[Free] 2018(Jan) EnsurePass Testking ECCouncil 312-50 Dumps with VCE and PDF 51-60

Ensurepass.com : Ensure you pass the IT Exams
2018 Jan ECCouncil Official New Released 312-50
100% Free Download! 100% Pass Guaranteed!

Ethical Hacking and Countermeasures

Question No: 51 – (Topic 3)

What flags are set in a X-MAS scan?(Choose all that apply.

  1. SYN

  2. ACK

  3. FIN

  4. PSH

  5. RST

  6. URG

Answer: C,D,F

Explanation: FIN, URG, and PSH are set high in the TCP packet for a X-MAS scan

Question No: 52 – (Topic 3)

You are conducting an idlescan manually using HPING2. During the scanning process, you notice that almost every query increments the IPID- regardless of the port being queried. One or two of the queries cause the IPID to increment by more than one value. Which of he following options would be a possible reason?

  1. Hping2 can’t be used for idlescanning

  2. The Zombie you are using is not truly idle

  3. These ports are actually open on the target system

  4. A stateful inspection firewall is resetting your queries

Answer: B

Explanation: If the IPID increments more than one value that means that there has been network traffic between the queries so the zombie is not idle.

Question No: 53 – (Topic 3)

What is the proper response for a X-MAS scan if the port is open?

  1. SYN

  2. ACK

  3. FIN

  4. PSH

  5. RST

  6. No response

Answer: F

Explanation: Closed ports respond to a X-MAS scan by ignoring the packet.

Question No: 54 – (Topic 3)

What are twp types of ICMP code used when using the ping command?

  1. It uses types 0 and 8.

  2. It uses types 13 and 14.

  3. It uses types 15 and 17.

  4. The ping command does not use ICMP but uses UDP.

Answer: A

Explanation: ICMP Type 0 = Echo Reply, ICMP Type 8 = Echo

Question No: 55 – (Topic 3)

Mark works as a contractor for the Department of Defense and is in charge of network security. He has spent the last month securing access to his network from all possible entry points. He has segmented his network into several subnets and has installed firewalls all over the network. He has placed very stringent rules on all the firewalls, blocking everything in and out except ports that must be used. He does need to have port 80 open since his company hosts a website that must be accessed from the Internet. Mark is fairly confident of his perimeter defense, but is still worried about programs like Hping2 that can get into a network through convert channels.

How should mark protect his network from an attacker using Hping2 to scan his internal network?

  1. Blocking ICMP type 13 messages

  2. Block All Incoming traffic on port 53

  3. Block All outgoing traffic on port 53

  4. Use stateful inspection on the firewalls

Answer: A

Explanation: An ICMP type 13 message is an ICMP timestamp request and waits for an ICMP timestamp reply. The remote node is right to do, still it would not be necessary as it is optional and thus many ip stacks ignore such packets. Nevertheless, nmap again achived to make its packets unique by setting the originating timestamp field in the packet to 0.

Question No: 56 – (Topic 3)

You want to know whether a packet filter is in front of Pings to don#39;t get answered. A basic nmap scan of seems to hang without returning any information. What should you do next?

  1. Use NetScan Tools Pro to conduct the scan

  2. Run nmap XMAS scan against

  3. Run NULL TCP hping2 against

  4. The firewall is blocking all the scans to

Answer: C

Question No: 57 – (Topic 3)

While doing fast scan using -F option, which file is used to list the range of ports to scan by nmap?

  1. services

  2. nmap-services

  3. protocols

  4. ports

Answer: B

Explanation: Nmap uses the nmap-services file to provide additional port detail for almost every scanning method. Every time a port is referenced, it#39;s compared to an available description in this support file. If the nmap-services file isn#39;t available, nmap reverts to the

/etc/services file applicable for the current operating system.

Question No: 58 – (Topic 3)

home/root # traceroute www.targetcorp.com lt;http://www.targetcorp.comgt; traceroute to www.targetcorp.com lt;http://www.targetcorp.comgt; (, 64 hops may, 40 byte packets

1 router.anon.com ( 1.373 ms 1.123 ms 1.280 ms

2 ( 3.680 ms 3.506 ms 4.583 ms

3 firewall.anon.com ( 127.189 ms 257.404 ms 208.484 ms

4 anon-gw.anon.com ( 471.68 ms 376.875 ms 228.286 ms

5 fe5-0.lin.isp.com ( 2.961 ms 3.852 ms 2.974 ms

6 fe0-0.lon0.isp.com ( 3.979 ms 3.243 ms 4.370 ms

7 ( 11.454 ms 4.221 ms 3.333 ms

6 * * *

7 * * *

8 www.targetcorp.com lt;http://www.targetcorp.comgt; ( 5.392

ms 3.348 ms 3.199 ms

Use the traceroute results shown above to answer the following question:

The perimeter security at targetcorp.com does not permit ICMP TTL-expired packets out.

  1. True

  2. False

Answer: A

Explanation: As seen in the exhibit there is 2 registrations with timeout, this tells us that the firewall filters packets where the TTL has reached 0, when you continue with higher starting values for TTL you will get an answer from the target of the traceroute.

Question No: 59 – (Topic 3)

While attempting to discover the remote operating system on the target computer, you receive the following results from an nmap scan:

Starting nmap V. 3.10ALPHA9 ( www.insecure.org/nmap/

lt;http://www.insecure.org/nmap/gt; ) Interesting ports on

(The 1592 ports scanned but not shown below are in state: filtered) Port State Service

21/tcp open ftp 25/tcp open smtp 53/tcp closed domain 80/tcp open http 443/tcp open https

Remote operating system guess: Too many signatures match to reliably guess the OS.

Nmap run completed – 1 IP address (1 host up) scanned in 277.483 seconds

What should be your next step to identify the OS?

  1. Perform a firewalk with that system as the target IP

  2. Perform a tcp traceroute to the system using port 53

  3. Run an nmap scan with the -v-v option to give a better output

  4. Connect to the active services and review the banner information

Answer: D

Explanation: Most people don’t care about changing the banners presented by applications listening to open ports and therefore you should get fairly accurate information when grabbing banners from open ports with, for example, a telnet application.

Question No: 60 – (Topic 3)

Gerald, the systems administrator for Hyped Enterprise, has just discovered that his network has been breached by an outside attacker. After performing routine maintenance on his servers, his discovers numerous remote tools were installed that no one claims to have knowledge of in his department.

Gerald logs onto the management console for his IDS and discovers an unknown IP address that scanned his network constantly for a week and was able to access his network through a high-level port that was not closed. Gerald traces the IP address he found in the IDS log to proxy server in Brazil.

Gerald calls the company that owns the proxy server and after searching through their logs, they trace the source to another proxy server in Switzerland. Gerald calls the company in Switzerland that owns the proxy server and after scanning through the logs again, they trace the source back to a proxy server in China.

What tool Geralds’s attacker used to cover their tracks?

  1. Tor

  2. ISA

  3. IAS

  4. Cheops

Answer: A

Explanation: Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

100% Ensurepass Free Download!
Download Free Demo:312-50 Demo PDF
100% Ensurepass Free Guaranteed!
312-50 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.