EC-COUNCIL 312-50 Online Practice Questions and Exam Preparation

EC-COUNCIL 312-50 Online Questions & Answers

• Question 561:

  You have discovered that an employee has attached a modem to his telephone line and workstation. He has used this modem to dial in to his workstation, thereby bypassing your firewall. A security breach has occurred as a direct result of this activity. The employee explains that he used the modem because he had to download software for a department project. What can you do to solve this problem?

  A. Install a network-based IDS
  B. Reconfigure the firewall
  C. Conduct a needs analysis
  D. Enforce your security policy
  D. Enforce your security policy

  ---

  The employee was unaware of security policy.

• Question 562:

  Harold works for Jacobson Unlimited in the IT department as the security manager. Harold has created a security policy requiring all employees to use complex 14 character passwords. Unfortunately, the members of management do not want to have to use such long complicated passwords so they tell Harold's boss this new password policy should not apply to them. To comply with the management's wishes, the IT department creates another Windows domain and moves all the management users to that domain. This new domain has a password policy only requiring 8 characters.

  Harold is concerned about having to accommodate the managers, but cannot do anything about it. Harold is also concerned about using LanManager security on his network instead of NTLM or NTLMv2, but the many legacy applications on the network prevent using the more secure NTLM and NTLMv2. Harold pulls the SAM files from the DC's on the original domain and the new domain using Pwdump6.

  Harold uses the password cracking software John the Ripper to crack users' passwords to make sure they are strong enough. Harold expects that the users' passwords in the original domain will take much longer to crack than the management's passwords in the new domain. After running the software, Harold discovers that the 14 character passwords only took a short time longer to crack than the 8 character passwords. Why did the 14 character passwords not take much longer to crack than the 8 character passwords?

  A. Harold should have used Dumpsec instead of Pwdump6
  B. Harold's dictionary file was not large enough
  C. Harold should use LC4 instead of John the Ripper
  D. LanManger hashes are broken up into two 7 character fields
  D. LanManger hashes are broken up into two 7 character fields

• Question 563:

  Annie has just succeeded is stealing a secure cookie via a XSS attack. She is able to replay the cookie even while the session is valid on the server. Why do you think this is possible?

  A. Any Cookie can be replayed irrespective of the session status
  B. The scenario is invalid as a secure cookie can't be replayed
  C. It works because encryption is performed at the network layer (layer 1 encryption)
  D. It works because encryption is performed at the application layer (Single Encryption Key)
  D. It works because encryption is performed at the application layer (Single Encryption Key)

  ---

  Single key encryption (conventional cryptography) uses a single word or phrase as the key. The same key is used by the sender to encrypt and the receiver to decrypt. Sender and receiver initially need to have a secure way of passing the key from one to the other. With TLS or SSL this would not be possible.

• Question 564:

  Jeremy is web security consultant for Information Securitas. Jeremy has just been hired to perform contract work for a large state agency in Michigan. Jeremy's first task is to scan all the company's external websites. Jeremy comes upon a login page which appears to allow employees access to sensitive areas on the website. James types in the following statement in the username field:

  SELECT * from Users where username='admin' ?AND password='' AND email like '%@testers.com%'

  What will the SQL statement accomplish?

  A. If the page is susceptible to SQL injection, it will look in the Users table for usernames of admin
  B. This statement will look for users with the name of admin, blank passwords, and email addresses that end in @testers.com
  C. This Select SQL statement will log James in if there are any users with NULL passwords
  D. James will be able to see if there are any default user accounts in the SQL database
  A. If the page is susceptible to SQL injection, it will look in the Users table for usernames of admin

• Question 565:

  How does Traceroute map the route that a packet travels from point A to point B?

  A. It uses a TCP Timestamp packet that will elicit a time exceed in transit message.
  B. It uses a protocol that will be rejected at the gateways on its way to its destination.
  C. It manipulates the value of time to live (TTL) parameter packet to elicit a time exceeded in transit message.
  D. It manipulated flags within packets to force gateways into generating error messages.
  C. It manipulates the value of time to live (TTL) parameter packet to elicit a time exceeded in transit message.

  ---

  Traceroute works by increasing the "time-to-live" value of each successive batch of packets sent. The first three packets have a time-to-live (TTL) value of one (implying that they make a single hop). The next three packets have a TTL value of 2, and so on. When a packet passes through a host, normally the host decrements the TTL value by one, and forwards the packet to the next host. When a packet with a TTL of one reaches a host, the host discards the packet and sends an ICMP time exceeded (type 11) packet to the sender. The traceroute utility uses these returning packets to produce a list of hosts that the packets have traversed en route to the destination.

• Question 566:

  Ethereal works best on ____________.

  A. Switched networks
  B. Linux platforms
  C. Networks using hubs
  D. Windows platforms
  E. LAN's
  C. Networks using hubs

  ---

  Ethereal is used for sniffing traffic. It will return the best results when used on an unswitched (i.e. hub. network.

• Question 567:

  Which type of hacker represents the highest risk to your network?

  A. script kiddies
  B. grey hat hackers
  C. black hat hackers
  D. disgruntled employees
  D. disgruntled employees

  ---

  The disgruntled users have some permission on your database, versus a hacker who might not get into the database. Global Crossings is a good example of how a disgruntled employee -- who took the internal payroll database home on a hard drive -- caused big problems for the telecommunications company. The employee posted the names, Social Security numbers and birthdates of company employees on his Web site. He may have been one of the factors that helped put them out of business.

• Question 568:

  When working with Windows systems, what is the RID of the true administrator account?

  A. 500
  B. 501
  C. 1000
  D. 1001
  E. 1024
  F. 512
  A. 500

  ---

  Because of the way in which Windows functions, the true administrator account always has a RID of 500.

• Question 569:

  Attackers can potentially intercept and modify unsigned SMB packets, modify the traffic and forward it so that the server might perform undesirable actions. Alternatively, the attacker could pose as the server or client after a legitimate authentication and gain unauthorized access to data. Which of the following is NOT a means that can be used to minimize or protect against such an attack?

  A. Timestamps
  B. SMB Signing
  C. File permissions
  D. Sequence numbers monitoring
  A. Timestamps
  B. SMB Signing
  D. Sequence numbers monitoring

• Question 570:

  Exhibit:

  Based on the following extract from the log of a compromised machine, what is the hacker really trying to steal?

  A. har.txt
  B. SAM file
  C. wwwroot
  D. Repair file
  B. SAM file

  ---

  He is actually trying to get the file har.txt but this file contains a copy of the SAM file.