EC-COUNCIL EC-COUNCIL Certifications 312-50V9 Questions & Answers

• Question 431:

  A hacker has successfully infected an internet-facing server which he will then use to send junk mail, take part in coordinated attacks, or host junk email content.

  Which sort of trojan infects this server?

  A. Botnet Trojan

  B. Turtle Trojans

  C. Banking Trojans

  D. Ransomware Trojans

  Correct Answer: A Section: (none)

  In computer science, a zombie is a computer connected to the Internet that has been compromised by a hacker, computer virus or trojan horse and can be used to perform malicious tasks of one sort or another under remote direction. Botnets of zombie computers are often used to spread e-mail spam and launch denial-of-service attacks. Most owners of zombie computers are unaware that their system is being used in this way. Because the owner tends to be unaware, these computers are metaphorically compared to zombies. A coordinated DDoS attack by multiple botnet machines also resembles a zombie horde attack.

  Incorrect Answers:

  B: Turtle Trojans are about getting backdoor access to an intruder.

  C: A Banker Trojan-horse (commonly called Banker Trojan) is a malicious program used in an attempt to obtain confidential information about customers and clients using online banking and payment systems.

  D: Ransomware is a type of malware that can be covertly installed on a computer without knowledge or intention of the user that restricts access to the infected computer system in some way, and demands that the user pay a ransom to the malware operators to remove the restriction. Some forms of ransomware systematically encrypt files on the system's hard drive, which become difficult or impossible to decrypt without paying the ransom for the encryption key, while some may simply lock the system and display messages intended to coax the user into paying. Ransomware typically propagates as a Trojan.

  References: https://en.wikipedia.org/wiki/Botnet

• Question 432:

  This is an attack that takes advantage of a web site vulnerability in which the site displays content that includes un-sanitized user-provided data.

  

  What is this attack?

  A. Cross-site-scripting attack

  B. SQL Injection

  C. URL Traversal attack

  D. Buffer Overflow attack

  Correct Answer: A Section: (none)

• Question 433:

  It is an entity or event with the potential to adversely impact a system through unauthorized access,

  destruction, disclosure, denial of service or modification of data.

  Which of the following terms best matches the definition?

  A. Threat

  B. Attack

  C. Vulnerability

  D. Risk

  Correct Answer: A Section: (none)

  A threat is a any circumstance or event with the potential to adversely impact organizational operations (including mission, functions, image, or reputation), organizational assets, or individuals through an information system via unauthorized access, destruction, disclosure, modification of information, and/or denial of service. Also, the potential for a threat-source to successfully exploit a particular information system vulnerability. References: https://en.wikipedia.org/wiki/Threat_(computer)

• Question 434:

  As a Certified Ethical Hacker, you were contracted by a private firm to conduct an external security assessment through penetration testing.

  What document describes the specifics of the testing, the associated violations, and essentially protects both the organization's interest and your liabilities as a tester?

  A. Terms of Engagement

  B. Project Scope

  C. Non-Disclosure Agreement

  D. Service Level Agreement

  Correct Answer: A Section: (none)

• Question 435:

  Initiating an attack against targeted businesses and organizations, threat actors compromise a carefully selected website by inserting an exploit resulting in malware infection. The attackers run exploits on well-known and trusted sites likely to be visited by their targeted victims. Aside from carefully choosing sites to compromise, these attacks are known to incorporate zero-day exploits that target unpatched vulnerabilities. Thus, the targeted entities are left with little or no defense against these exploits.

  What type of attack is outlined in the scenario?

  A. Watering Hole Attack

  B. Heartbleed Attack

  C. Shellshock Attack

  D. Spear Phising Attack

  Correct Answer: A Section: (none)

  Watering Hole is a computer attack strategy, in which the victim is a particular group (organization, industry, or region). In this attack, the attacker guesses or observes which websites the group often uses and infects one or more of them with malware. Eventually, some member of the targeted group gets infected.

  Incorrect Answers:

  B: Heartbleed is a security bug disclosed in April 2014 in the OpenSSL cryptography library, which is a widely used implementation of the Transport Layer Security (TLS) protocol. Heartbleed may be exploited regardless of whether the party using a vulnerable OpenSSL instance for TLS is a server or a client. It results from improper input validation (due to a missing bounds check) in the implementation of the TLS heartbeat extension, thus the bug's name derives from "heartbeat".

  C: Shellshock, also known as Bashdoor, is a family of security bugs in the widely used Unix Bash shell, the first of which was disclosed on 24 September 2014. Many Internet-facing services, such as some web server deployments, use Bash to process certain requests, allowing an attacker to cause vulnerable versions of Bash to execute arbitrary commands. This can allow an attacker to gain unauthorized access to a computer system.

  D: Spear phishing is an email or electronic communications scam targeted towards a specific individual, organization or business.

  References: https://en.wikipedia.org/wiki/Watering_Hole

• Question 436:

  You are trying to break into a highly classified top-secret mainframe computer with highest security system

  in place at Merclyn Barley Bank located in Los Angeles. You know that conventional hacking doesn't work

  in this case, because organizations such as banks are generally tight and secure when it comes to

  protecting their systems.

  In other words, you are trying to penetrate an otherwise impenetrable system.

  How would you proceed?

  A. Look for "zero-day" exploits at various underground hacker websites in Russia and China and buy the necessary exploits from these hackers and target the bank's network

  B. Try to hang around the local pubs or restaurants near the bank, get talking to a poorly-paid or disgruntled employee, and offer them money if they'll abuse their access privileges by providing you with sensitive information

  C. Launch DDOS attacks against Merclyn Barley Bank's routers and firewall systems using 100, 000 or more "zombies" and "bots"

  D. Try to conduct Man-in-the-Middle (MiTM) attack and divert the network traffic going to the Merclyn Barley Bank's Webserver to that of your machine using DNS Cache Poisoning techniques

  Correct Answer: B Section: (none)

• Question 437:

  How does a denial-of-service attack work?

  A. A hacker prevents a legitimate user (or group of users) from accessing a service

  B. A hacker uses every character, word, or letter he or she can think of to defeat authentication

  C. A hacker tries to decipher a password by using a system, which subsequently crashes the network

  D. A hacker attempts to imitate a legitimate user by confusing a computer or even another person

  Correct Answer: A Section: (none)

• Question 438:

  You went to great lengths to install all the necessary technologies to prevent hacking attacks, such as expensive firewalls, antivirus software, anti-spam systems and intrusion detection/prevention tools in your company's network. You have configured the most secure policies and tightened every device on your

  network. You are confident that hackers will never be able to gain access to your network with complex

  security system in place.

  Your peer, Peter Smith who works at the same department disagrees with you.

  He says even the best network security technologies cannot prevent hackers gaining access to the

  network because of presence of "weakest link" in the security chain.

  What is Peter Smith talking about?

  A. Untrained staff or ignorant computer users who inadvertently become the weakest link in your security chain

  B. "zero-day" exploits are the weakest link in the security chain since the IDS will not be able to detect these attacks

  C. "Polymorphic viruses" are the weakest link in the security chain since the Anti-Virus scanners will not be able to detect these attacks

  D. Continuous Spam e-mails cannot be blocked by your security system since spammers use different techniques to bypass the filters in your gateway

  Correct Answer: A Section: (none)

• Question 439:

  Switches maintain a CAM Table that maps individual MAC addresses on the network to physical ports on the switch.

  

  In MAC flooding attack, a switch is fed with many Ethernet frames, each containing different source MAC addresses, by the attacker. Switches have a limited memory for mapping various MAC addresses to physical ports. What happens when the CAM table becomes full?

  A. Switch then acts as hub by broadcasting packets to all machines on the network

  B. The CAM overflow table will cause the switch to crash causing Denial of Service

  C. The switch replaces outgoing frame switch factory default MAC address of FF:FF:FF:FF:FF:FF

  D. Every packet is dropped and the switch sends out SNMP alerts to the IDS port

  Correct Answer: A Section: (none)

• Question 440:

  Which type of sniffing technique is generally referred as MiTM attack?

  

  A. Password Sniffing

  B. ARP Poisoning

  C. Mac Flooding

  D. DHCP Sniffing

  Correct Answer: B Section: (none)