EC-COUNCIL EC-COUNCIL Certifications 312-50V12 Questions & Answers

• Question 311:

  You are the Network Admin, and you get a complaint that some of the websites are no longer accessible. You try to ping the servers and find them to be reachable. Then you type the IP address and then you try on the browser, and find it to be accessible. But they are not accessible when you try using the URL. What may be the problem?

  A. Traffic is Blocked on UDP Port 53

  B. Traffic is Blocked on TCP Port 80

  C. Traffic is Blocked on TCP Port 54

  D. Traffic is Blocked on UDP Port 80

  Correct Answer: A

  Most likely have an issue with DNS. DNS stands for "Domain Name System." It's a system that lets you connect to websites by matching human-readable domain names (like example.com) with the server's unique ID where a website is stored. Think of the DNS system as the internet's phonebook. It lists domain names with their corresponding identifiers called IP addresses, instead of listing people's names with their phone numbers. When a user enters a domain name like wpbeginner.com on their device, it looks up the IP address and connects them to the physical location where that website is stored. NOTE: Often DNS lookup information will be cached locally inside the querying computer or remotely in the DNS infrastructure. There are typically 8 steps in a DNS lookup. When DNS information is cached, steps are skipped from the DNS lookup process, making it quicker. The example below outlines all 8 steps when nothing is cached.

  The 8 steps in a DNS lookup:

  1.

  A user types `example.com' into a web browser, and the query travels into the Internet and is received by a DNS recursive resolver;

  2.

  The resolver then queries a DNS root nameserver;

  3.

  The root server then responds to the resolver with the address of a Top-Level Domain (TLD) DNS server (such as .com or .net), which stores the information for its domains. When searching for example.com, our request is pointed toward

  the .com TLD;

  4.

  The resolver then requests the .com TLD;

  5.

  The TLD server then responds with the IP address of the domain's nameserver, example.com;

  6.

  Lastly, the recursive resolver sends a query to the domain's nameserver;

  7.

  The IP address for example.com is then returned to the resolver from the nameserver;

  8.

  The DNS resolver then responds to the web browser with the IP address of the domain requested initially;

  Once the 8 steps of the DNS lookup have returned the IP address for example.com, the browser can request the web page:

  9.

  The browser makes an HTTP request to the IP address;

  10.

  The server at that IP returns the webpage to be rendered in the browser. NOTE 2: DNS primarily uses the User Datagram Protocol (UDP) on port number 53 to serve requests. And if this port is blocked, then a problem arises already in

  the first step.

  But the ninth step is performed without problems.

• Question 312:

  Jack, a professional hacker, targets an organization and performs vulnerability scanning on the target web server to identify any possible weaknesses, vulnerabilities, and misconfigurations. In this process, Jack uses an automated tool that eases his work and performs vulnerability scanning to find hosts, services, and other vulnerabilities in the target server. Which of the following tools is used by Jack to perform vulnerability scanning?

  A. Infoga

  B. WebCopier Pro

  C. Netsparker

  D. NCollector Studio

  Correct Answer: C

• Question 313:

  "........is an attack type for a rogue Wi-Fi access point that appears to be a legitimate one offered on the premises, but actually has been set up to eavesdrop on wireless communications. It is the wireless version of the phishing scam. An

  attacker fools wireless users into connecting a laptop or mobile phone to a tainted hot-spot by posing as a legitimate provider. This type of attack may be used to steal the passwords of unsuspecting users by either snooping the

  communication link or by phishing, which involves setting up a fraudulent web site and luring people there."

  Fill in the blank with appropriate choice.

  A. Evil Twin Attack

  B. Sinkhole Attack

  C. Collision Attack

  D. Signal Jamming Attack

  Correct Answer: A

  https://en.wikipedia.org/wiki/Evil_twin_(wireless_networks) An evil twin attack is a hack attack in which a hacker sets up a fake Wi-Fi network that looks like a legitimate access point to steal victims' sensitive details. Most often, the victims of such attacks are ordinary people like you and me. The attack can be performed as a man-in-the-middle (MITM) attack. The fake Wi-Fi access point is used to eavesdrop on users and steal their login credentials or other sensitive information. Because the hacker owns the equipment being used, the victim will have no idea that the hacker might be intercepting things like bank transactions. An evil twin access point can also be used in a phishing scam. In this type of attack, victims will connect to the evil twin and will be lured to a phishing site. It will prompt them to enter their sensitive data, such as their login details. These, of course, will be sent straight to the hacker. Once the hacker gets them, they might simply disconnect the victim and show that the server is temporarily unavailable. ADDITION: It may not seem obvious what happened. The problem is in the question statement. The attackers were not Alice and John, who were able to connect to the network without a password, but on the contrary, they were attacked and forced to connect to a fake network, and not to the real network belonging to Jane.

• Question 314:

  How is the public key distributed in an orderly, controlled fashion so that the users can be sure of the sender's identity?

  A. Hash value

  B. Private key

  C. Digital signature

  D. Digital certificate

  Correct Answer: D

• Question 315:

  Shiela is an information security analyst working at HiTech Security Solutions. She is performing service version discovery using Nmap to obtain information about the running services and their versions on a target system. Which of the following Nmap options must she use to perform service version discovery on the target host?

  A. -SN

  B. -SX

  C. -sV

  D. -SF

  Correct Answer: C

• Question 316:

  These hackers have limited or no training and know how to use only basic techniques or tools. What kind of hackers are we talking about?

  A. Black-Hat Hackers A

  B. Script Kiddies

  C. White-Hat Hackers

  D. Gray-Hat Hacker

  Correct Answer: B

  Script Kiddies: These hackers have limited or no training and know how to use only basictechniques or tools. Even then they may not understand any or all of what they are doing.

• Question 317:

  A security analyst uses Zenmap to perform an ICMP timestamp ping scan to acquire information related to the current time from the target host machine. Which of the following Zenmap options must the analyst use to perform the ICMP timestamp ping scan?

  A. -PY

  B. -PU

  C. -PP

  D. -Pn

  Correct Answer: C

• Question 318:

  Which of the following LM hashes represent a password of less than 8 characters? (Choose two.)

  A. BA810DBA98995F1817306D272A9441BB

  B. 44EFCE164AB921CQAAD3B435B51404EE

  C. 0182BD0BD4444BF836077A718CCDF409

  D. CEC52EB9C8E3455DC2265B23734E0DAC

  E. B757BF5C0D87772FAAD3B435B51404EE

  F. E52CAC67419A9A224A3B108F3FA6CB6D

  Correct Answer: BE

• Question 319:

  A friend of yours tells you that he downloaded and executed a file that was sent to him by a coworker. Since the file did nothing when executed, he asks you for help because he suspects that he may have installed a trojan on his computer. What tests would you perform to determine whether his computer Is Infected?

  A. Use ExifTool and check for malicious content.

  B. You do not check; rather, you immediately restore a previous snapshot of the operating system.

  C. Upload the file to VirusTotal.

  D. Use netstat and check for outgoing connections to strange IP addresses or domains.

  Correct Answer: D

• Question 320:

  Matthew, a black hat, has managed to open a meterpreter session to one of the kiosk machines in Evil Corp's lobby. He checks his current SID, which is S-1-5-21-1223352397- 1872883824-861252104-501. What needs to happen before Matthew has full administrator access?

  A. He must perform privilege escalation.

  B. He needs to disable antivirus protection.

  C. He needs to gain physical access.

  D. He already has admin privileges, as shown by the "501" at the end of the SID.

  Correct Answer: A