EC-COUNCIL EC-COUNCIL Certifications 312-50V9 Questions & Answers

• Question 421:

  What is the best description of SQL Injection?

  A. It is an attack used to gain unauthorized access to a database.

  B. It is an attack used to modify code in an application.

  C. It is a Man-in-the-Middle attack between your SQL Server and Web App Server.

  D. It is a Denial of Service Attack.

  Correct Answer: A Section: (none)

  SQL injection is a code injection technique, used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker).

  References: https://en.wikipedia.org/wiki/SQL_injection

• Question 422:

  Which of the following is the BEST way to defend against network sniffing?

  A. Using encryption protocols to secure network communications

  B. Register all machines MAC Address in a Centralized Database

  C. Restrict Physical Access to Server Rooms hosting Critical Servers

  D. Use Static IP Address

  Correct Answer: A Section: (none)

  A way to protect your network traffic from being sniffed is to use encryption such as Secure Sockets Layer (SSL) or Transport Layer Security (TLS). Encryption doesn't prevent packet sniffers from seeing source and destination information, but it does encrypt the data packet's payload so that all the sniffer sees is encrypted gibberish.

  References: http://netsecurity.about.com/od/informationresources/a/What-Is-A-Packet-Sniffer.htm

• Question 423:

  Which of the following statements is TRUE?

  A. Sniffers operate on Layer 2 of the OSI model

  B. Sniffers operate on Layer 3 of the OSI model

  C. Sniffers operate on both Layer 2 and Layer 3 of the OSI model.

  D. Sniffers operate on the Layer 1 of the OSI model.

  Correct Answer: A Section: (none)

  The OSI layer 2 is where packet sniffers collect their data. References: https://en.wikipedia.org/wiki/Ethernet_frame

• Question 424:

  You are logged in as a local admin on a Windows 7 system and you need to launch the Computer Management Console from command line.

  Which command would you use?

  A. c:\compmgmt.msc

  B. c:\services.msc

  C. c:\ncpa.cp

  D. c:\gpedit

  Correct Answer: A Section: (none)

  To start the Computer Management Console from command line just type compmgmt.msc / computer:computername in your run box or at the command line and it should automatically open the Computer Management console.

  References: http://www.waynezim.com/tag/compmgmtmsc/

• Question 425:

  You have successfully comprised a server having an IP address of 10.10.0.5. You would like to enumerate all machines in the same network quickly.

  What is the best nmap command you will use?

  A. nmap -T4 -F 10.10.0.0/24

  B. nmap -T4 -r 10.10.1.0/24

  C. nmap -T4 -O 10.10.0.0/24

  D. nmap -T4 -q 10.10.0.0/24

  Correct Answer: A Section: (none)

  command = nmap -T4 -F description = This scan is faster than a normal scan because it uses the aggressive timing template and scans fewer ports.

  References: https://svn.nmap.org/nmap/zenmap/share/zenmap/config/scan_profile.usp

• Question 426:

  You have compromised a server on a network and successfully opened a shell. You aimed to identify all operating systems running on the network. However, as you attempt to fingerprint all machines in the network using the nmap syntax below, it is not going through.

  

  What seems to be wrong?

  A. OS Scan requires root privileges.

  B. The nmap syntax is wrong.

  C. This is a common behavior for a corrupted nmap application.

  D. The outgoing TCP/IP fingerprinting is blocked by the host firewall.

  Correct Answer: A Section: (none)

  You requested a scan type which requires root privileges.

  References: http://askubuntu.com/questions/433062/using-nmap-for-information-regarding-web-host

• Question 427:

  You have compromised a server and successfully gained a root access. You want to pivot and pass traffic

  undetected over the network and evade any possible Intrusion Detection System.

  What is the best approach?

  A. Install Cryptcat and encrypt outgoing packets from this server.

  B. Install and use Telnet to encrypt all outgoing traffic from this server.

  C. Use Alternate Data Streams to hide the outgoing packets from this server.

  D. Use HTTP so that all traffic can be routed via a browser, thus evading the internal Intrusion Detection Systems.

  Correct Answer: A Section: (none)

  Cryptcat enables us to communicate between two systems and encrypts the communication between them with twofish.

  References: http://null-byte.wonderhowto.com/how-to/hack-like-pro-create-nearly-undetectable-backdoorwith-cryptcat-0149264/

• Question 428:

  It is a kind of malware (malicious software) that criminals install on your computer so they can lock it from a remote location. This malware generates a pop-up window, webpage, or email warning from what looks like an official authority. It explains that your computer has been locked because of possible illegal activities on it and demands payment before you can access your files and programs again.

  Which of the following terms best matches the definition?

  A. Ransomware

  B. Adware

  C. Spyware

  D. Riskware

  Correct Answer: A Section: (none)

  Ransomware is a type of malware that can be covertly installed on a computer without knowledge or intention of the user that restricts access to the infected computer system in some way, and demands that the user pay a ransom to the malware operators to remove the restriction. Some forms of ransomware systematically encrypt files on the system's hard drive, which become difficult or impossible to decrypt without paying the ransom for the encryption key, while some may simply lock the system and display messages intended to coax the user into paying. Ransomware typically propagates as a Trojan.

  References: https://en.wikipedia.org/wiki/Ransomware

• Question 429:

  You have successfully gained access to your client's internal network and successfully comprised a Linux server which is part of the internal IP network. You want to know which Microsoft Windows workstations have file sharing enabled.

  Which port would you see listening on these Windows machines in the network?

  A. 445

  B. 3389

  C. 161

  D. 1433

  Correct Answer: A Section: (none)

  The following ports are associated with file sharing and server message block (SMB) communications: Microsoft file sharing SMB: User Datagram Protocol (UDP) ports from 135 through 139 and Transmission Control Protocol (TCP) ports from 135 through 139.

  Direct-hosted SMB traffic without a network basic input/output system (NetBIOS): port 445 (TCP and UPD).

  References: https://support.microsoft.com/en-us/kb/298804

• Question 430:

  It is a short-range wireless communication technology intended to replace the cables connecting portable of fixed devices while maintaining high levels of security. It allows mobile phones, computers and other devices to connect and communicate using a short-range wireless connection.

  Which of the following terms best matches the definition?

  A. Bluetooth

  B. Radio-Frequency Identification

  C. WLAN

  D. InfraRed

  Correct Answer: A Section: (none)

  Bluetooth is a standard for the short-range wireless interconnection of mobile phones, computers, and other electronic devices.

  References: http://www.bbc.co.uk/webwise/guides/about-bluetooth