What sequence of packets is sent during the initial TCP three-way handshake?
Answer(s): D
This is referred to as a "three way handshake." The "SYN" flags are requests by the TCP stack at one end of a socket to synchronize themselves to the sequence numbering for this new sessions. The ACK flags acknowlege earlier packets in this session. Obviously only the initial packet has no ACK flag, since there are no previous packets to acknowlege. Only the second packet (the first response from a server to a client) has both the SYN and the ACK bits set.
Exhibit:What type of attack is shown in the above diagram?
A man-in-the-middle attack (MITM) is an attack in which an attacker is able to read, insert and modify at will, messages between two parties without either party knowing that the link between them has been compromised.
Exhibit:Study the following log extract and identify the attack.
The “Get /msadc/……/……/……/winnt/system32/cmd.exe?” shows that a Unicode Directory Traversal Attack has been performed.
Exhibit: Based on the following extract from the log of a compromised machine, what is the hacker really trying to steal?
Answer(s): B
He is actually trying to get the file har.txt but this file contains a copy of the SAM file.
Post your Comments and Discuss EC-Council 312-50 exam with other Community members:
Comeru Commented on December 04, 2024 You pass this exam with these questions. But you need to get the full version. UNITED STATES
ribrahim Commented on June 29, 2023 Done the purchase downloaded successfully thanks! SINGAPORE
Drew Commented on March 08, 2018 need step 3 download activated UNITED STATES
Josh Commented on September 18, 2017 Just paid for it ... seamless experience ... looking forward to using the program to study for the CEH and pass it with flying colors! UNITED STATES
Our website is free, but we have to fight against bots and content theft. We're sorry for the inconvenience caused by these security measures. You can access the rest of the 312-50 content, but please register or login to continue.