EC-COUNCIL EC-COUNCIL Certifications 312-50V12 Questions & Answers

• Question 251:

  A penetration tester is performing the footprinting process and is reviewing publicly available information about an organization by using the Google search engine. Which of the following advanced operators would allow the pen tester to restrict the search to the organization's web domain?

  A. [allinurl:]

  B. [location:]

  C. [site:]

  D. [link:]

  Correct Answer: C

  Google hacking or Google dorking https://en.wikipedia.org/wiki/Google_hacking It is a hacker technique that uses Google Search and other Google applications to find security holes in the configuration and computer code that websites are using. Google dorking could also be used for OSINT.

  Search syntax https://en.wikipedia.org/wiki/Google_Search Google's search engine has its own built-in query language. The following list of queries can be run to find a list of files, find information about your competition, track people, get information about SEO backlinks, build email lists, and of course, discover web vulnerabilities.

  -[site:] - Search within a specific website

• Question 252:

  A large company intends to use Blackberry for corporate mobile phones and a security analyst is assigned to evaluate the possible threats. The analyst will use the Blackjacking attack method to demonstrate how an attacker could circumvent perimeter defenses and gain access to the Prometric Online Testing ?Reports https://ibt1.prometric.com/users/custom/report_queue/rq_str... corporate network. What tool should the analyst use to perform a Blackjacking attack?

  A. Paros Proxy

  B. BBProxy

  C. Blooover

  D. BBCrack

  Correct Answer: B

• Question 253:

  What kind of detection techniques is being used in antivirus softwares that identifies malware by collecting data from multiple protected systems and instead of analyzing files locally it's made on the premiers environment?

  A. VCloud based

  B. Honypot based

  C. Behaviour based

  D. Heuristics based

  Correct Answer: A

• Question 254:

  Annie, a cloud security engineer, uses the Docker architecture to employ a client/server model in the application she is working on. She utilizes a component that can process API requests and handle various Docker objects, such as containers, volumes. Images, and networks. What is the component of the Docker architecture used by Annie in the above scenario?

  A. Docker client

  B. Docker objects

  C. Docker daemon

  D. Docker registries

  Correct Answer: C

  Docker uses a client-server design. The docker client talks to the docker daemon, that will the work of building, running, and distributing your docker containers. The docker client and daemon will run on the same system, otherwise you will connect a docker consumer to a remote docker daemon. The docker consumer and daemon communicate using a REST API, over OS sockets or a network interface.

  

  The docker daemon (dockerd) listens for docker API requests and manages docker objects like pictures, containers, networks, and volumes. A daemon may communicate with other daemons to manage docker services.

• Question 255:

  A regional bank hires your company to perform a security assessment on their network after a recent data breach. The attacker was able to steal financial data from the bank by compromising only a single server. Based on this information, what should be one of your key recommendations to the bank?

  A. Place a front-end web server in a demilitarized zone that only handles external web traffic

  B. Require all employees to change their anti-virus program with a new one

  C. Move the financial data to another server on the same IP subnet

  D. Issue new certificates to the web servers from the root certificate authority

  Correct Answer: A

• Question 256:

  Which of the following is the best countermeasure to encrypting ransomwares?

  A. Use multiple antivirus softwares

  B. Pay a ransom

  C. Keep some generation of off-line backup

  D. Analyze the ransomware to get decryption key of encrypted data

  Correct Answer: C

• Question 257:

  Tony is a penetration tester tasked with performing a penetration test. After gaining initial access to a target system, he finds a list of hashed passwords. Which of the following tools would not be useful for cracking the hashed passwords?

  A. John the Ripper

  B. Hashcat

  C. netcat

  D. THC-Hydra

  Correct Answer: A

• Question 258:

  This type of injection attack does not show any error message. It is difficult to exploit as it returns information when the application is given SQL payloads that elicit a true or false response from the server. By observing the response, an attacker can extract sensitive information. What type of attack is this?

  A. Time-based SQL injection

  B. Union SQL injection

  C. Error-based SQL injection

  D. Blind SQL injection

  Correct Answer: D

• Question 259:

  A post-breach forensic investigation revealed that a known vulnerability in Apache Struts was to blame for the Equifax data breach that affected 143 million customers. A fix was available from the software vendor for several months prior 10

  the intrusion.

  This Is likely a failure in which of the following security processes?

  A. vendor risk management

  B. Security awareness training

  C. Secure deployment lifecycle

  D. Patch management

  Correct Answer: D

  Patch management is that the method that helps acquire, test and install multiple patches (code changes) on existing applications and software tools on a pc, enabling systems to remain updated on existing patches and determining that

  patches are the suitable ones.

  Managing patches so becomes simple and simple.

  Patch Management is usually done by software system firms as a part of their internal efforts to mend problems with the various versions of software system programs and also to assist analyze existing software system programs and

  discover any potential lack of security features or different upgrades.

  Software patches help fix those problems that exist and are detected solely once the software's initial unharness. Patches mostly concern security while there are some patches that concern the particular practicality of programs as well.

• Question 260:

  Alice needs to send a confidential document to her coworker. Bryan. Their company has public key infrastructure set up. Therefore. Alice both encrypts the message and digitally signs it. Alice uses_______to encrypt the message, and Bryan uses__________to confirm the digital signature.

  A. Bryan's public key; Bryan's public key

  B. Alice's public key; Alice's public key

  C. Bryan's private key; Alice's public key

  D. Bryan's public key; Alice's public key

  Correct Answer: D

  PKI uses public-key cryptography, which is widely used on the Internet to encrypt messages or authenticate message senders. In public-key cryptography, a CA generates public and private keys with the same algorithm simultaneously. The private key is held only by the subject (user,company, or system) mentioned in the certificate, while the public key is made publicly available in a directory that all parties can access. The subject keeps the private key secret and uses it to decrypt the text encrypted by someone else using the corresponding public key (available in a public directory). Thus, others encrypt messages for the user with the user's public key, and the user decrypts it with his/her private key.