EC-COUNCIL 312-50V12 Online Practice Questions and Exam Preparation

EC-COUNCIL 312-50V12 Online Questions & Answers

• Question 291:

  #!/usr/bin/python import socket buffer=[""A""] counter=50 while len(buffer)<=100: buffer.append (""A""*counter)

  counter=counter+50 commands= [""HELP"",""STATS ."",""RTIME ."",""LTIME. "",""SRUN ."',""TRUN ."",""GMON."",""GDOG ."",""KSTET .",""GTER ."",""HTER ."", ""LTER .",""KSTAN .""] for command in commands: for buffstring in buffer: print ""Exploiting"" +command +"":""+str(len(buffstring)) s=socket.socket(socket.AF_INET, socket.SOCK_STREAM) s.connect((`127.0.0.1', 9999)) s.recv(50) send(command+buffstring) s.close()

  What is the code written for?

  A. Denial-of-service (DOS)
  B. Buffer Overflow
  C. Bruteforce
  D. Encryption
  B. Buffer Overflow

• Question 292:

  To hide the file on a Linux system, you have to start the filename with a specific character. What is the character?

  A. Exclamation mark (!)
  B. Underscore (_)
  C. Tilde H
  D. Period (.)
  D. Period (.)

• Question 293:

  David is a security professional working in an organization, and he is implementing a vulnerability management program in the organization to evaluate and control the risks and vulnerabilities in its IT infrastructure. He is currently executing the process of applying fixes on vulnerable systems to reduce the impact and severity of vulnerabilities. Which phase of the vulnerability-management life cycle is David currently in?

  A. verification
  B. Risk assessment
  C. Vulnerability scan
  D. Remediation
  D. Remediation

• Question 294:

  Which of the following incident handling process phases is responsible for defining rules, collaborating human workforce, creating a back-up plan, and testing the plans for an organization?

  A. Preparation phase
  B. Containment phase
  C. Identification phase
  D. Recovery phase
  A. Preparation phase

• Question 295:

  Samuel, a professional hacker, monitored and Intercepted already established traffic between Bob and a host machine to predict Bob's ISN. Using this ISN, Samuel sent spoofed packets with Bob's IP address to the host machine. The host machine responded with <| packet having an Incremented ISN. Consequently, Bob's connection got hung, and Samuel was able to communicate with the host machine on behalf of Bob. What is the type of attack performed by Samuel in the above scenario?

  A. UDP hijacking
  B. Blind hijacking
  C. TCP/IP hacking
  D. Forbidden attack
  C. TCP/IP hacking

  ---

  Explanation/Reference:

  A TCP/IP hijack is an attack that spoofs a server into thinking it's talking with a sound client, once actually it's communication with an assaulter that has condemned (or hijacked) the tcp session. Assume that the client has administrator-level privileges, which the attacker needs to steal that authority so as to form a brand new account with root-level access of the server to be used afterward. A tcp Hijacking is sort of a two-phased man-in- the-middle attack. The man-in-the-middle assaulter lurks within the circuit between a shopper and a server so as to work out what port and sequence numbers are being employed for the conversation. First, the attacker knocks out the client with an attack, like Ping of Death, or ties it up with some reasonably ICMP storm. This renders the client unable to transmit any packets to the server. Then, with the client crashed, the attacker assumes the client's identity so as to talk with the server. By this suggests, the attacker gains administrator-level access to the server. One of the most effective means of preventing a hijack attack is to want a secret, that's a shared secret between the shopper and also the server. looking on the strength of security desired, the key may be used for random exchanges. this is often once a client and server periodically challenge each other, or it will occur with each exchange, like Kerberos.

• Question 296:

  Cross-site request forgery involves:

  A. A request sent by a malicious user from a browser to a server
  B. Modification of a request by a proxy between client and server
  C. A browser making a request to a server without the user's knowledge
  D. A server making a request to another server without the user's knowledge
  C. A browser making a request to a server without the user's knowledge

  ---

  Explanation/Reference:

  https://owasp.org/www-community/attacks/csrf Cross-Site Request Forgery (CSRF) is an attack that forces an end user to execute unwanted actions on a web application in which they're currently authenticated. With a little help of social engineering (such as sending a link via email or chat), an attacker may trick the users of a web application into executing actions of the attacker's choosing. If the victim is a normal user, a successful CSRF attack can force the user to perform state changing requests like transferring funds, changing their email address, and so forth. If the victim is an administrative account, CSRF can compromise the entire web application.

  CSRF is an attack that tricks the victim into submitting a malicious request. It inherits the identity and privileges of the victim to perform an undesired function on the victim's behalf. For most sites, browser requests automatically include any credentials associated with the site, such as the user's session cookie, IP address, Windows domain credentials, and so forth. Therefore, if the user is currently authenticated to the site, the site will have no way to distinguish between the forged request sent by the victim and a legitimate request sent by the victim. CSRF attacks target functionality that causes a state change on the server, such as changing the victim's email address or password, or purchasing something. Forcing the victim to retrieve data doesn't benefit an attacker because the attacker doesn't receive the response, the victim does. As such, CSRF attacks target state-changing requests. It's sometimes possible to store the CSRF attack on the vulnerable site itself. Such vulnerabilities are called "stored CSRF flaws". This can be accomplished by simply storing an IMG or IFRAME tag in a field that accepts HTML, or by a more complex cross-site scripting attack. If the attack can store a CSRF attack in the site, the severity of the attack is amplified. In particular, the likelihood is increased because the victim is more likely to view the page containing the attack than some random page on the Internet. The likelihood is also increased because the victim is sure to be authenticated to the site already.

• Question 297:

  The tools which receive event logs from servers, network equipment, and applications, and perform analysis and correlation on those logs, and can generate alarms for security relevant issues, are known as what?

  A. network Sniffer
  B. Vulnerability Scanner
  C. Intrusion prevention Server
  D. Security incident and event Monitoring
  D. Security incident and event Monitoring

• Question 298:

  Which access control mechanism allows for multiple systems to use a central authentication server (CAS) that permits users to authenticate once and gain access to multiple systems?

  A. Role Based Access Control (RBAC)
  B. Discretionary Access Control (DAC)
  C. Single sign-on
  D. Windows authentication
  C. Single sign-on

• Question 299:

  What is the proper response for a NULL scan if the port is closed?

  A. SYN
  B. ACK
  C. FIN
  D. PSH
  E. RST
  F. No response
  E. RST

• Question 300:

  You are the chief cybersecurity officer at CloudSecure Inc., and your team is responsible for securing a cloudbased application that handles sensitive customer data. To ensure that the data is protected from breaches, you have decided to implement encryption for both data-at-rest and data-in-transit. The development team suggests using SSL/TLS for securing data in transit. However, you want to also implement a mechanism to detect if the data was tampered with during transmission. Which of the following should you propose?

  A. Implement IPsec in addition to SSL/TLS.
  B. Qswitch to using SSH for data transmission.
  C. Use the cloud service provider's built-in encryption services.
  D. Encrypt data using the AES algorithm before transmission.
  A. Implement IPsec in addition to SSL/TLS.

  ---

  Explanation/Reference:

  SSL/TLS is a protocol that provides encryption and authentication for data in transit between a client and a server. However, SSL/TLS does not provide any protection against data tampering, which is the alteration, deletion, or insertion of data without authorization or proper validation. Data tampering can compromise the integrity and accuracy of the data, and potentially lead to breaches or fraud. To detect and prevent data tampering, you should implement IPsec in addition to SSL/TLS. IPsec is a protocol that provides encryption, authentication, and integrity for data in transit at the network layer. IPsec uses cryptographic mechanisms, such as digital signatures and hash-based message authentication codes (HMACs), to verify the identity of the sender and the receiver, and to ensure that the data has not been modified during transmission. IPsec can also provide replay protection, which prevents an attacker from retransmitting old or duplicate packets. By combining SSL/TLS and IPsec, you can achieve a higher level of security and reliability for your cloud-based application. References: EC-Council CEHv12 Courseware Module 18: Cryptography, page 18-20 EC-Council CEHv12 Courseware Module 19: Cloud Computing, page 19-29 A comprehensive guide to data tampering Tamper Detection