Latest ECCouncil 312-50v8 Real Exam Download 601-610

Ensurepass

QUESTION 601

Under what conditions does a secondary name server request a zone transfer from a primary name server?

 

A. When a primary SOA is higher that a secondary SOA

B. When a secondary SOA is higher that a primary SOA

C. When a primary name server has had its service restarted

D. When a secondary name server has had its service restarted

E. When the TTL falls to zero

 

Answer: A 

Understanding DNS is critical to meeting the requirements of the CEH. When the serial number that is within the SOA record of the primary server is higher than the Serial number within the SOA record of the secondary DNS server,a zone transfer will take place.

 

 

QUESTION 602

What ports should be blocked on the firewall to prevent NetBIOS traffic from not coming through the firewall if your network is comprised of Windows NT, 2000, and XP?(Choose all that apply.

 

A. 110

B. 135

C. 139

D. 161

E. 445

F. 1024

 

Answer: B,C,E

 NetBIOS traffic can quickly be used to enumerate and attack Windows computers.

Ports 135,139,and 445 should be blocked.

 

 

QUESTION 603

What is a NULL scan?

 

A. A scan in which all flags are turned off

B. A scan in which certain flags are off

C. A scan in which all flags are on

D. A scan in which the packet size is set to zero E. A scan with a illegal packet size

 

Answer: A

 A null scan has all flags turned off.

 

 

QUESTION 604

What is the proper response for a NULL scan if the port is open?

 

A. SYN

B. ACK

C. FIN

D. PSH

E. RST

F. No response

 

Answer: F

 A NULL scan will have no response if the port is open.

 

 

QUESTION 605

Which of the following statements about a zone transfer correct?(Choose three.

 

A. A zone transfer is accomplished with the DNS

B. A zone transfer is accomplished with the nslookup service

C. A zone transfer passes all zone information that a DNS server maintains

D. A zone transfer passes all zone information that a nslookup server maintains

E. A zone transfer can be prevented by blocking all inbound TCP port 53 connections

F. Zone transfers cannot occur on the Internet

 

Answer: A,C,E 

Securing DNS servers should be a priority of the organization. Hackers obtaining DNS information can discover a wealth of information about an organization. This information can be used to further exploit the network.

 

 

QUESTION 606

You have the SOA presented below in your Zone. Your secondary servers have not been able to contact your primary server to synchronize information. How long will the secondary servers attempt to contact the primary server before it considers that zone is dead and stops responding to queries?

collegae.edu.SOA, cikkye.edu ipad.college.edu. (200302028 3600 3600 604800 3600)

 

A. One day

B. One hour

C. One week

D. One month

 

Answer: C 

The numbers represents the following values: 200302028; se = serial number 3600; ref = refresh = 1h 3600; ret = update retry = 1h 604800; ex = expiry = 1w 3600; min = minimum TTL = 1h

 

 

QUESTION 607

Tess King is using the nslookup command to craft queries to list all DNS information (such as Name Servers, host names, MX records, CNAME records, glue records (delegation for child Domains), zone serial number, TimeToLive (TTL) records, etc) for a Domain. What do you think Tess King is trying to accomplish? Select the best answer.

 

A. A zone harvesting

B. A zone transfer

C. A zone update

D. A zone estimate

 

Answer: B 

The zone transfer is the method a secondary DNS server uses to update its information from the primary DNS server. DNS servers within a domain are organized using a master-slave method where the slaves get updated DNS information from the master DNS. One should configure the master DNS server to allow zone transfers only from secondary (slave) DNS servers but this is often not implemented. By connecting to a specific DNS server and successfully issuing the ls Ƀd domain-name > file-name you have initiated a zone transfer.

 

 

QUESTION 608

A zone file consists of which of the following Resource Records (RRs)?

 

A. DNS,NS,AXFR,and MX records

B. DNS,NS,PTR,and MX records

C. SOA,NS,AXFR,and MX records

D. SOA,NS,A,and MX records

 

Answer: D 

The zone file typically contains the following records: SOA Ƀ Start Of Authority NS Ƀ Name Server record MX Ƀ Mail eXchange record A Ƀ Address record

 

 

QUESTION 609

Let’s imagine three companies (A, B and C), all competing in a challenging global environment. Company A and B are working together in developing a product that will generate a major competitive advantage for them. Company A has a secure DNS server while company B has a DNS server vulnerable to spoofing. With a spoofing attack on the DNS server of company B, company C gains access to outgoing e-mails from company B. How do you prevent DNS spoofing? (Select the Best Answer.)

 

A. Install DNS logger and track vulnerable packets

B. Disable DNS timeouts

C. Install DNS Anti-spoofing

D. Disable DNS Zone Transfer

 

Answer: C 

Implement DNS Anit-Spoofing measures to prevent DNS Cache Pollution to occur.

 

 

QUESTION 610

Which DNS resource record can indicate how long any "DNS poisoning" could last?

 

A. MX

B. SOA

C. NS

D. TIMEOUT

 

Answer: B 

The SOA contains information of secondary servers,update intervals and expiration times.

 

Download Latest ECCouncil 312-50v8 Real Free Tests , help you to pass exam 100%.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.