[Free] 2018(Jan) EnsurePass Dumpsleader ECCouncil 312-50 Dumps with VCE and PDF 241-250

Ensurepass.com : Ensure you pass the IT Exams
2018 Jan ECCouncil Official New Released 312-50
100% Free Download! 100% Pass Guaranteed!

Ethical Hacking and Countermeasures

Question No: 241 – (Topic 6)

Which definition below best describes a covert channel?

  1. Making use of a Protocol in a way it was not intended to be used

  2. It is the multiplexing taking place on communication link

  3. It is one of the weak channels used by WEP that makes it insecure

  4. A Server Program using a port that is not well known

    Answer: A

    Explanation: A covert channel is a hidden communication channel not intended for information transfer at all. Redundancy can often be used to communicate in a covert way. There are several ways that hidden communication can be set up.

    Question No: 242 – (Topic 6)

    Erik notices a big increase in UDP packets sent to port 1026 and 1027 occasionally. He enters the following at the command prompt.

    $ nc -l -p 1026 -u -v

    In response, he sees the following message.


    Windows has found 47 Critical Errors. To fix the errors please do the following:

    1. Download Registry Repair from: www.reg-patch.com

    2. Install Registry Repair

    3. Run Registry Repair

    4. Reboot your computer


      What would you infer from this alert?

      1. The machine is redirecting traffic to www.reg-patch.com using adware

      2. It is a genuine fault of windows registry and the registry needs to be backed up

      3. An attacker has compromised the machine and backdoored ports 1026 and 1027

      4. It is a messenger spam. Windows creates a listener on one of the low dynamic ports from 1026 to 1029 and the message usually promotes malware disguised as legitimate utilities

Answer: D

Explanation: The quot;net sendquot; Messenger service can be used by unauthorized users of

your computer, without gaining any kind of privileged access, to cause a pop-up window to appear on your computer. Lately, this feature has been used by unsolicited commercial advertisers to inform many campus users about a quot;university diploma servicequot;…

Question No: 243 – (Topic 6)

You want to use netcat to generate huge amount of useless network data continuously for various performance testing between 2 hosts.

Which of the following commands accomplish this?

  1. Machine A

    #yes AAAAAAAAAAAAAAAAAAAAAA | nc -v -v -l -p 2222 gt; /dev/null Machine B

    #yes BBBBBBBBBBBBBBBBBBBBBB | nc machinea 2222 gt; /dev/null

  2. Machine A

    cat somefile | nc -v -v -l -p 2222 Machine B

    cat somefile | nc othermachine 2222

  3. Machine A

    nc -l -p 1234 | uncompress -c | tar xvfp Machine B

    tar cfp – /some/dir | compress -c | nc -w 3 machinea 1234

  4. Machine A while true : do

nc -v -l -s -p 6000 machineb 2 Machine B

while true ; do

nc -v -l -s -p 6000 machinea 2 done

Answer: A Explanation:

Machine A is setting up a listener on port 2222 using the nc command and then having the letter A sent an infinite amount of times, when yes is used to send data yes NEVER stops until it recieves a break signal from the terminal (Control C), on the client end (machine B), nc is being used as a client to connect to machine A, sending the letter B and infinite amount of times, while both clients have established a TCP connection each client is

infinitely sending data to each other, this process will run FOREVER until it has been stopped by an administrator or the attacker.

Question No: 244 – (Topic 6)

John wants to try a new hacking tool on his Linux System. As the application comes from a site in his untrusted zone, John wants to ensure that the downloaded tool has not been Trojaned. Which of the following options would indicate the best course of action for John?

  1. Obtain the application via SSL

  2. Obtain the application from a CD-ROM disc

  3. Compare the files’ MD5 signature with the one published on the distribution media

  4. Compare the file’s virus signature with the one published on the distribution media

Answer: C

Explanation: In essence, MD5 is a way to verify data integrity, and is much more reliable than checksum and many other commonly used methods.

Question No: 245 – (Topic 6)

After an attacker has successfully compromised a remote computer, what would be one of the last steps that would be taken to ensure that the compromise is not traced back to the source of the problem?

  1. Install pactehs

  2. Setup a backdoor

  3. Cover your tracks

  4. Install a zombie for DDOS

Answer: C

Explanation: As a hacker you don’t want to leave any traces that could lead back to you.

Question No: 246 – (Topic 6)

In the context of Trojans, what is the definition of a Wrapper?

  1. An encryption tool to protect the Trojan.

  2. A tool used to bind the Trojan with legitimate file.

  3. A tool used to encapsulated packets within a new header and footer.

  4. A tool used to calculate bandwidth and CPU cycles wasted by the Trojan.

Answer: B

Explanation: These wrappers allow an attacker to take any executable back-door program and combine it with any legitimate executable, creating a Trojan horse without writing a single line of new code.

Question No: 247 – (Topic 6)

You suspect that your Windows machine has been compromised with a Trojan virus. When you run anti-virus software it does not pick of the Trojan. Next you run netstat command to look for open ports and you notice a strange port 6666 open.

What is the next step you would do?

  1. Re-install the operating system.

  2. Re-run anti-virus software.

  3. Install and run Trojan removal software.

  4. Run utility fport and look for the application executable that listens on port 6666.

Answer: D

Explanation: Fport reports all open TCP/IP and UDP ports and maps them to the owning application. This is the same information you would see using the #39;netstat -an#39; command, but it also maps those ports to running processes with the PID, process name and path. Fport can be used to quickly identify unknown open ports and their associated applications.

Topic 7, Sniffers

Question No: 248 – (Topic 7)

What is the command used to create a binary log file using tcpdump?

  1. tcpdump -r log

  2. tcpdump -w ./log

  3. tcpdump -vde -r log

  4. tcpdump -l /var/log/

Answer: B

Explanation: tcpdump [ -adeflnNOpqStvx ] [ -c count ] [ -F file ] [ -i interface ] [ -r file ] [ -s

snaplen ] [ -T type ] [ -w file ] [ expression ]

-w Write the raw packets to file rather than parsing and printing them out.

Question No: 249 – (Topic 7)

ARP poisoning is achieved in steps

  1. 1

  2. 2

  3. 3

  4. 4

Answer: B

Explanation: The hacker begins by sending a malicious ARP quot;replyquot; (for which there was no previous request) to your router, associating his computer#39;s MAC address with your IP Address. Now your router thinks the hacker#39;s computer is your computer. Next, the hacker sends a malicious ARP reply to your computer, associating his MAC Address with the routers IP Address. Now your machine thinks the hacker#39;s computer is your router. The hacker has now used ARP poisoning to accomplish a MitM attack.

Question No: 250 – (Topic 7)

Daryl is a network administrator working for Dayton Technologies. Since Daryl’s background is in web application development, many of the programs and applications his company uses are web-based. Daryl sets up a simple forms-based logon screen for all the applications he creates so they are secure.

The problem Daryl is having is that his users are forgetting their passwords quite often and sometimes he does not have the time to get into his applications and change the passwords for them. Daryl wants a tool or program that can monitor

web-based passwords and notify him when a password has been changed so he can use that tool whenever a user calls him and he can give them their password right then.

What tool would work best for Daryl’s needs?

  1. Password sniffer

  2. L0phtcrack

  3. John the Ripper

  4. WinHttrack

Answer: A Explanation:

L0phtCrack is a password auditing and recovery application (now called LC5), originally produced by Mudge from L0pht Heavy Industries. It is used to test password strength and sometimes to recover lost Microsoft Windows passwords.

John the Ripper is one of the most popular password testing/breaking programs as it combines a number of password crackers into one package, autodetects password hash types, and includes a customisable cracker. It can be run against various encrypted password formats including several crypt password hash types

WinHttrack is a offline browser.

A password sniffer would give Daryl the passwords when they are changed as it is a web based authentication over a simple form but still it would be more correct to give the users new passwords instead of keeping a copy of the passwords in clear text.

100% Ensurepass Free Download!
Download Free Demo:312-50 Demo PDF
100% Ensurepass Free Guaranteed!
312-50 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No