EC-COUNCIL EC-COUNCIL Certifications 312-50V7 Questions & Answers

• Question 341:

  The network administrator at Spears Technology, Inc has configured the default gateway Cisco router's access-list as below:

  You are hired to conduct security testing on their network. You successfully brute-force the SNMP community string using a SNMP crack tool. The access-list

  configured at the router prevents you from establishing a successful connection. You want to retrieve the Cisco configuration from the router.

  How would you proceed?

  A. Use the Cisco's TFTP default password to connect and download the configuration file

  B. Run a network sniffer and capture the returned traffic with the configuration file from the router

  C. Run Generic Routing Encapsulation (GRE) tunneling protocol from your computer to the router masking your IP address

  D. Send a customized SNMP set request with a spoofed source IP address in the range - 192.168.1.0

  Correct Answer: BD

• Question 342:

  You are programming a buffer overflow exploit and you want to create a NOP sled of 200 bytes in the program exploit.c

  

  What is the hexadecimal value of NOP instruction?

  A. 0x60

  B. 0x80

  C. 0x70

  D. 0x90

  Correct Answer: D

• Question 343:

  This TCP flag instructs the sending system to transmit all buffered data immediately.

  A. SYN

  B. RST

  C. PSH

  D. URG

  E. FIN

  Correct Answer: C

• Question 344:

  Nathan is testing some of his network devices. Nathan is using Macof to try and flood the ARP cache of these switches. If these switches' ARP cache is successfully flooded, what will be the result?

  A. The switches will drop into hub mode if the ARP cache is successfully flooded.

  B. If the ARP cache is flooded, the switches will drop into pix mode making it less susceptible to attacks.

  C. Depending on the switch manufacturer, the device will either delete every entry in its ARP cache or reroute packets to the nearest switch.

  D. The switches will route all traffic to the broadcast address created collisions.

  Correct Answer: A

• Question 345:

  ViruXine.W32 virus hides their presence by changing the underlying executable code. This Virus code mutates while keeping the original algorithm intact, the code changes itself each time it runs, but the function of the code (its semantics) will not change at all.

  

  Here is a section of the Virus code:

  

  What is this technique called?

  A. Polymorphic Virus

  B. Metamorphic Virus

  C. Dravidic Virus

  D. Stealth Virus

  Correct Answer: A

• Question 346:

  "Testing the network using the same methodologies and tools employed by attackers" Identify the correct terminology that defines the above statement.

  A. Vulnerability Scanning

  B. Penetration Testing

  C. Security Policy Implementation

  D. Designing Network Security

  Correct Answer: B

• Question 347:

  Bob is going to perform an active session hijack against Brownies Inc. He has found a target that allows session oriented connections (Telnet) and performs the

  sequence prediction on the target operating system. He manages to find an active session due to the high level of traffic on the network.

  What is Bob supposed to do next?

  A. Take over the session

  B. Reverse sequence prediction

  C. Guess the sequence numbers

  D. Take one of the parties offline

  Correct Answer: C

• Question 348:

  In this attack, a victim receives an e-mail claiming from PayPal stating that their account has been disabled and confirmation is required before activation. The attackers then scam to collect not one but two credit card numbers, ATM PIN number and other personal details. Ignorant users usually fall prey to this scam. Which of the following statement is incorrect related to this attack?

  A. Do not reply to email messages or popup ads asking for personal or financial information

  B. Do not trust telephone numbers in e-mails or popup ads

  C. Review credit card and bank account statements regularly

  D. Antivirus, anti-spyware, and firewall software can very easily detect these type of attacks

  E. Do not send credit card numbers, and personal or financial information via e-mail

  Correct Answer: D

• Question 349:

  Neil is closely monitoring his firewall rules and logs on a regular basis. Some of the users have complained to Neil that there are a few employees who are visiting offensive web site during work hours, without any consideration for others. Neil knows that he has an up-to-date content filtering system and such access should not be authorized. What type of technique might be used by these offenders to access the Internet without restriction?

  A. They are using UDP that is always authorized at the firewall

  B. They are using HTTP tunneling software that allows them to communicate with protocols in a way it was not intended

  C. They have been able to compromise the firewall, modify the rules, and give themselves proper access

  D. They are using an older version of Internet Explorer that allow them to bypass the proxy server

  Correct Answer: B

• Question 350:

  This is an example of whois record.

  

  Sometimes a company shares a little too much information on their organization through public domain records. Based on the above whois record, what can an attacker do? (Select 2 answers)

  A. Search engines like Google, Bing will expose information listed on the WHOIS record

  B. An attacker can attempt phishing and social engineering on targeted individuals using the information from WHOIS record

  C. Spammers can send unsolicited e-mails to addresses listed in the WHOIS record

  D. IRS Agents will use this information to track individuals using the WHOIS record information

  Correct Answer: BC