[Free] 2018(Jan) EnsurePass Dumpsleader ECCouncil 312-50 Dumps with VCE and PDF 201-210

Ensurepass.com : Ensure you pass the IT Exams
2018 Jan ECCouncil Official New Released 312-50
100% Free Download! 100% Pass Guaranteed!

Ethical Hacking and Countermeasures

Question No: 201 – (Topic 5)

You are a Administrator of Windows server. You want to find the port number for POP3. What file would you find the information in and where?

Select the best answer.

  1. %windir%\\etc\\services

  2. system32\\drivers\\etc\\services

  3. %windir%\\system32\\drivers\\etc\\services

  4. /etc/services

  5. %windir%/system32/drivers/etc/services

Answer: C

Explanation: Explanations: %windir%\\system32\\drivers\\etc\\services is the correct place to look for this information.

Question No: 202 – (Topic 5)

An attacker runs netcat tool to transfer a secret file between two hosts.

Machine A: netcat -l -p 1234 lt; secretfile Machine B: netcat gt; 1234

He is worried about information being sniffed on the network. How would the attacker use netcat to encrypt the information before transmitting onto the wire?

  1. Machine A: netcat -l -p -s password 1234 lt; testfileMachine B: netcat lt;machine A IPgt; 1234

  2. Machine A: netcat -l -e magickey -p 1234 lt; testfileMachine B: netcat lt;machine A IPgt; 1234

  3. Machine A: netcat -l -p 1234 lt; testfile -pw passwordMachine B: netcat lt;machine A IPgt; 1234 -pw password

  4. Use cryptcat instead of netcat

Answer: D

Explanation: Netcat cannot encrypt the file transfer itself but would need to use a third party application to encrypt/decrypt like openssl. Cryptcat is the standard netcat enhanced with twofish encryption.

Question No: 203 – (Topic 5)

You are the IT Manager of a large legal firm in California. Your firm represents many important clients whose names always must remain anonymous to the public. Your boss, Mr. Smith is always concerned about client information being leaked or revealed to the pres or public. You have just finished a complete security overhaul of your information system including an updated IPS, new firewall, email encryption and employee security awareness training. Unfortunately, many of your firm’s clients do not trust technology to completely secure their information, so couriers routinely have to travel back and forth to and from the office with sensitive information.

Your boss has charged you with figuring out how to secure the information the couriers must transport. You propose that the data be transferred using burned CD’s or USB flash drives. You initially think of encrypting the files, but decide against that method for fear the encryption keys could eventually be broken.

What software application could you use to hide the data on the CD’s and USB flash drives?

  1. Snow

  2. File Snuff

  3. File Sneaker

  4. EFS

Answer: A

Explanation: The Snow software developed by Matthew Kwan will insert extra spaces at

the end of each line. Three bits are encoded in each line by adding between 0 and 7 spaces that are ignored by most display programs including web browsers.

Question No: 204 – (Topic 5)

If a token and 4-digit personal identification number (PIN) are used to access a computer system and the token performs off-line checking for the correct PIN, what type of attack is possible?

  1. Birthday

  2. Brute force

  3. Man-in-the-middle

  4. Smurf

Answer: B Explanation:

Brute force attacks are performed with tools that cycle through many possible character, number, and symbol combinations to guess a password. Since the token allows offline checking of PIN, the cracker can keep trying PINS until it is cracked.

Question No: 205 – (Topic 5)

What do Trinoo, TFN2k, WinTrinoo, T-Sight, and Stracheldraht have in common?

  1. All are hacking tools developed by the legion of doom

  2. All are tools that can be used not only by hackers, but also security personnel

  3. All are DDOS tools

  4. All are tools that are only effective against Windows

  5. All are tools that are only effective against Linux

Answer: C

Explanation: All are DDOS tools.

Question No: 206 – (Topic 5)

In the following example, which of these is the quot;exploitquot;?

Today, Microsoft Corporation released a security notice. It detailed how a person could bring down the Windows 2003 Server operating system, by sending malformed packets to it. They detailed how this malicious process had been automated using basic scripting. Even worse, the new automated method for bringing down the server has already been used to perform denial of service attacks on many large commercial websites.

Select the best answer.

  1. Microsoft Corporation is the exploit.

  2. The security quot;holequot; in the product is the exploit.

  3. Windows 2003 Server

  4. The exploit is the hacker that would use this vulnerability.

  5. The documented method of how to use the vulnerability to gain unprivileged access.

Answer: E

Explanation: Explanations:

Microsoft is not the exploit, but if Microsoft documents how the vulnerability can be used to gain unprivileged access, they are creating the exploit. If they just say that there is a hole in the product, then it is only a vulnerability. The security quot;holequot; in the product is called the quot;vulnerabilityquot;. It is documented in a way that shows how to use the vulnerability to gain unprivileged access, and it then becomes an quot;exploitquot;. In the example given, Windows 2003 Server is the TOE (Target of Evaluation). A TOE is an IT System, product or component that requires security evaluation or is being identified. The hacker that would use this vulnerability is exploiting it, but the hacker is not the exploit. The documented method of how to use the vulnerability to gain unprivileged access is the correct answer.

Question No: 207 – (Topic 5)

You have retrieved the raw hash values from a Windows 2000 Domain Controller. Using social engineering, you come to know that they are enforcing strong passwords. You understand that all users are required to use passwords that are at least 8 characters in length. All passwords must also use 3 of the 4 following categories: lower case letters, capital letters, numbers and special characters.

With your existing knowledge of users, likely user account names and the possibility that they will choose the easiest passwords possible, what would be the fastest type of password cracking attack you can run against these hash values and still get results?

  1. Online Attack

  2. Dictionary Attack

  3. Brute Force Attack

  4. Hybrid Attack

Answer: D

Explanation: A dictionary attack will not work as strong passwords are enforced, also the minimum length of 8 characters in the password makes a brute force attack time consuming. A hybrid attack where you take a word from a dictionary and exchange a number of letters with numbers and special characters will probably be the fastest way to crack the passwords.

Question No: 208 – (Topic 5)

Study the snort rule given below:

Ensurepass 2018 PDF and VCE

From the options below, choose the exploit against which this rule applies.

  1. WebDav

  2. SQL Slammer

  3. MS Blaster

  4. MyDoom

Answer: C

Explanation: MS Blaster scans the Internet for computers that are vulnerable to its attack. Once found, it tries to enter the system through the port 135 to create a buffer overflow.

TCP ports 139 and 445 may also provide attack vectors.

Question No: 209 – (Topic 5)

LM authentication is not as strong as Windows NT authentication so you may want to disable its use, because an attacker eavesdropping on network traffic will attack the weaker protocol. A successful attack can compromise the user#39;s password. How do you disable LM authentication in Windows XP?

  1. Stop the LM service in Windows XP

  2. Disable LSASS service in Windows XP

  3. Disable LM authentication in the registry

  4. Download and install LMSHUT.EXE tool from Microsoft website

Answer: C

Explanation: http://support.microsoft.com/kb/299656

Question No: 210 – (Topic 5)

Bob is doing a password assessment for one of his clients. Bob suspects that security policies are not in place. He also suspects that weak passwords are probably the norm throughout the company he is evaluating. Bob is familiar with password weaknesses and key loggers.

Which of the following options best represents the means that Bob can adopt to retrieve passwords from his clients hosts and servers.

  1. Hardware, Software, and Sniffing.

  2. Hardware and Software Keyloggers.

  3. Passwords are always best obtained using Hardware key loggers.

  4. Software only, they are the most effective.

Answer: A

Explanation: Different types of keylogger planted into the environment would retrieve the passwords for Bob..

100% Ensurepass Free Download!
Download Free Demo:312-50 Demo PDF
100% Ensurepass Free Guaranteed!
312-50 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.