SNMP is a connectionless protocol that uses UDP instead of TCP packets? (True or False)
Answer(s): A
TCP and UDP provide transport services. But UDP was preferred. This is due to TCP characteristics, it is a complicate protocol and it consume to many memory and CPU resources. Where as UDP is easy to build and run. Into devices (repeaters and modems) vendors have built simple version of IP and UDP.
Maurine is working as a security consultant for Hinklemeir Associate. She has asked the Systems Administrator to create a group policy that would not allow null sessions on the network. The Systems Administrator is fresh out of college and has never heard of null sessions and does not know what they are used for. Maurine is trying to explain to the Systems Administrator that hackers will try to create a null session when footprinting the network.Why would an attacker try to create a null session with a computer on a network?
The Null Session is often referred to as the "Holy Grail" of Windows hacking. Listed as the number 5 windows vulnerability on the SANS/FBI Top 20 list, Null Sessions take advantage of flaws in the CIFS/SMB (Common Internet File System/Server Messaging Block) architecture.You can establish a Null Session with a Windows (NT/2000/XP) host by logging on with a null user name and password. Using these null connections allows you to gather the following information from the host:-List of users and groups- List of machines- List of shares- Users and host SID' (Security Identifiers)
If a token and 4-digit personal identification number (PIN) are used to access a computer system and the token performs off-line checking for the correct PIN, what type of attack is possible?
Answer(s): B
Brute force attacks are performed with tools that cycle through many possible character, number, and symbol combinations to guess a password. Since the token allows offline checking of PIN, the cracker can keep trying PINS until it is cracked.
Bob is doing a password assessment for one of his clients. Bob suspects that security policies are not in place. He also suspects that weak passwords are probably the norm throughout the company he is evaluating. Bob is familiar with password weaknesses and key loggers.Which of the following options best represents the means that Bob can adopt to retrieve passwords from his clients hosts and servers.
Different types of keylogger planted into the environment would retrieve the passwords for Bob..
Post your Comments and Discuss EC-Council 312-50 exam with other Community members:
Comeru Commented on December 04, 2024 You pass this exam with these questions. But you need to get the full version. UNITED STATES
ribrahim Commented on June 29, 2023 Done the purchase downloaded successfully thanks! SINGAPORE
Drew Commented on March 08, 2018 need step 3 download activated UNITED STATES
Josh Commented on September 18, 2017 Just paid for it ... seamless experience ... looking forward to using the program to study for the CEH and pass it with flying colors! UNITED STATES
Our website is free, but we have to fight against bots and content theft. We're sorry for the inconvenience caused by these security measures. You can access the rest of the 312-50 content, but please register or login to continue.