Latest ECCouncil 312-50v8 Real Exam Download 591-600

Ensurepass

QUESTION 591

SNMP is a protocol used to query hosts, servers, and devices about performance or health status data. This protocol has long been used by hackers to gather great amount of information about remote hosts.

Which of the following features makes this possible? (Choose two)

 

A. It used TCP as the underlying protocol.

B. It uses community string that is transmitted in clear text.

C. It is susceptible to sniffing.

D. It is used by all network devices on the market.

 

Answer: B,D 

Simple Network Management Protocol (SNMP) is a protocol which can be used by administrators to remotely manage a computer or network device. There are typically 2 modes of remote SNMP monitoring. These modes are roughly ‘READ’ and ‘WRITE’ (or PUBLIC and PRIVATE). If an attacker is able to guess a PUBLIC community string,they would be able to read SNMP data (depending on which MIBs are installed) from the remote device. This information might include system time,IP addresses,interfaces,processes running,etc. Version 1 of SNMP has been criticized for its poor security. Authentication of clients is performed only by a "community string",in effect a type of password,which is transmitted in cleartext.

 

 

QUESTION 592

Bob is acknowledged as a hacker of repute and is popular among visitors of pundergroundq sites. Bob is willing to share his knowledge with those who are willing to learn, and many have expressed their interest in learning from him. However, this knowledge has a risk associated with it, as it can be used for malevolent attacks as well.

In this context, what would be the most affective method to bridge the knowledge gap between the pblackq hats or crackers and the pwhiteq hats or computer security professionals? (Choose the test answer)

 

A. Educate everyone with books,articles and training on risk analysis,vulnerabilities and safeguards.

B. Hire more computer security monitoring personnel to monitor computer systems and networks.

C. Make obtaining either a computer security certification or accreditation easier to achieve so more individuals feel that they are a part of something larger than life.

D. Train more National Guard and reservist in the art of computer security to help out in times of emergency or crises.

 

Answer: A 

Bridging the gap would consist of educating the white hats and the black hats equally so that their knowledge is relatively the same. Using books,articles,the internet,and professional training seminars is a way of completing this goal.

 

 

QUESTION 593

Peter extracts the SIDs list from Windows 2000 Server machine using the hacking tool pSIDExtractorq. Here is the output of the SIDs:

clip_image002

From the above list identify the user account with System Administrator privileges.

 

A. John

B. Rebecca

C. Sheela

D. Shawn

E. Somia

F. Chang

G. Micah

 

Answer: F 

The SID of the built-in administrator will always follow this example: S-1-5-domain-

 

 

QUESTION 594

Which address translation scheme would allow a single public IP address to always correspond to a single machine on an internal network, allowing "server publishing"?

 

A. Overloading Port Address Translation

B. Dynamic Port Address Translation

C. Dynamic Network Address Translation

D. Static Network Address Translation

 

Answer: D 

Mapping an unregistered IP address to a registered IP address on a one-to-one basis. Particularly useful when a device needs to be accessible from outside the network.

 

 

QUESTION 595

What is the following command used for?

net use targetipc$ "" /u:""

 

A. Grabbing the etc/passwd file

B. Grabbing the SAM

C. Connecting to a Linux computer through Samba.

D. This command is used to connect as a null session

E. Enumeration of Cisco routers

 

Answer: D

 The null session is one of the most debilitating vulnerabilities faced by Windows.

Null sessions can be established through port 135,139,and 445.

 

 

QUESTION 596

What is the proper response for a NULL scan if the port is closed?

 

A. SYN

B. ACK

C. FIN

D. PSH

E. RST

F. No response

 

Answer: E

 Closed ports respond to a NULL scan with a reset.

 

 

QUESTION 597

One of your team members has asked you to analyze the following SOA record. What is the TTL?

Rutgers.edu.SOA NS1.Rutgers.edu ipad.college.edu (200302028 3600 3600 604800 2400.

 

A. 200303028

B. 3600

C. 604800

D. 2400

E. 60

F. 4800

 

Answer: D 

The SOA includes a timeout value. This value can tell an attacker how long any DNS "poisoning" would last. It is the last set of numbers in the record.

 

 

QUESTION 598

One of your team members has asked you to analyze the following SOA record. What is the version?

Rutgers.edu.SOA NS1.Rutgers.edu ipad.college.edu (200302028 3600

3600 604800 2400.

 

A. 200303028

B. 3600

C. 604800

D. 2400

E. 60

F. 4800

 

Answer: A

 The SOA starts with the format of YYYYMMDDVV where VV is the version.

 

 

QUESTION 599

MX record priority increases as the number increases. (True/False.

 

A. True

B. False

 

Answer: B

The highest priority MX record has the lowest number.

 

 

QUESTION 600

Which of the following tools can be used to perform a zone transfer?

 

A. NSLookup

B. Finger

C. Dig

D. Sam Spade

E. Host

F. Netcat

G. Neotrace

 

Answer: A,C,D,E

There are a number of tools that can be used to perform a zone transfer. Some of these include: NSLookup,Host,Dig,and Sam Spade.

 

 

Download Latest ECCouncil 312-50v8 Real Free Tests , help you to pass exam 100%.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.