Exhibit:The following is an entry captured by a network IDS. You are assigned the task of analyzing this entry. You notice the value 0x90, which is the most common NOOP instruction for the Intel processor. You figure that the attacker is attempting a buffer overflow attack. You also notice "/bin/sh" in the ASCII part of the output. As an analyst what would you conclude about the attack?
Answer(s): D
This log entry shows a hacker using a buffer overflow to fill the data buffer and trying to insert the execution of /bin/sh into the executable code part of the thread. It is probably an existing exploit that is used, or a directed attack with a custom built buffer overflow with the “payload” that launches the command shell.
As a securing consultant, what are some of the things you would recommend to a company to ensure DNS security?Select the best answers.
Answer(s): B,C,D,E
A is not a correct answer as it is never recommended to use a DNS server for any other application. Hardening of the DNS servers makes them less vulnerable to attack. It is recommended to split internal and external DNS servers (called split-horizon operation). Zone transfers should only be accepted from authorized DNS servers.By having DNS servers on different subnets, you may prevent both from going down, even if one of your networks goes down.
Drag the application to match with its correct description.
Answer(s): B
What tool can crack Windows SMB passwords simply by listening to network traffic? Select the best answer.
This is possible with a SMB packet capture module for L0phtcrack and a known weaknesses in the LM hash algorithm.
Post your Comments and Discuss EC-Council 312-50 exam with other Community members:
Comeru Commented on December 04, 2024 You pass this exam with these questions. But you need to get the full version. UNITED STATES
ribrahim Commented on June 29, 2023 Done the purchase downloaded successfully thanks! SINGAPORE
Drew Commented on March 08, 2018 need step 3 download activated UNITED STATES
Josh Commented on September 18, 2017 Just paid for it ... seamless experience ... looking forward to using the program to study for the CEH and pass it with flying colors! UNITED STATES
Our website is free, but we have to fight against bots and content theft. We're sorry for the inconvenience caused by these security measures. You can access the rest of the 312-50 content, but please register or login to continue.