EC-COUNCIL 312-50V12 Online Practice Questions and Exam Preparation

EC-COUNCIL 312-50V12 Online Questions & Answers

• Question 111:

  Morris, a professional hacker, performed a vulnerability scan on a target organization by sniffing the traffic on the network lo identify the active systems, network services, applications, and vulnerabilities. He also obtained the list of the users who are currently accessing the network. What is the type of vulnerability assessment that Morris performed on the target organization?

  A. internal assessment
  B. Passive assessment
  C. External assessment
  D. Credentialed assessment
  B. Passive assessment

  ---

  Explanation/Reference:

  Passive Assessment Passive assessments sniff the traffic present on the network to identify the active systems, network services, applications, and vulnerabilities. Passive assessments also provide a list of the users who are currently accessing the network.

• Question 112:

  An attacker runs netcat tool to transfer a secret file between two hosts.

  

  He is worried about information being sniffed on the network.

  How would the attacker use netcat to encrypt the information before transmitting onto the wire?

  A. Machine A: netcat -l -p -s password 1234 < testfileMachine B: netcat
  B. Machine A: netcat -l -e magickey -p 1234 < testfileMachine B: netcat
  C. Machine A: netcat -l -p 1234 < testfile -pw passwordMachine B: netcat 1234 -pw password
  D. Use cryptcat instead of netcat
  D. Use cryptcat instead of netcat

• Question 113:

  What is a "Collision attack" in cryptography?

  A. Collision attacks try to get the public key
  B. Collision attacks try to break the hash into three parts to get the plaintext value
  C. Collision attacks try to break the hash into two parts, with the same bytes in each part to get the private key
  D. Collision attacks try to find two inputs producing the same hash
  D. Collision attacks try to find two inputs producing the same hash

• Question 114:

  An organization has automated the operation of critical infrastructure from a remote location. For this purpose, all the industrial control systems are connected to the Internet. To empower the manufacturing process, ensure the reliability of industrial networks, and reduce downtime and service disruption, the organization deckled to install an OT security tool that further protects against security incidents such as cyber espionage, zero-day attacks, and malware. Which of the following tools must the organization employ to protect its critical infrastructure?

  A. Robotium
  B. BalenaCloud
  C. Flowmon
  D. IntentFuzzer
  B. BalenaCloud

  ---

  Explanation/Reference:

  Source: https://www.flowmon.com Flowmon empowers manufacturers and utility companies to ensure the reliability of their industrial networks confidently to avoid downtime and disruption of service continuity. This can be achieved by continuous monitoring and anomaly detection so that malfunctioning devices or security incidents, such as cyber espionage, zero- days, or malware, can be reported and remedied as quickly as possible.

• Question 115:

  Joel, a professional hacker, targeted a company and identified the types of websites frequently visited by its employees. Using this information, he searched for possible loopholes in these websites and injected a malicious script that can redirect users from the web page and download malware onto a victim's machine. Joel waits for the victim to access the infected web application so as to compromise the victim's machine. Which of the following techniques is used by Joel in the above scenario?

  A. DNS rebinding attack
  B. Clickjacking attack
  C. MarioNet attack
  D. Watering hole attack
  B. Clickjacking attack

  ---

  Explanation/Reference:

  https://en.wikipedia.org/wiki/Clickjacking

  Clickjacking is an attack that tricks a user into clicking a webpage element which is invisible or disguised as another element. This can cause users to unwittingly download malware, visit malicious web pages, provide credentials or sensitive

  information, transfer money, or purchase products online.

  Typically, clickjacking is performed by displaying an invisible page or HTML element, inside an iframe, on top of the page the user sees. The user believes they are clicking the visible page but in fact they are clicking an invisible element in the

  additional page transposed on top of it.

• Question 116:

  Ralph, a professional hacker, targeted Jane, who had recently bought new systems for her company. After a few days, Ralph contacted Jane while masquerading as a legitimate customer support executive, informing that her systems need to be serviced for proper functioning and that customer support will send a computer technician. Jane promptly replied positively. Ralph entered Jane's company using this opportunity and gathered sensitive information by scanning terminals for passwords, searching for important documents in desks, and rummaging bins. What is the type of attack technique Ralph used on Jane?

  A. Dumpster diving
  B. Eavesdropping
  C. Shoulder surfing
  D. impersonation
  D. impersonation

• Question 117:

  Jane invites her friends Alice and John over for a LAN party. Alice and John access Jane's wireless network without a password. However, Jane has a long, complex password on her router. What attack has likely occurred?

  A. Wireless sniffing
  B. Piggybacking
  C. Evil twin
  D. Wardriving
  C. Evil twin

  ---

  Explanation/Reference:

  An evil twin may be a fraudulent Wi-Fi access point that appears to be legitimate but is about up to pay attention to wireless communications.[1] The evil twin is that the wireless LAN equivalent of the phishing scam.This type of attack could also be wont to steal the passwords of unsuspecting users, either by monitoring their connections or by phishing, which involves fixing a fraudulent internet site and luring people there.The attacker snoops on Internet traffic employing a bogus wireless access point. Unwitting web users could also be invited to log into the attacker's server, prompting them to enter sensitive information like usernames and passwords. Often, users are unaware they need been duped until well after the incident has occurred.When users log into unsecured (non- HTTPS) bank or e-mail accounts, the attacker intercepts the transaction, since it's sent through their equipment. The attacker is additionally ready to hook up with other networks related to the users' credentials.Fake access points are found out by configuring a wireless card to act as an access point (known as HostAP). they're hard to trace since they will be shut off instantly. The counterfeit access point could also be given an equivalent SSID and BSSID as a close-by Wi-Fi network. The evil twin are often configured to pass Internet traffic through to the legitimate access point while monitoring the victim's connection, or it can simply say the system is temporarily unavailable after obtaining a username and password.

• Question 118:

  The company ABC recently contracts a new accountant. The accountant will be working with the financial statements. These financial statements need to be approved by the CFO before being sent to the accountant. The CFO is concerned and wants to ensure that the information sent to the accountant is not modified after his approval. Which of the following options can be useful to ensure the integrity of the data?

  A. The CFO can use a hash algorithm in the document once he approved the financial statements.
  B. The CFO can use an excel file with a password.
  C. The financial statements can be sent twice, one by email and the other delivered in USB and the accountant can compare both to be sure is the same document.
  D. The document can be sent to the accountant using an exclusive USB for that document.
  A. The CFO can use a hash algorithm in the document once he approved the financial statements.

• Question 119:

  Hackers often raise the trust level of a phishing message by modeling the email to look similar to the internal email used by the target company. This includes using logos, formatting, and names of the target company. The phishing message will often use the name of the company CEO, President, or Managers. The time a hacker spends performing research to locate this information about a company is known as?

  A. Exploration
  B. Investigation
  C. Reconnaissance
  D. Enumeration
  C. Reconnaissance

• Question 120:

  Which service in a PKI will vouch for the identity of an individual or company?

  A. KDC
  B. CR
  C. CBC
  D. CA
  D. CA