[Free] 2018(Jan) EnsurePass Dumpsleader ECCouncil 312-50 Dumps with VCE and PDF 21-30

Ensurepass.com : Ensure you pass the IT Exams
2018 Jan ECCouncil Official New Released 312-50
100% Free Download! 100% Pass Guaranteed!
http://www.EnsurePass.com/312-50.html

Ethical Hacking and Countermeasures

Question No: 21 – (Topic 2)

System Administrators sometimes post questions to newsgroups when they run into technical challenges. As an ethical hacker, you could use the information in newsgroup posting to glean insight into the makeup of a target network. How would you search for these posting using Google search?

  1. Search in Google using the key strings “the target company” and “newsgroups”

  2. Search for the target company name at http://groups.google.com

  3. Use NNTP websites to search for these postings

  4. Search in Google using the key search strings “the target company” and “forums”

Answer: B

Explanation: Using http://groups.google.com is the easiest way to access various newsgroups today. Before http://groups.google.com you had to use special NNTP clients or subscribe to some nntp to web services.

Question No: 22 – (Topic 2)

According to the CEH methodology, what is the next step to be performed after footprinting?

  1. Enumeration

  2. Scanning

  3. System Hacking

  4. Social Engineering

  5. Expanding Influence

Answer: B

Explanation: Once footprinting has been completed, scanning should be attempted next. Scanning should take place on two distinct levels: network and host.

Question No: 23 – (Topic 2)

User which Federal Statutes does FBI investigate for computer crimes involving e- mail scams and mail fraud?

  1. 18 U.S.C 1029 Possession of Access Devices

  2. 18 U.S.C 1030 Fraud and related activity in connection with computers

  3. 18 U.S.C 1343 Fraud by wire, radio or television

  4. 18 U.S.C 1361 Injury to Government Property

  5. 18 U.S.C 1362 Government communication systems

  6. 18 U.S.C 1831 Economic Espionage Act

  7. 18 U.S.C 1832 Trade Secrets Act

Answer: B

Explanation: http://www.law.cornell.edu/uscode/html/uscode18/usc_sec_18_00001030– 000-.html

Question No: 24 – (Topic 2)

Snort has been used to capture packets on the network. On studying the packets, the penetration tester finds it to be abnormal. If you were the penetration tester, why would you find this abnormal?

(Note: The student is being tested on concept learnt during passive OS fingerprinting, basic TCP/IP connection concepts and the ability to read packet signatures from a sniff dumo.)

05/20-17:06:45.061034 192.160.13.4:31337 -gt; 172.16.1.101:1

TCP TTL:44 TOS:0x10 ID:242

***FRP** Seq: 0XA1D95 Ack: 0x53 Win: 0x400

.

.

.

05/20-17:06:58.685879 192.160.13.4:31337 -gt; 172.16.1.101:1024

TCP TTL:44 TOS:0x10 ID:242

***FRP** Seg: 0XA1D95 Ack: 0x53 Win: 0x400

What is odd about this attack? (Choose the most appropriate statement)

  1. This is not a spoofed packet as the IP stack has increasing numbers for the three flags.

  2. This is back orifice activity as the scan comes from port 31337.

  3. The attacker wants to avoid creating a sub-carrier connection that is not normally valid.

  4. There packets were created by a tool; they were not created by a standard IP stack.

Answer: B

Explanation: Port 31337 is normally used by Back Orifice. Note that 31337 is hackers spelling of ‘elite’, meaning ‘elite hackers’.

Question No: 25 – (Topic 2)

Network Administrator Patricia is doing an audit of the network. Below are some of her findings concerning DNS. Which of these would be a cause for alarm?

Select the best answer.

  1. There are two external DNS Servers for Internet domains. Both are AD integrated.

  2. All external DNS is done by an ISP.

  3. Internal AD Integrated DNS servers are using private DNS names that are

  4. unregistered.

  5. Private IP addresses are used on the internal network and are registered with the internal AD integrated DNS server.

Answer: A

Explanation: Explanations:

  1. There are two external DNS Servers for Internet domains. Both are AD integrated. This is the correct answer. Having an AD integrated DNS external server is a serious cause for alarm. There is no need for this and it causes vulnerability on the network.

  2. All external DNS is done by an ISP.

    This is not the correct answer. This would not be a cause for alarm. This would actually reduce the company#39;s network risk as it is offloaded onto the ISP.

  3. Internal AD Integrated DNS servers are using private DNS names that are unregistered. This is not the correct answer. This would not be a cause for alarm. This would actually reduce the company#39;s network risk.

  4. Private IP addresses are used on the internal network and are registered with the internal AD integrated DNS server.

This is not the correct answer. This would not be a cause for alarm. This would actually reduce the company#39;s network risk.

Question No: 26 – (Topic 2)

To what does “message repudiation” refer to what concept in the realm of email security?

  1. Message repudiation means a user can validate which mail server or servers a message was passed through.

  2. Message repudiation means a user can claim damages for a mail message that damaged their reputation.

  3. Message repudiation means a recipient can be sure that a message was sent from a particular person.

  4. Message repudiation means a recipient can be sure that a message was sent from a certain host.

  5. Message repudiation means a sender can claim they did not actually send a particular message.

Answer: E

Explanation: A quality that prevents a third party from being able to prove that a communication between two other parties ever took place. This is a desirable quality if you do not want your communications to be traceable.

Non-repudiation is the opposite quality-a third party can prove that a communication between two other parties took place. Non-repudiation is desirable if you want to be able to trace your communications and prove that they occurred. Repudiation – Denial of message submission or delivery.

Question No: 27 – (Topic 2)

A very useful resource for passively gathering information about a target company is:

  1. Host scanning

  2. Whois search

  3. Traceroute

  4. Ping sweep

Answer: B

Explanation: A, C amp; D are quot;Activequot; scans, the question says: quot;Passivelyquot;

Question No: 28 – (Topic 2)

Which of the following activities will NOT be considered as passive footprinting?

  1. Go through the rubbish to find out any information that might have been discarded.

  2. Search on financial site such as Yahoo Financial to identify assets.

  3. Scan the range of IP address found in the target DNS database.

  4. Perform multiples queries using a search engine.

Answer: C

Explanation: Passive footprinting is a method in which the attacker never makes contact with the target systems. Scanning the range of IP addresses found in the target DNS is considered making contact to the systems behind the IP addresses that is targeted by the scan.

Question No: 29 – (Topic 2)

NSLookup is a good tool to use to gain additional information about a target network. What does the following command accomplish?

nslookup

gt; server lt;ipaddressgt;

gt; set type =any

gt; ls -d lt;target.comgt;

  1. Enables DNS spoofing

  2. Loads bogus entries into the DNS table

  3. Verifies zone security

  4. Performs a zone transfer

  5. Resets the DNS cache

Answer: D

Explanation: If DNS has not been properly secured, the command sequence displayed above will perform a zone transfer.

Question No: 30 – (Topic 2)

Which of the following activities would not be considered passive footprinting?

  1. Search on financial site such as Yahoo Financial

  2. Perform multiple queries through a search engine

  3. Scan the range of IP address found in their DNS database

  4. Go through the rubbish to find out any information that might have been discarded

Answer: C

Explanation: Passive footprinting is a method in which the attacker never makes contact with the target. Scanning the targets IP addresses can be logged at the target and therefore contact has been made.

100% Ensurepass Free Download!
Download Free Demo:312-50 Demo PDF
100% Ensurepass Free Guaranteed!
312-50 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No