EC-COUNCIL 312-50V12 Online Practice Questions and Exam Preparation

EC-COUNCIL 312-50V12 Online Questions & Answers

• Question 181:

  George, an employee of an organization, is attempting to access restricted websites from an official computer. For this purpose, he used an anonymizer that masked his real IP address and ensured complete and continuous anonymity for all

  his online activities.

  Which of the following anonymizers helps George hide his activities?

  A. https://www.baidu.com
  B. https://www.guardster.com
  C. https://www.wolframalpha.com
  D. https://karmadecay.com
  B. https://www.guardster.com

• Question 182:

  Attacker Simon targeted the communication network of an organization and disabled the security controls of NetNTLMvl by modifying the values of LMCompatibilityLevel, NTLMMinClientSec, and RestrictSendingNTLMTraffic. He then extracted all the non- network logon tokens from all the active processes to masquerade as a legitimate user to launch further attacks. What is the type of attack performed by Simon?

  A. Internal monologue attack
  B. Combinator attack
  C. Rainbow table attack
  D. Dictionary attack
  A. Internal monologue attack

• Question 183:

  Harry, a professional hacker, targets the IT infrastructure of an organization. After preparing for the attack, he attempts to enter the target network using techniques such as sending spear-phishing emails and exploiting vulnerabilities on publicly available servers. Using these techniques, he successfully deployed malware on the target system to establish an outbound connection. What is the APT lifecycle phase that Harry is currently executing?

  A. Preparation
  B. Cleanup
  C. Persistence
  D. initial intrusion
  D. initial intrusion

  ---

  Explanation/Reference:

  After the attacker completes preparations, subsequent step is an effort to realize an edge within the target's environment. a particularly common entry tactic is that the use of spearphishing emails containing an internet link or attachment. Email links usually cause sites where the target's browser and related software are subjected to varied exploit techniques or where the APT actors plan to social engineer information from the victim which will be used later. If a successful exploit takes place, it installs an initial malware payload on the victim's computer. Figure 2 illustrates an example of a spearphishing email that contains an attachment. Attachments are usually executable malware, a zipper or other archive containing malware, or a malicious Office or Adobe PDF (Portable Document Format) document that exploits vulnerabilities within the victim's applications to ultimately execute malware on the victim's computer. Once the user has opened a malicious file using vulnerable software, malware is executing on the target system. These phishing emails are often very convincing and difficult to differentiate from legitimate email messages. Tactics to extend their believability include modifying legitimate documents from or associated with the organization. Documents are sometimes stolen from the organization or their collaborators during previous exploitation operations. Actors modify the documents by adding exploits and malicious code then send them to the victims. Phishing emails are commonly sent through previously compromised email servers, email accounts at organizations associated with the target or public email services. Emails also can be sent through mail relays with modified email headers to form the messages appear to possess originated from legitimate sources. Exploitation of vulnerabilities on public- facing servers is another favorite technique of some APT groups. Though this will be accomplished using exploits for known vulnerabilities, 0-days are often developed or purchased to be used in intrusions as required .

  

  Gaining an edge within the target environment is that the primary goal of the initial intrusion. Once a system is exploited, the attacker usually places malware on the compromised system and uses it as a jump point or proxy for further actions. Malware placed during the initial intrusion phase is usually an easy downloader, basic Remote Access Trojan or an easy shell. Figure 3 illustrates a newly infected system initiating an outbound connection to notify the APT actor that the initial intrusion attempt was successful which it's able to accept commands.

• Question 184:

  What is the following command used for? net use \targetipc$ "" /u:""

  A. Grabbing the etc/passwd file
  B. Grabbing the SAM
  C. Connecting to a Linux computer through Samba.
  D. This command is used to connect as a null session
  E. Enumeration of Cisco routers
  D. This command is used to connect as a null session

• Question 185:

  You need to deploy a new web-based software package for your organization. The package requires three separate servers and needs to be available on the Internet. What is the recommended architecture in terms of server placement?

  A. All three servers need to be placed internally
  B. A web server facing the Internet, an application server on the internal network, a database server on the internal network
  C. A web server and the database server facing the Internet, an application server on the internal network
  D. All three servers need to face the Internet so that they can communicate between themselves
  B. A web server facing the Internet, an application server on the internal network, a database server on the internal network

• Question 186:

  Which of the following is a passive wireless packet analyzer that works on Linux-based systems?

  A. Burp Suite
  B. OpenVAS
  C. tshark
  D. Kismet
  C. tshark

• Question 187:

  Which of the following tools is used to detect wireless LANs using the 802.11a/b/g/n WLAN standards on a linux platform?

  A. Kismet
  B. Abel
  C. Netstumbler
  D. Nessus
  A. Kismet

  ---

  Explanation/Reference:

  https://en.wikipedia.org/wiki/Kismet_(software)

  Kismet is a network detector, packet sniffer, and intrusion detection system for 802.11 wireless LANs. Kismet will work with any wireless card which supports raw monitoring mode, and can sniff 802.11a, 802.11b, 802.11g, and 802.11n traffic.

• Question 188:

  When you are testing a web application, it is very useful to employ a proxy tool to save every request and response. You can manually test every request and analyze the response to find vulnerabilities. You can test parameter and headers

  manually to get more precise results than if using web vulnerability scanners.

  What proxy tool will help you find web vulnerabilities?

  A. Maskgen
  B. Dimitry
  C. Burpsuite
  D. Proxychains
  C. Burpsuite

• Question 189:

  An attacker scans a host with the below command. Which three flags are set?

  # nmap -sX host.domain.com

  A. This is SYN scan. SYN flag is set.
  B. This is Xmas scan. URG, PUSH and FIN are set.
  C. This is ACK scan. ACK flag is set.
  D. This is Xmas scan. SYN and ACK flags are set.
  B. This is Xmas scan. URG, PUSH and FIN are set.

• Question 190:

  John, a security analyst working for an organization, found a critical vulnerability on the organization's LAN that allows him to view financial and personal information about the rest of the employees. Before reporting the vulnerability, he examines the information shown by the vulnerability for two days without disclosing any information to third parties or other internal employees. He does so out of curiosity about the other employees and may take advantage of this information later. What would John be considered as?

  A. Cybercriminal
  B. Black hat
  C. White hat
  D. Gray hat
  D. Gray hat