CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. 312-50

Free 312-50 Exam Braindumps (page: 32)

Page 31 of 191
PDF with 765 Questions

Study the log below and identify the scan type.

  1. nmap R 192.168.1.10
  2. nmap S 192.168.1.10
  3. nmap V 192.168.1.10
  4. nmap –sO –T 192.168.1.10

Answer(s): D

Explanation:

-sO: IP protocol scans: This method is used to determine which IP protocols are supported on a host. The technique is to send raw IP packets without any further protocol header to each specified protocol on the target machine.



Gerald, the systems administrator for Hyped Enterprise, has just discovered that his network has been breached by an outside attacker. After performing routine maintenance on his servers, his discovers numerous remote tools were installed that no one claims to have knowledge of in his department.
Gerald logs onto the management console for his IDS and discovers an unknown IP address that scanned his network constantly for a week and was able to access his network through a high-level port that was not closed. Gerald traces the IP address he found in the IDS log to proxy server in Brazil.
Gerald calls the company that owns the proxy server and after searching through their logs, they trace the source to another proxy server in Switzerland. Gerald calls the company in Switzerland that owns the proxy server and after scanning through the logs again, they trace the source back to a proxy server in China.
What tool Geralds’s attacker used to cover their tracks?

  1. Tor
  2. ISA
  3. IAS
  4. Cheops

Answer(s): A

Explanation:

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).



Which of the following is a patch management utility that scans one or more computers on your network and alerts you if you important Microsoft Security patches are missing. It then provides links that enable those missing patches to be downloaded and installed.

  1. MBSA
  2. BSSA
  3. ASNB
  4. PMUS

Answer(s): A

Explanation:

The Microsoft Baseline Security Analyzer (MBSA) is a tool put out by Microsoft to help analyze security problems in Microsoft Windows. It does this by scanning the system for security problems in Windows, Windows components such as the IIS web server application, Microsoft SQL Server, and Microsoft Office. One example of an issue might be that permissions for one of the directories in the wwwroot folder of IIS could be set at too low a level, allowing unwanted modification of files from outsiders.



You are conducting an idlescan manually using HPING2. During the scanning process, you notice that almost every query increments the IPID- regardless of the port being queried.
One or two of the queries cause the IPID to increment by more than one value. Which of he following options would be a possible reason?

  1. Hping2 can’t be used for idlescanning
  2. The Zombie you are using is not truly idle
  3. These ports are actually open on the target system
  4. A stateful inspection firewall is resetting your queries

Answer(s): B

Explanation:

If the IPID increments more than one value that means that there has been network traffic between the queries so the zombie is not idle.






Post your Comments and Discuss EC-Council 312-50 exam with other Community members:

312-50 Discussions & Posts