Free 312-50v11 Exam Braindumps (page: 64)

Page 64 of 127

Gerard, a disgruntled ex-employee of Sunglass IT Solutions, targets this organization to perform sophisticated attacks and bring down its reputation in the market. To launch the attacks process, he performed DNS footprinting to gather information about ONS servers and to identify the hosts connected in the target network. He used an automated tool that can retrieve information about DNS zone data including DNS domain names, computer names. IP addresses. DNS records, and network Who is records. He further exploited this information to launch other sophisticated attacks. What is the tool employed by Gerard in the above scenario?

  1. Knative
  2. zANTI
  3. Towelroot
  4. Bluto

Answer(s): D



Boney, a professional hacker, targets an organization for financial benefits. He performs an attack by sending his session ID using an MITM attack technique. Boney first obtains a valid session ID by logging into a service and later feeds the same session 10 to the target employee. The session ID links the target employee to Boneys account page without disclosing any information to the victim. When the target employee clicks on the link, all the sensitive payment details entered in a form are linked to Boneys account. What is the attack performed by Boney in the above scenario?

  1. Session donation attack
  2. Session fixation attack
  3. Forbidden attack
  4. CRIME attack

Answer(s): A

Explanation:

In a session donation attack, the attacker donates their own session ID to the target user. In this attack, the attacker first obtains a valid session ID by logging into a service and later feeds the same session ID to the target user. This session ID links a target user to the attacker's account page without disclosing any information to the victim. When the target user clicks on the link and enters the details (username, password, payment details, etc.) in a form, the entered details are linked to the attacker's account. To initiate this attack, the attacker can send their session ID using techniques such as cross-site cooking, an MITM attack, and session fixation. A session donation attack involves the following steps.



Which of the following commands checks for valid users on an SMTP server?

  1. RCPT
  2. CHK
  3. VRFY
  4. EXPN

Answer(s): C

Explanation:

The VRFY commands enables SMTP clients to send an invitation to an SMTP server to verify that mail for a selected user name resides on the server. The VRFY command is defined in RFC 821. The server sends a response indicating whether the user is local or not, whether mail are going to be forwarded, and so on. A response of 250 indicates that the user name is local; a response of 251 indicates that the user name isn’t local, but the server can forward the message. The server response includes the mailbox name.



Bobby, an attacker, targeted a user and decided to hijack and intercept all their wireless communications. He installed a fake communication tower between two authentic endpoints to mislead the victim. Bobby used this virtual tower to interrupt the data transmission between the user and real tower, attempting to hijack an active session, upon receiving the users request. Bobby manipulated the traffic with the virtual tower and redirected the victim to a malicious website. What is the attack performed by Bobby in the above scenario?

  1. Wardriving
  2. KRACK attack
  3. jamming signal attack
  4. aLTEr attack

Answer(s): D



Page 64 of 127



Post your Comments and Discuss EC-Council 312-50v11 exam with other Community members:

Casandra commented on December 05, 2024
Do not book your exam if you don't know the topics and the questions. The test is super duper hard and almost impossible to pass without knowing the questions.
EUROPEAN UNION
upvote

Joseph commented on December 04, 2024
VERY HELPFUL TO ME
Anonymous
upvote

aam commented on November 20, 2024
great lesson
Anonymous
upvote

Naomie commented on November 12, 2024
Good material very helpful.
Anonymous
upvote

mo commented on October 08, 2024
a good practice thanks
Anonymous
upvote

Last-Minute Miracles commented on September 21, 2024
Thanks to this exam dumps and for posting it free.
Anonymous
upvote

Yorika commented on September 14, 2024
Quite impressive and accurate. The full version is well worth it with the Buy 1 Get one free deal. Basically you get 2 exams with 50% discount.
UNITED STATES
upvote

Sunny commented on September 14, 2024
I am pleased to let you know that I passed this exam last Friday. Here are some feedback to share: 1- The exam is tough so you must read and read and prepare 2- They give you enough time. Skip the questions you don't know and come back to it at the end. 3- Use this exam dumps. I saw most these questions in the exam. Good luck.
UNITED STATES
upvote

Emmanuel Fakayode commented on September 10, 2024
This is a great deal and an eyes opener.
Anonymous
upvote

MYSTERY MASTER commented on August 15, 2024
SEEMS HELPFUL
INDIA
upvote

Mohan commented on August 07, 2024
This is one of the most compete and comprehensive exam questions and answers I have came across.
INDIA
upvote

Raks commented on May 28, 2024
No comments till now
Anonymous
upvote

Pranav commented on July 22, 2022
This site keeps its promise. The 100% pass is real. Thank you team.
UNITED STATES
upvote

Nathan commented on June 18, 2021
I bought 2 exams for the 50% sale. I already passed one of them. I am prepareing for my next exam. These exam dumps questions are very helpful.
POLAND
upvote