CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. 312-50

Free 312-50 Exam Braindumps (page: 52)

Page 51 of 191
PDF with 765 Questions

Fingerprinting an Operating System helps a cracker because:

  1. It defines exactly what software you have installed
  2. It opens a security-delayed window based on the port being scanned
  3. It doesn't depend on the patches that have been applied to fix existing security holes
  4. It informs the cracker of which vulnerabilities he may be able to exploit on your system

Answer(s): D

Explanation:

When a cracker knows what OS and Services you use he also knows which exploits might work on your system. If he would have to try all possible exploits for all possible Operating Systems and Services it would take too long time and the possibility of being detected increases.



In the context of Windows Security, what is a 'null' user?

  1. A user that has no skills
  2. An account that has been suspended by the admin
  3. A pseudo account that has no username and password
  4. A pseudo account that was created for security administration purpose

Answer(s): C

Explanation:

NULL sessions take advantage of “features” in the SMB (Server Message Block) protocol that exist primarily for trust relationships. You can establish a NULL session with a Windows host by logging on with a NULL user name and password. Using these NULL connections allows you to gather the following information from the host:* List of users and groups
* List of machines * List of shares * Users and host SID' (Security Identifiers)
NULL sessions exist in windows networking to allow: * Trusted domains to enumerate resources * Computers outside the domain to authenticate and enumerate users * The SYSTEM account to authenticate and enumerate resources
NetBIOS NULL sessions are enabled by default in Windows NT and 2000. Windows XP and 2003 will allow anonymous enumeration of shares, but not SAM accounts.



What does the following command in netcat do? nc -l -u -p 55555 < /etc/passwd

  1. logs the incoming connections to /etc/passwd file
  2. loads the /etc/passwd file to the UDP port 55555
  3. grabs the /etc/passwd file when connected to UDP port 55555
  4. deletes the /etc/passwd file when connected to the UDP port 55555

Answer(s): C

Explanation:

-l forces netcat to listen for incoming connections.
-u tells netcat to use UDP instead of TCP
-p 5555 tells netcat to use port 5555
< /etc/passwd tells netcat to grab the /etc/passwd file when connected to.



What hacking attack is challenge/response authentication used to prevent?

  1. Replay attacks
  2. Scanning attacks
  3. Session hijacking attacks
  4. Password cracking attacks

Answer(s): A

Explanation:

A replay attack is a form of network attack in which a valid data transmission is maliciously or fraudulently repeated or delayed. This is carried out either by the originator or by an adversary who intercepts the data and retransmits it. With a challenge/response authentication you ensure that captured packets can’t be retransmitted without a new authentication.






Post your Comments and Discuss EC-Council 312-50 exam with other Community members:

312-50 Discussions & Posts