EC-COUNCIL 312-50V11 Online Practice Questions and Exam Preparation

EC-COUNCIL 312-50V11 Online Questions & Answers

• Question 221:

  Peter is surfing the internet looking for information about DX Company. Which hacking process is Peter doing?

  A. Scanning
  B. Footprinting
  C. Enumeration
  D. System Hacking
  B. Footprinting

• Question 222:

  Which among the following is the best example of the third step (delivery) in the cyber kill chain?

  A. An intruder sends a malicious attachment via email to a target.
  B. An intruder creates malware to be used as a malicious attachment to an email.
  C. An intruder's malware is triggered when a target opens a malicious email attachment.
  D. An intruder's malware is installed on a target's machine.
  A. An intruder sends a malicious attachment via email to a target.

• Question 223:

  Wilson, a professional hacker, targets an organization for financial benefit and plans to compromise its systems by sending malicious emails. For this purpose, he uses a tool to track the emails of the target and extracts information such as sender identities, mall servers, sender IP addresses, and sender locations from different public sources. He also checks if an email address was leaked using the haveibeenpwned.com API. Which of the following tools is used by Wilson in the above scenario?

  A. Factiva
  B. Netcraft
  C. infoga
  D. Zoominfo
  C. infoga

• Question 224:

  Miley, a professional hacker, decided to attack a target organization's network. To perform the attack, she used a tool to send fake ARP messages over the target network to link her MAC address with the target system's IP address. By performing this, Miley received messages directed to the victim's MAC address and further used the tool to intercept, steal, modify, and block sensitive communication to the target system. What is the tool employed by Miley to perform the above attack?

  A. Gobbler
  B. KDerpNSpoof
  C. BetterCAP
  D. Wireshark
  C. BetterCAP

• Question 225:

  To invisibly maintain access to a machine, an attacker utilizes a toolkit that sits undetected In the core components of the operating system. What is this type of rootkit an example of?

  A. Mypervisor rootkit
  B. Kernel toolkit
  C. Hardware rootkit
  D. Firmware rootkit
  B. Kernel toolkit

• Question 226:

  #!/usr/bin/python import socket buffer=[""A""] counter=50 while len(buffer)<=100: buffer.append (""A""*counter)

  counter=counter+50 commands= [""HELP"",""STATS ."",""RTIME ."",""LTIME. "",""SRUN ."',""TRUN ."",""GMON."",""GDOG ."",""KSTET .",""GTER ."",""HTER ."", ""LTER .",""KSTAN .""] for command in commands: for buffstring in buffer: print

  ""Exploiting"" +command +"":""+str(len(buffstring)) s=socket.socket(socket.AF_INET, socket.SOCK_STREAM) s.connect((`127.0.0.1', 9999)) s.recv(50) send(command+buffstring) s.close()

  What is the code written for?

  A. Denial-of-service (DOS)
  B. Buffer Overflow
  C. Bruteforce
  D. Encryption
  B. Buffer Overflow

• Question 227:

  The network in ABC company is using the network address 192.168.1.64 with mask 255.255.255.192. In the network the servers are in the addresses 192.168.1.122, 192.168.1.123 and 192.168.1.124. An attacker is trying to find those servers but he cannot see them in his scanning. The command he is using is: nmap 192.168.1.64/28.

  Why he cannot see the servers?

  A. He needs to add the command ""ip address"" just before the IP address
  B. He needs to change the address to 192.168.1.0 with the same mask
  C. He is scanning from 192.168.1.64 to 192.168.1.78 because of the mask /28 and the servers are not in that range
  D. The network must be dawn and the nmap command and IP address are ok
  C. He is scanning from 192.168.1.64 to 192.168.1.78 because of the mask /28 and the servers are not in that range

• Question 228:

  Which protocol is used for setting up secure channels between two devices, typically in VPNs?

  A. PEM
  B. ppp
  C. IPSEC
  D. SET
  C. IPSEC

• Question 229:

  When a normal TCP connection starts, a destination host receives a SYN (synchronize/start) packet from a source host and sends back a SYN/ACK (synchronize acknowledge). The destination host must then hear an ACK (acknowledge) of the SYN/ACK before the connection is established. This is referred to as the "TCP three-way handshake." While waiting for the ACK to the SYN ACK, a connection queue of finite size on the destination host keeps track of connections waiting to be completed. This queue typically empties quickly since the ACK is expected to arrive a few milliseconds after the SYN ACK.

  How would an attacker exploit this design by launching TCP SYN attack?

  A. Attacker generates TCP SYN packets with random destination addresses towards a victim host
  B. Attacker floods TCP SYN packets with random source addresses towards a victim host
  C. Attacker generates TCP ACK packets with random source addresses towards a victim host
  D. Attacker generates TCP RST packets with random source addresses towards a victim host
  B. Attacker floods TCP SYN packets with random source addresses towards a victim host

• Question 230:

  jane, an ethical hacker. Is testing a target organization's web server and website to identity security loopholes. In this process, she copied the entire website and its content on a local drive to view the complete profile of the site's directory structure, file structure, external links, images, web pages, and so on. This information helps jane map the website's directories and gain valuable information. What is the attack technique employed by Jane in the above scenario?

  A. website mirroring
  B. Session hijacking
  C. Web cache poisoning
  D. Website defacement
  A. website mirroring