[Free] 2018(Jan) EnsurePass Testking ECCouncil 312-50 Dumps with VCE and PDF 301-310

Ensurepass.com : Ensure you pass the IT Exams
2018 Jan ECCouncil Official New Released 312-50
100% Free Download! 100% Pass Guaranteed!

Ethical Hacking and Countermeasures

Question No: 301 – (Topic 8)

Steven, a security analyst for XYZ associates, is analyzing packets captured by Ethereal on a Linux Server inside his network when the server starts to slow down tremendously. Steven examines the following Ethereal captures:

Ensurepass 2018 PDF and VCE

  1. Smurf Attack

  2. ARP Spoofing

  3. Ping of Death

  4. SYN Flood

Answer: A

Explanation: A perpetrator is sending a large amount of ICMP echo (ping) traffic to IP broadcast addresses, all of it having a spoofed source address of the intended victim. If the routing device delivering traffic to those broadcast addresses performs the IP broadcast to layer 2 broadcast function, most hosts on that IP network will take the ICMP echo request and reply to it with an echo reply, multiplying the traffic by the number of hosts responding.

Question No: 302 – (Topic 8)

What do you call a system where users need to remember only one username and password, and be authenticated for multiple services?

  1. Simple Sign-on

  2. Unique Sign-on

  3. Single Sign-on

  4. Digital Certificate

Answer: C

Explanation: Single sign-on (SSO) is a specialized form of software authentication that enables a user to authenticate once and gain access to the resources of multiple software systems.

Topic 9, Social Engineering

Question No: 303 – (Topic 9)

Dave has been assigned to test the network security of Acme Corp. The test was announced to the employees. He created a webpage to discuss the progress of the tests with employees who were interested in following the test. Visitors were allowed to click on a sand clock to mark the progress of the test. Dave successfully embeds a keylogger. He also added some statistics on the webpage. The firewall protects the network well and allows strict Internet access. How was security compromised and how did the firewall respond?

  1. The attack did not fall through as the firewall blocked the traffic

  2. The attack was social engineering and the firewall did not detect it

  3. The attack was deception and security was not directly compromised

  4. Security was not compromised as the webpage was hosted internally

Answer: B

Explanation: This was just another way to trick the information out of the users without the

need to hack into any systems. All traffic is outgoing and initiated by the user so the firewall will not react.

Question No: 304 – (Topic 9)

What does the following command achieve?

Telnet lt;IP Addressgt; lt;Port 80gt; HEAD /HTTP/1.0



  1. This command returns the home page for the IP address specified

  2. This command opens a backdoor Telnet session to the IP address specified

  3. This command returns the banner of the website specified by IP address

  4. This command allows a hacker to determine the sites security

  5. This command is bogus and will accomplish nothing

Answer: C

Explanation: This command is used for banner grabbing. Banner grabbing helps identify the service and version of web server running.

Question No: 305 – (Topic 9)

Within the context of Computer Security, which of the following statements best describe Social Engineering?

  1. Social Engineering is the act of publicly disclosing information.

  2. Social Engineering is the act of getting needed information from a person rather than breaking into a system.

  3. Social Engineering is the means put in place by human resource to perform time accounting.

  4. Social Engineering is a training program within sociology studies.

Answer: B

Explanation: Social engineering is a collection of techniques used to manipulate people into performing actions or divulging confidential information.

Question No: 306 – (Topic 9)

Which of these are phases of a reverse social engineering attack? Select the best answers.

  1. Sabotage

  2. Assisting

  3. Deceiving

  4. Advertising

  5. Manipulating

Answer: A,B,D Explanation: Explanations:

According to quot;Methods of Hacking: Social

Engineeringquot;, by Rick Nelson, the three phases of reverse social engineering attacks are sabotage, advertising, and assisting.

Question No: 307 – (Topic 9)

Usernames, passwords, e-mail addresses, and the location of CGI scripts may be obtained from which of the following information sources?

  1. Company web site

  2. Search engines

  3. EDGAR Database query

  4. Whois query

Answer: A

Explanation: Whois query would not enable us to find the CGI scripts whereas in the actual website, some of them will have scripts written to make the website more user friendly. The EDGAR database would in fact give us a lot of the information requested but not the location of CGI scripts, as would a simple search engine on the Internet if you have the time needed.

Question No: 308 – (Topic 9)

Why is Social Engineering considered attractive by hackers and also adopted by experts in the field?

  1. It is done by well known hackers and in movies as well.

  2. It does not require a computer in order to commit a crime.

  3. It is easy and extremely effective to gain information.

  4. It is not considered illegal.

Answer: C

Explanation: Social engineering is a collection of techniques used to manipulate people into performing actions or divulging confidential information. While similar to a confidence trick or simple fraud, the term typically applies to trickery for information gathering or computer system access and in most (but not all) cases the attacker never comes face-to- face with the victim. The term has been popularized in recent years by well known (reformed) computer criminal and security consultant Kevin Mitnick who points out that it#39;s much easier to trick someone into giving you his or her password for a system than to spend the effort to hack in. He claims it to be the single most effective method in his arsenal.

Question No: 309 – (Topic 9)

Your boss at ABC.com asks you what are the three stages of Reverse Social Engineering.

  1. Sabotage, advertising, Assisting

  2. Sabotage, Advertising, Covering

  3. Sabotage, Assisting, Billing

  4. Sabotage, Advertising, Covering

Answer: A

Explanation: Typical social interaction dictates that if someone gives us something then it is only right for us to return the favour. This is known as reverse social engineering, when an attacker sets up a situation where the victim encounters a problem, they ask the attacker for help and once the problem is solved the victim then feels obliged to give the information requested by the attacker.

Question No: 310 – (Topic 9)

Jack Hacker wants to break into company’s computers and obtain their secret double fudge cookie recipe. Jacks calls Jane, an accountant at company pretending to be an administrator from company. Jack tells Jane that there has been a problem with some accounts and asks her to verify her password with him “just to double check our records”. Jane does not suspect anything amiss, and parts with her password. Jack can now access company’s computers with a valid user name and password, to steal the cookie recipe.

What kind of attack is being illustrated here? (Choose the best answer)

  1. Reverse Psychology

  2. Reverse Engineering

  3. Social Engineering

  4. Spoofing Identity

  5. Faking Identity

Answer: C

Explanation: This is a typical case of pretexting. Pretexting is the act of creating and using an invented scenario (the pretext) to persuade a target to release information or perform an action and is usually done over the telephone.

100% Ensurepass Free Download!
Download Free Demo:312-50 Demo PDF
100% Ensurepass Free Guaranteed!
312-50 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.