  D. Relational Database

  Correct Answer: A Section: (none)

  grep is a command-line utility for searching plain-text data sets for lines matching a regular expression.

  References: https://en.wikipedia.org/wiki/Grep

• Question 368:

  You've just been hired to perform a pen test on an organization that has been subjected to a large-scale attack. The CIO is concerned with mitigating threats and vulnerabilities to totally eliminate risk.

  What is one of the first things you should do when given the job?

  A. Explain to the CIO that you cannot eliminate all risk, but you will be able to reduce risk to acceptable levels.

  B. Interview all employees in the company to rule out possible insider threats.

  C. Establish attribution to suspected attackers.

  D. Start the wireshark application to start sniffing network traffic.

  Correct Answer: A Section: (none)

  The goals of penetration tests are:

  1.

  Determine feasibility of a particular set of attack vectors

  2.

  Identify high-risk vulnerabilities from a combination of lower-risk vulnerabilities exploited in a particular sequence

  3.

  Identify vulnerabilities that may be difficult or impossible to detect with automated network or application vulnerability scanning software

  4.

  Assess the magnitude of potential business and operational impacts of successful attacks

  5.

  Test the ability of network defenders to detect and respond to attacks

  6.

  Provide evidence to support increased investments in security personnel and technology

  References: https://en.wikipedia.org/wiki/Penetration_test

• Question 369:

  You are performing a penetration test. You achieved access via a buffer overflow exploit and you proceed to find interesting data, such as files with usernames and passwords. You find a hidden folder that has the administrator's bank account password and login information for the administrator's bitcoin account.

  What should you do?

  A. Report immediately to the administrator

  B. Do not report it and continue the penetration test.

  C. Transfer money from the administrator's account to another account.

  D. Do not transfer the money but steal the bitcoins.

  Correct Answer: A Section: (none)

• Question 370:

  Which of the following describes the characteristics of a Boot Sector Virus?

  A. Moves the MBR to another location on the hard disk and copies itself to the original location of the MBR

  B. Moves the MBR to another location on the RAM and copies itself to the original location of the MBR

  C. Modifies directory table entries so that directory entries point to the virus code instead of the actual program

  D. Overwrites the original MBR and only executes the new virus code

  Correct Answer: A Section: (none)

  A boot sector virus is a computer virus that infects a storage device's master boot record (MBR). The virus moves the boot sector to another location on the hard drive. References: https://www.techopedia.com/definition/26655/boot-sector-virus