CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. 312-50

Free 312-50 Exam Braindumps (page: 50)

Page 49 of 191
PDF with 765 Questions

Which of the following are well know password-cracking programs?(Choose all that apply.

  1. L0phtcrack
  2. NetCat
  3. Jack the Ripper
  4. Netbus
  5. John the Ripper

Answer(s): A,E

Explanation:

L0phtcrack and John the Ripper are two well know password-cracking programs. Netcat is considered the Swiss-army knife of hacking tools, but is not used for password cracking



Password cracking programs reverse the hashing process to recover passwords. (True/False.)

  1. True
  2. False

Answer(s): B

Explanation:

Password cracking programs do not reverse the hashing process. Hashing is a one-way process. What these programs can do is to encrypt words, phrases, and characters using the same encryption process and compare them to the original password. A hashed match reveals the true password.



While examining audit logs, you discover that people are able to telnet into the SMTP server on port 25. You would like to block this, though you do not see any evidence of an attack or other wrong doing. However, you are concerned about affecting the normal functionality of the email server. From the following options choose how best you can achieve this objective?

  1. Block port 25 at the firewall.
  2. Shut off the SMTP service on the server.
  3. Force all connections to use a username and password.
  4. Switch from Windows Exchange to UNIX Sendmail.
  5. None of the above.

Answer(s): E

Explanation:

Blocking port 25 in the firewall or forcing all connections to use username and password would have the consequences that the server is unable to communicate with other SMTP servers. Turning of the SMTP service would disable the email function completely. All email servers use SMTP to communicate with other email servers and therefore changing email server will not help.



Windows LAN Manager (LM) hashes are known to be weak. Which of the following are known weaknesses of LM? (Choose three)

  1. Converts passwords to uppercase.
  2. Hashes are sent in clear text over the network.
  3. Makes use of only 32 bit encryption.
  4. Effective length is 7 characters.

Answer(s): A,B,D

Explanation:

The LM hash is computed as follows.1. The user’s password as an OEM string is converted to uppercase. 2. This password is either null-padded or truncated to 14 bytes. 3. The “fixed-length” password is split into two 7-byte halves. 4. These values are used to create two DES keys, one from each 7-byte half. 5. Each of these keys is used to DES-encrypt the constant ASCII string “KGS!@#$%”, resulting in two 8-byte ciphertext values. 6. These two ciphertext values are concatenated to form a 16-byte value, which is the LM hash.
The hashes them self are sent in clear text over the network instead of sending the password in clear text.






Post your Comments and Discuss EC-Council 312-50 exam with other Community members:

312-50 Discussions & Posts