CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. 312-50

Free 312-50 Exam Braindumps (page: 33)

Page 32 of 191
PDF with 765 Questions

While reviewing the results of a scan run against a target network you come across the following:


What was used to obtain this output?

  1. An SNMP Walk
  2. Hping2 diagnosis
  3. A Bo2K System query
  4. Nmap protocol/port scan

Answer(s): A

Explanation:

The snmpwalk command is designed to perform a sequence of chained GETNEXT requests automatically, rather than having to issue the necessary snmpgetnext requests by hand. The command takes a single OID, and will display a list of all the results which lie within the subtree rooted on this OID.



Which of the following nmap command in Linux procedures the above output?

  1. sudo nmap –sP 192.168.0.1/24
  2. root nmap –sA 192.168.0.1/24
  3. run nmap –TX 192.168.0.1/24
  4. launch nmap –PP 192.168.0.1/24

Answer(s): A

Explanation:

This is an output from a ping scan. The option –sP will give you a ping scan of the 192.168.0.1/24 network.



Sandra has been actively scanning the client network on which she is doing a vulnerability assessment test. While conducting a port scan she notices open ports in the range of 135 to 139. What protocol is most likely to be listening on those ports?

  1. Finger
  2. FTP
  3. Samba
  4. SMB

Answer(s): D

Explanation:

The SMB (Server Message Block) protocol is used among other things for file sharing in Windows NT / 2000. In Windows NT it ran on top of NBT (NetBIOS over TCP/IP), which used the famous ports 137, 138 (UDP) and 139 (TCP). In Windows 2000, Microsoft added the possibility to run SMB directly over TCP/IP, without the extra layer of NBT. For this they use TCP port 445.



SNMP is a protocol used to query hosts, servers, and devices about performance or health status datA. This protocol has long been used by hackers to gather great amount of information about remote hosts.
Which of the following features makes this possible? (Choose two)

  1. It used TCP as the underlying protocol.
  2. It uses community string that is transmitted in clear text.
  3. It is susceptible to sniffing.
  4. It is used by all network devices on the market.

Answer(s): B,C

Explanation:

Simple Network Management Protocol (SNMP) is a protocol which can be used by administrators to remotely manage a computer or network device. There are typically 2 modes of remote SNMP monitoring. These modes are roughly 'READ' and 'WRITE' (or PUBLIC and PRIVATE). If an attacker is able to guess a PUBLIC community string, they would be able to read SNMP data (depending on which MIBs are installed) from the remote device. This information might include system time, IP addresses, interfaces, processes running, etc. Version 1 of SNMP has been criticized for its poor security. Authentication of clients is performed only by a "community string", in effect a type of password, which is transmitted in cleartext.






Post your Comments and Discuss EC-Council 312-50 exam with other Community members:

312-50 Discussions & Posts