[Free] 2018(Jan) EnsurePass Testking ECCouncil 312-50 Dumps with VCE and PDF 171-180

Ensurepass.com : Ensure you pass the IT Exams
2018 Jan ECCouncil Official New Released 312-50
100% Free Download! 100% Pass Guaranteed!
http://www.EnsurePass.com/312-50.html

Ethical Hacking and Countermeasures

Question No: 171 – (Topic 4)

What tool can crack Windows SMB passwords simply by listening to network traffic? Select the best answer.

  1. This is not possible

  2. Netbus

  3. NTFSDOS

  4. L0phtcrack

Answer: D

Explanation: Explanations:

This is possible with a SMB packet capture module for L0phtcrack and a known weaknesses in the LM hash algorithm.

Question No: 172 – (Topic 4)

What is the following command used for?

net use \targetipc$ quot;quot; /u:quot;quot;

  1. Grabbing the etc/passwd file

  2. Grabbing the SAM

  3. Connecting to a Linux computer through Samba.

  4. This command is used to connect as a null session

  5. Enumeration of Cisco routers

Answer: D

Explanation: The null session is one of the most debilitating vulnerabilities faced by Windows. Null sessions can be established through port 135, 139, and 445.

Question No: 173 – (Topic 4)

Jonathan being a keen administrator has followed all of the best practices he could find on securing his Windows Server. He renamed the Administrator account to a new name that can’t be easily guessed but there remain people who attempt to compromise his newly renamed administrator account. How can a remote attacker

decipher the name of the administrator account if it has been renamed?

  1. The attacker guessed the new name

  2. The attacker used the user2sid program

  3. The attacker used to sid2user program

  4. The attacker used NMAP with the V option

Answer: C

Explanation: User2sid.exe can retrieve a SID from the SAM (Security Accounts Manager) from the local or a remote machine Sid2user.exe can then be used to retrieve the names of all the user accounts and more. These utilities do not exploit a bug but call the functions LookupAccountName and LookupAccountSid respectively. What is more these can be called against a remote machine without providing logon credentials save those needed for a null session connection.

Question No: 174 – (Topic 4)

What did the following commands determine?

C : user2sid \earth guest

S-1-5-21-343818398-789336058-1343024091-501

C:sid2user 5 21 343818398 789336058 1343024091 500

Name is Joe Domain is EARTH

  1. That the Joe account has a SID of 500

  2. These commands demonstrate that the guest account has NOT been disabled

  3. These commands demonstrate that the guest account has been disabled

  4. That the true administrator is Joe

  5. Issued alone, these commands prove nothing

Answer: D

Explanation: One important goal of enumeration is to determine who the true administrator is. In the example above, the true administrator is Joe.

Question No: 175 – (Topic 4)

Which definition among those given below best describes a covert channel?

  1. A server program using a port that is not well known.

  2. Making use of a protocol in a way it is not intended to be used.

  3. It is the multiplexing taking place on a communication link.

  4. It is one of the weak channels used by WEP which makes it insecure.

Answer: B

Explanation: A covert channel is described as: quot;any communication channel that can be exploited by a process to transfer information in a manner that violates the systems security policy.quot; Essentially, it is a method of communication that is not part of an actual computer system design, but can be used to transfer information to users or system processes that normally would not be allowed access to the information.

Question No: 176 – (Topic 4)

SNMP is a protocol used to query hosts, servers and devices about performance or health status data. Hackers have used this protocol for a long time to gather great amount of information about remote hosts. Which of the following features makes this possible?

  1. It is susceptible to sniffing

  2. It uses TCP as the underlying protocol

  3. It is used by ALL devices on the market

  4. It uses a community string sent as clear text

Answer: A,D

Explanation: SNMP uses UDP, not TCP, and even though many devices uses SNMP not ALL devices use it and it can be disabled on most of the devices that does use it. However SNMP is susceptible to sniffing and the community string (which can be said acts as a password) is sent in clear text.

Topic 5, System Hacking

Question No: 177 – (Topic 5)

Michael is the security administrator for the for ABC company. Michael has been charged with strengthening the company’s security policies, including its password policies. Due to certain legacy applications. Michael was only able to enforce a password group policy in Active Directory with a minimum of 10 characters. He has informed the company’s employes, however that the new password policy requires that everyone must have complex passwords with at least 14 characters. Michael wants to ensure that everyone is using complex passwords that meet the new security policy requirements. Michael has just logged on to one of the network’s domain controllers and is about to run the following command:

What will this command accomplish?

Ensurepass 2018 PDF and VCE

  1. Dumps SAM password hashes to pwd.txt

  2. Password history file is piped to pwd.txt

  3. Dumps Active Directory password hashes to pwd.txt

  4. Internet cache file is piped to pwd.txt

Answer: A

Explanation: Pwdump is a hack tool that is used to grab Windows password hashes from a remote Windows computer. Pwdump gt; pwd.txt will redirect the output from pwdump to a text file named pwd.txt

Question No: 178 – (Topic 5)

While examining audit logs, you discover that people are able to telnet into the SMTP server on port 25. You would like to block this, though you do not see any evidence of an attack or other wrong doing. However, you are concerned about affecting the normal functionality of the email server. From the following options choose how best you can achieve this objective?

  1. Block port 25 at the firewall.

  2. Shut off the SMTP service on the server.

  3. Force all connections to use a username and password.

  4. Switch from Windows Exchange to UNIX Sendmail.

  5. None of the above.

Answer: E

Explanation: Blocking port 25 in the firewall or forcing all connections to use username and password would have the consequences that the server is unable to communicate with other SMTP servers. Turning of the SMTP service would disable the email function completely. All email servers use SMTP to communicate with other email servers and therefore changing email server will not help.

Question No: 179 – (Topic 5)

Samuel is the network administrator of DataX communications Inc. He is trying to configure his firewall to block password brute force attempts on his network. He enables blocking the intruder’s IP address for a period of 24 hours time after more than three unsuccessful attempts. He is confident that this rule will secure his network hackers on the Internet.

But he still receives hundreds of thousands brute-force attempts generated from various IP addresses around the world. After some investigation he realizes that the intruders are using a proxy somewhere else on the Internet which has been scripted to enable the random usage of various proxies on each request so as not to get caught by the firewall use.

Later he adds another rule to his firewall and enables small sleep on the password attempt so that if the password is incorrect, it would take 45 seconds to return to the user to begin another attempt. Since an intruder may use multiple machines to brute force the password, he also throttles the number of connections that will be prepared to accept from a particular IP address. This action will slow the intruder’s attempts.

Samuel wants to completely block hackers brute force attempts on his network.

What are the alternatives to defending against possible brute-force password attacks on his site?

  1. Enforce a password policy and use account lockouts after three wrong logon attempts even through this might lock out legit users

  2. Enable the IDS to monitor the intrusion attempts and alert you by e-mail about the IP address of the intruder so that you can block them at the firewall manually

  3. Enforce complex password policy on your network so that passwords are more difficult to brute force

  4. You can’t completely block the intruders attempt if they constantly switch proxies

Answer: D

Explanation: Without knowing from where the next attack will come there is no way of proactively block the attack. This is becoming a increasing problem with the growth of large bot nets using ordinary workstations and home computers in large numbers.

Question No: 180 – (Topic 5)

Which of the following keyloggers cannot be detected by anti-virus or anti-spyware products?

  1. Covert keylogger

  2. Stealth keylogger

  3. Software keylogger

  4. Hardware keylogger

Answer: D

Explanation: As the hardware keylogger never interacts with the Operating System it is undetectable by anti-virus or anti-spyware products.

100% Ensurepass Free Download!
Download Free Demo:312-50 Demo PDF
100% Ensurepass Free Guaranteed!
312-50 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.