CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. 312-50v13

Free 312-50v13 Exam Braindumps (page: 24)

Page 23 of 79
PDF with 309 Questions

Attacker Rony installed a rogue access point within an organization’s perimeter and attempted to intrude into its internal network. Johnson, a security auditor, identified some unusual traffic in the internal network that is aimed at cracking the authentication mechanism. He immediately turned off the targeted network and tested for any weak and outdated security mechanisms that are open to attack.

What is the type of vulnerability assessment performed by Johnson in the above scenario?

  1. Wireless network assessment
  2. Application assessment
  3. Host-based assessment
  4. Distributed assessment

Answer(s): A



In this attack, an adversary tricks a victim into reinstalling an already-in-use key. This is achieved by manipulating and replaying cryptographic handshake messages. When the victim reinstalls the key, associated parameters such as the incremental transmit packet number and receive packet number are reset to their initial values.

What is this attack called?

  1. Evil twin
  2. Chop chop attack
  3. Wardriving
  4. KRACK

Answer(s): D


Reference:

https://www.krackattacks.com/



After an audit, the auditors inform you that there is a critical finding that you must tackle immediately. You read the audit report, and the problem is the service running on port 389.

Which service is this and how can you tackle the problem?

  1. The service is NTP, and you have to change it from UDP to TCP in order to encrypt it.
  2. The service is LDAP, and you must change it to 636, which is LDAPS.
  3. The findings do not require immediate actions and are only suggestions.
  4. The service is SMTP, and you must change it to SMIME, which is an encrypted way to send emails.

Answer(s): B



Mike, a security engineer, was recently hired by BigFox Ltd. The company recently experienced disastrous DoS attacks. The management had instructed Mike to build defensive strategies for the company's IT infrastructure to thwart DoS/DDoS attacks. Mike deployed some countermeasures to handle jamming and scrambling attacks.

What is the countermeasure Mike applied to defend against jamming and scrambling attacks?

  1. Allow the transmission of all types of addressed packets at the ISP level
  2. Disable TCP SYN cookie protection
  3. Allow the usage of functions such as gets and strcpy
  4. Implement cognitive radios in the physical layer

Answer(s): D






Post your Comments and Discuss EC-Council 312-50v13 exam with other Community members:

312-50v13 Exam Discussions & Posts