[Dec-2022] Check your preparation for ECCouncil 312-50v12 On-Demand Exam [Q171-Q194]

4/5 - (1 vote)

[Dec-2022] Check your preparation for ECCouncil 312-50v12 On-Demand Exam

Practice Exam 312-50v12 Realistic Dumps Verified Questions

ECCouncil 312-50v12 Exam Syllabus Topics:

Topic	Details
Topic 1	Hacking Mobile Platforms DoS Attack, DDoS Attack, Botnets, DoS DDoS Attack Techniques
Topic 2	IoT Architecture, IoT Communication Models, OWASP Top 10 IoT Threats, IoT Vulnerabilities Denial-of-Service
Topic 3	Man-in-the-Browser Attack, Client-side Attacks, Session Replay Attacks, Session Fixation Attack IoT Hacking Methodology, IoT Hacking Tools, IoT Security Tools, IT OT Convergence (IIOT)
Topic 4	DoS DDoS Attack Tools, DoS DDoS Attack Detection Techniques, DoS DDoS Protection Tools Types of Viruses, Ransomware, Computer Worms, Fileless Malware, Malware Analysis
Topic 5	Cloud Computing, Types of Cloud Computing Services, Cloud Deployment Models, Fog and Edge Computing Vulnerability Analysis
Topic 6	Introduction to Ethical Hacking Malware, Components of Malware, APT, Trojan, Types of Trojans, Exploit Kits, Virus, Virus Lifecycle
Topic 7	Mobile Platform Attack Vectors, OWASP Top 10 Mobile Risks, App Sandboxing Wireless Terminology, Wireless Networks, Wireless Encryption
Topic 8	Foot Printing and Reconnaissance Social Engineering, Types of Social Engineering, Phishing, Phishing Tools
Topic 9	Network Sniffing, Wiretapping, MAC Flooding, DHCP Starvation Attack, ARP Spoofing Attack Hacking Web Applications
Topic 10	Hacking Wireless Networks Hacker Classes, Ethical Hacking, Information Assurance (IA), Risk Management, Incident Management
Topic 11	Evading IDS, Firewalls, and Honeypots Elements of Information Security, Cyber Kill Chain Methodology, MITRE ATT&CK Framework
Topic 12	SQL Injection, Types of SQL injection, Blind SQL Injection Web Application Architecture, Web Application Threats, OWASP Top 10 Application Security Risks

QUESTION 171
Log monitoring tools performing behavioral analysis have alerted several suspicious logins on a Linux server occurring during non-business hours. After further examination of all login activities, it is noticed that none of the logins have occurred during typical work hours. A Linux administrator who is investigating this problem realizes the system time on the Linux server is wrong by more than twelve hours. What protocol used on Linux servers to synchronize the time has stopped working?

Time Keeper

NTP

PPP

OSPP

QUESTION 172
User A is writing a sensitive email message to user B outside the local network. User A has chosen to use PKI to secure his message and ensure only user B can read the sensitive email. At what layer of the OSI layer does the encryption and decryption of the message take place?

Application

Transport

Session

Presentation

QUESTION 173
You have compromised a server and successfully gained a root access. You want to pivot and pass traffic undetected over the network and evade any possible Intrusion Detection System. What is the best approach?

Use Alternate Data Streams to hide the outgoing packets from this server.

Use HTTP so that all traffic can be routed vis a browser, thus evading the internal Intrusion Detection Systems.

Install Cryptcat and encrypt outgoing packets from this server.

Install and use Telnet to encrypt all outgoing traffic from this server.

QUESTION 174
joe works as an it administrator in an organization and has recently set up a cloud computing service for the organization. To implement this service, he reached out to a telecom company for providing Internet connectivity and transport services between the organization and the cloud service provider, in the NIST cloud deployment reference architecture, under which category does the telecom company fall in the above scenario?

Cloud booker

Cloud consumer

Cloud carrier

Cloud auditor

QUESTION 175
Bob, an attacker, has managed to access a target loT device. He employed an online tool to gather information related to the model of the loT device and the certifications granted to it. Which of the following tools did Bob employ to gather the above Information?

search.com

EarthExplorer

Google image search

FCC ID search

QUESTION 176
Websites and web portals that provide web services commonly use the Simple Object Access Protocol (SOAP).
Which of the following is an incorrect definition or characteristics of the protocol?

Exchanges data between web services

Only compatible with the application protocol HTTP

Provides a structured model for messaging

Based on XML

QUESTION 177
Which is the first step followed by Vulnerability Scanners for scanning a network?

OS Detection

Firewall detection

TCP/UDP Port scanning

Checking if the remote host is alive

QUESTION 178
A company’s security policy states that all Web browsers must automatically delete their HTTP browser cookies upon terminating. What sort of security breach is this policy attempting to mitigate?

Attempts by attackers to access the user and password information stored in the company’s SQL database.

Attempts by attackers to access Web sites that trust the Web browser user by stealing the user’s authentication credentials.

Attempts by attackers to access password stored on the user’s computer without the user’s knowledge.

Attempts by attackers to determine the user’s Web browser usage patterns, including when sites were visited and for how long.

QUESTION 179
The configuration allows a wired or wireless network interface controller to pass all traffic it receives to the Central Processing Unit (CPU), rather than passing only the frames that the controller is intended to receive. Which of the following is being described?

Multi-cast mode

Promiscuous mode

WEM

Port forwarding

QUESTION 180
In Trojan terminology, what is a covert channel?

A channel that transfers information within a computer system or network in a way that violates the security policy

A legitimate communication path within a computer system or network for transfer of data

It is a kernel operation that hides boot processes and services to mask detection

It is Reverse tunneling technique that uses HTTPS protocol instead of HTTP protocol to establish connections

QUESTION 181
A newly joined employee. Janet, has been allocated an existing system used by a previous employee. Before issuing the system to Janet, it was assessed by Martin, the administrator. Martin found that there were possibilities of compromise through user directories, registries, and other system parameters. He also Identified vulnerabilities such as native configuration tables, incorrect registry or file permissions, and software configuration errors. What is the type of vulnerability assessment performed by Martin?

Credentialed assessment

Database assessment

Host-based assessment

Distributed assessment

QUESTION 182
Vlady works in a fishing company where the majority of the employees have very little understanding of IT let alone IT Security. Several information security issues that Vlady often found includes, employees sharing password, writing his/her password on a post it note and stick it to his/her desk, leaving the computer unlocked, didn’t log out from emails or other social media accounts, and etc.
After discussing with his boss, Vlady decided to make some changes to improve the security environment in his company. The first thing that Vlady wanted to do is to make the employees understand the importance of keeping confidential information, such as password, a secret and they should not share it with other persons.
Which of the following steps should be the first thing that Vlady should do to make the employees in his company understand to importance of keeping confidential information a secret?

Warning to those who write password on a post it note and put it on his/her desk

Developing a strict information security policy

Information security awareness training

Conducting a one to one discussion with the other employees about the importance of information security

QUESTION 183
An attacker identified that a user and an access point are both compatible with WPA2 and WPA3 encryption. The attacker installed a rogue access point with only WPA2 compatibility in the vicinity and forced the victim to go through the WPA2 four-way handshake to get connected. After the connection was established, the attacker used automated tools to crack WPA2-encrypted messages. What is the attack performed in the above scenario?

Timing-based attack

Side-channel attack

Downgrade security attack

Cache-based attack

QUESTION 184
You went to great lengths to install all the necessary technologies to prevent hacking attacks, such as expensive firewalls, antivirus software, anti-spam systems and intrusion detection/prevention tools in your company’s network. You have configured the most secure policies and tightened every device on your network. You are confident that hackers will never be able to gain access to your network with complex security system in place.
Your peer, Peter Smith who works at the same department disagrees with you.
He says even the best network security technologies cannot prevent hackers gaining access to the network because of presence of “weakest link” in the security chain.
What is Peter Smith talking about?

Untrained staff or ignorant computer users who inadvertently become the weakest link in your security chain

“zero-day” exploits are the weakest link in the security chain since the IDS will not be able to detect these attacks

“Polymorphic viruses” are the weakest link in the security chain since the Anti-Virus scanners will not be able to detect these attacks

Continuous Spam e-mails cannot be blocked by your security system since spammers use different techniques to bypass the filters in your gateway

QUESTION 185
Hackers often raise the trust level of a phishing message by modeling the email to look similar to the internal email used by the target company. This includes using logos, formatting, and names of the target company. The phishing message will often use the name of the company CEO, President, or Managers. The time a hacker spends performing research to locate this information about a company is known as?

Exploration

Investigation

Reconnaissance

Enumeration

QUESTION 186
Gilbert, a web developer, uses a centralized web API to reduce complexity and increase the Integrity of updating and changing dat a. For this purpose, he uses a web service that uses HTTP methods such as PUT. POST. GET. and DELETE and can improve the overall performance, visibility, scalability, reliability, and portability of an application. What is the type of web-service API mentioned in the above scenario?

JSON-RPC

SOAP API

RESTful API

REST API

QUESTION 187
Which access control mechanism allows for multiple systems to use a central authentication server (CAS) that permits users to authenticate once and gain access to multiple systems?

Role Based Access Control (RBAC)

Discretionary Access Control (DAC)

Single sign-on

Windows authentication

QUESTION 188
James is working as an ethical hacker at Technix Solutions. The management ordered James to discover how vulnerable its network is towards footprinting attacks. James took the help of an open-source framework for performing automated reconnaissance activities. This framework helped James in gathering information using free tools and resources. What is the framework used by James to conduct footprinting and reconnaissance activities?

WebSploit Framework

Browser Exploitation Framework

OSINT framework

SpeedPhish Framework

QUESTION 189
Ricardo has discovered the username for an application in his targets environment. As he has a limited amount of time, he decides to attempt to use a list of common passwords he found on the Internet. He compiles them into a list and then feeds that list as an argument into his password-cracking application, what type of attack is Ricardo performing?

Known plaintext

Password spraying

Brute force

Dictionary

QUESTION 190
This form of encryption algorithm is asymmetric key block cipher that is characterized by a 128-bit block size, and its key size can be up to 256 bits. Which among the following is this encryption algorithm?

Twofish encryption algorithm

HMAC encryption algorithm

IDEA

Blowfish encryption algorithm

Twofish is an encryption algorithm designed by Bruce Schneier. It’s a symmetric key block cipher with a block size of 128 bits, with keys up to 256 bits. it’s associated with AES (Advanced Encryption Standard) and an earlier block cipher called Blowfish. Twofish was actually a finalist to become the industry standard for encryption, but was ultimately beaten out by the present AES. Twofish has some distinctive features that set it aside from most other cryptographic protocols. For one, it uses pre-computed, key-dependent S-boxes. An S-box (substitution-box) may be a basic component of any symmetric key algorithm which performs substitution. within the context of Twofish’s block cipher, the S-box works to obscure the connection of the key to the ciphertext. Twofish uses a pre-computed, key-dependent S-box which suggests that the S-box is already provided, but depends on the cipher key to decrypt the knowledge .
How Secure is Twofish?
Twofish is seen as a really secure option as far as encryption protocols go. one among the s that it wasn’t selected because the advanced encryption standard is thanks to its slower speed. Any encryption standard that uses a 128-bit or higher key, is theoretically safe from brute force attacks. Twofish is during this category. Because Twofish uses “pre-computed key-dependent S-boxes”, it are often susceptible to side channel attacks. this is often thanks to the tables being pre-computed. However, making these tables key-dependent helps mitigate that risk. There are a couple of attacks on Twofish, but consistent with its creator, Bruce Schneier, it didn’t constitute a real cryptanalysis. These attacks didn’t constitue a practical break within the cipher.
Products That Use Twofish
GnuPG: GnuPG may be a complete and free implementation of the OpenPGP standard as defined by RFC4880 (also referred to as PGP). GnuPG allows you to encrypt and sign your data and communications; it features a flexible key management system, along side access modules for all types of public key directories. KeePass: KeePass may be a password management tool that generates passwords with top-notch security. It’s a free, open source, lightweight and easy-to-use password manager with many extensions and plugins. Password Safe: Password Safe uses one master password to stay all of your passwords protected, almost like the functionality of most of the password managers on this list. It allows you to store all of your passwords during a single password database, or multiple databases for various purposes. Creating a database is straightforward , just create the database, set your master password. PGP (Pretty Good Privacy): PGP is employed mostly for email encryption, it encrypts the content of the e-mail . However, Pretty Good Privacy doesn’t encrypt the topic and sender of the e-mail , so make certain to never put sensitive information in these fields when using PGP. TrueCrypt: TrueCrypt may be a software program that encrypts and protects files on your devices. With TrueCrypt the encryption is transparent to the user and is completed locally at the user’s computer. this suggests you’ll store a TrueCrypt file on a server and TrueCrypt will encrypt that file before it’s sent over the network.

QUESTION 191
John, a disgruntled ex-employee of an organization, contacted a professional hacker to exploit the organization. In the attack process, the professional hacker Installed a scanner on a machine belonging to one of the vktims and scanned several machines on the same network to Identify vulnerabilities to perform further exploitation. What is the type of vulnerability assessment tool employed by John in the above scenario?

Proxy scanner

Agent-based scanner

Network-based scanner

Cluster scanner

QUESTION 192
Why containers are less secure that virtual machines?

Host OS on containers has a larger surface attack.

Containers may full fill disk space of the host.

A compromise container may cause a CPU starvation of the host.

Containers are attached to the same virtual network.

QUESTION 193
Henry is a penetration tester who works for XYZ organization. While performing enumeration on a client organization, he queries the DNS server for a specific cached DNS record. Further, by using this cached record, he determines the sites recently visited by the organization’s user. What is the enumeration technique used by Henry on the organization?

DNS zone walking

DNS cache snooping

DNS SEC zone walking

DNS cache poisoning

QUESTION 194
A pen tester is configuring a Windows laptop for a test. In setting up Wireshark, what river and library are required to allow the NIC to work in promiscuous mode?

Libpcap

Awinpcap

Winprom

Winpcap