CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. 312-50

Free 312-50 Exam Braindumps (page: 21)

Page 20 of 191
PDF with 765 Questions

Exhibit:

(Note: the student is being tested on concepts learnt during passive OS fingerprinting, basic TCP/IP connection concepts and the ability to read packet signatures from a sniff dump.)
Snort has been used to capture packets on the network. On studying the packets, the penetration tester finds it to be abnormal. If you were the penetration tester, why would you find this abnormal?
What is odd about this attack? Choose the best answer.

  1. This is not a spoofed packet as the IP stack has increasing numbers for the three flags.
  2. This is back orifice activity as the scan comes form port 31337.
  3. The attacker wants to avoid creating a sub-carries connection that is not normally valid.
  4. These packets were crafted by a tool, they were not created by a standard IP stack.

Answer(s): B

Explanation:

Port 31337 is normally used by Back Orifice. Note that 31337 is hackers spelling of ‘elite’, meaning ‘elite hackers’.



Which type of Nmap scan is the most reliable, but also the most visible, and likely to be picked up by and IDS?

  1. SYN scan
  2. ACK scan
  3. RST scan
  4. Connect scan
  5. FIN scan

Answer(s): D

Explanation:

The TCP full connect (-sT) scan is the most reliable.



Name two software tools used for OS guessing.(Choose two.

  1. Nmap
  2. Snadboy
  3. Queso
  4. UserInfo
  5. NetBus

Answer(s): A,C

Explanation:

Nmap and Queso are the two best-known OS guessing programs. OS guessing software has the ability to look at peculiarities in the way that each vendor implements the RFC's. These differences are compared with its database of known OS fingerprints. Then a best guess of the OS is provided to the user.



Sandra is the security administrator of ABC.com. One day she notices that the ABC.com Oracle database server has been compromised and customer information along with financial data has been stolen. The financial loss will be estimated in millions of dollars if the database gets into the hands of competitors. Sandra wants to report this crime to the law enforcement agencies immediately.
Which organization coordinates computer crime investigations throughout the United States?

  1. NDCA
  2. NICP
  3. CIRP
  4. NPC
  5. CIA

Answer(s): D






Post your Comments and Discuss EC-Council 312-50 exam with other Community members:

312-50 Discussions & Posts