[Free] 2018(Jan) EnsurePass Dumpsleader ECCouncil 312-50 Dumps with VCE and PDF 131-140

Ensurepass.com : Ensure you pass the IT Exams
2018 Jan ECCouncil Official New Released 312-50
100% Free Download! 100% Pass Guaranteed!

Ethical Hacking and Countermeasures

Question No: 131 – (Topic 4)

A network admin contacts you. He is concerned that ARP spoofing or poisoning might occur on his network. What are some things he can do to prevent it?

Select the best answers.

  1. Use port security on his switches.

  2. Use a tool like ARPwatch to monitor for strange ARP activity.

  3. Use a firewall between all LAN segments.

  4. If you have a small network, use static ARP entries.

  5. Use only static IP addresses on all PC#39;s.

Answer: A,B,D Explanation: Explanations:

By using port security on his switches, the switches will only allow the first MAC address that is connected to the switch to use that port, thus preventing ARP spoofing. ARPWatch is a tool that monitors for strange ARP activity. This may help identify ARP spoofing when it happens. Using firewalls between all LAN segments is possible and may help, but is usually pretty unrealistic. On a very small network, static ARP entries are a possibility.

However, on a large network, this is not an realistic option. ARP spoofing doesn#39;t have anything to do with static or dynamic IP addresses. Thus, this option won#39;t help you.

Question No: 132 – (Topic 4)

Let#39;s imagine three companies (A, B and C), all competing in a challenging global environment. Company A and B are working together in developing a product that will generate a major competitive advantage for them. Company A has a secure DNS server while company B has a DNS server vulnerable to spoofing. With a spoofing attack on the DNS server of company B, company C gains access to outgoing e- mails from company B. How do you prevent DNS spoofing? (Select the Best Answer.)

  1. Install DNS logger and track vulnerable packets

  2. Disable DNS timeouts

  3. Install DNS Anti-spoofing

  4. Disable DNS Zone Transfer

Answer: C

Explanation: Explantion: Implement DNS Anit-Spoofing measures to prevent DNS Cache Pollution to occur.

Question No: 133 – (Topic 4)

John is a keen administrator, and has followed all of the best practices as he could find on securing his Windows Server. He has renamed the Administrator account to a new name that he is sure cannot be easily guessed. However, there are people who already attempt to compromise his newly renamed administrator account.

How is it possible for a remote attacker to decipher the name of the administrator account if it has been renamed?

  1. The attacker used the user2sid program.

  2. The attacker used the sid2user program.

  3. The attacker used nmap with the -V switch.

  4. The attacker guessed the new name.

Answer: B

Explanation: User2sid.exe can retrieve a SID from the SAM (Security Accounts Manager) from the local or a remote machine Sid2user.exe can then be used to retrieve the names of all the user accounts and more. These utilities do not exploit a bug but call the functions LookupAccountName and LookupAccountSid respectively. What is more these can be called against a remote machine without providing logon credentials save those needed for a null session connection.

Question No: 134 – (Topic 4)

Peter, a Network Administrator, has come to you looking for advice on a tool that would help him perform SNMP enquires over the network. Which of these tools would do the SNMP enumeration he is looking for?

Select the best answers.

  1. SNMPUtil

  2. SNScan

  3. SNMPScan

  4. Solarwinds IP Network Browser

  5. NMap

Answer: A,B,D Explanation: Explanations:

SNMPUtil is a SNMP enumeration utility that is a part of the Windows 2000 resource kit. With SNMPUtil, you can retrieve all sort of valuable information through SNMP. SNScan is a SNMP network scanner by Foundstone. It does SNMP scanning to find open SNMP ports. Solarwinds IP Network Browser is a SNMP

enumeration tool with a graphical tree-view of the remote machine#39;s SNMP data.

Question No: 135 – (Topic 4)

MX record priority increases as the number increases.(True/False.

  1. True

  2. False

Answer: B

Explanation: The highest priority MX record has the lowest number.

Question No: 136 DRAG DROP – (Topic 4)

Drag the application to match with its correct description.


Ensurepass 2018 PDF and VCE


Ensurepass 2018 PDF and VCE

Question No: 137 – (Topic 4)

You have the SOA presented below in your Zone. Your secondary servers have not been able to contact your primary server to synchronize information. How long will the secondary servers attempt to contact the primary server before it considers that zone is dead and stops responding to queries?

collegae.edu.SOA,cikkye.edu ipad.college.edu. (200302028 3600 3600 604800 3600)

  1. One day

  2. One hour

  3. One week

  4. One month

Answer: C

Explanation: The numbers represents the following values: 200302028; se = serial number

3600; ref = refresh = 1h 3600; ret = update retry = 1h 604800; ex = expiry = 1w

3600; min = minimum TTL = 1h

Question No: 138 – (Topic 4)

Eric has discovered a fantastic package of tools named Dsniff on the Internet. He has learnt to use these tools in his lab and is now ready for real world exploitation. He was able to effectively intercept communications between the two entities and establish credentials with both sides of the connections. The two remote ends of the communication never notice that Eric is relaying the information between the two.

What would you call this attack?

  1. Interceptor

  2. Man-in-the-middle

  3. ARP Proxy

  4. Poisoning Attack

Answer: B

Explanation: A man-in-the-middle attack (MITM) is an attack in which an attacker is able to read, insert and modify at will, messages between two parties without either party knowing that the link between them has been compromised.

Question No: 139 – (Topic 4)

What ports should be blocked on the firewall to prevent NetBIOS traffic from not coming through the firewall if your network is comprised of Windows NT, 2000, and XP?(Choose all that apply.

A. 110

B. 135

C. 139

D. 161

E. 445

F. 1024

Answer: B,C,E

Explanation: NetBIOS traffic can quickly be used to enumerate and attack Windows computers. Ports 135, 139, and 445 should be blocked.

Question No: 140 – (Topic 4)

Eve is spending her day scanning the library computers. She notices that Alice is using a computer whose port 445 is active and listening. Eve uses the ENUM tool to enumerate Alice machine. From the command prompt, she types the following command.

For /f quot;tokens=1 %%a in (hackfile.txt) do net use * \\\c$ /user:quot;Administratorquot;


What is Eve trying to do?

  1. Eve is trying to connect as an user with Administrator privileges

  2. Eve is trying to enumerate all users with Administrative privileges

  3. Eve is trying to carry out a password crack for user Administrator

  4. Eve is trying to escalate privilege of the null user to that of Administrator

Answer: C

Explanation: Eve tries to get a successful login using the username Administrator and passwords from the file hackfile.txt.

100% Ensurepass Free Download!
Download Free Demo:312-50 Demo PDF
100% Ensurepass Free Guaranteed!
312-50 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.