312-50V11 Practice Questions
1,039 real 312-50V11 exam questions with expert-verified answers and explanations. Page 13 of 21.
- Question #601Scanning Networks
A hacker is attempting to see which ports have been left open on a network. Which NMAP switch would the hacker use?
NMAPport scanningIP protocol scanscan types - Question #602Scanning Networks
ICMP ping and ping sweeps are used to check for active systems and to check
ICMPping sweepactive host discoveryfirewall traversal - Question #603Scanning Networks
Which command line switch would be used in NMAP to perform operating system detection?
NMAPOS detectioncommand-line flagsfingerprinting - Question #604Footprinting and Reconnaissance
A hacker is attempting to use nslookup to query Domain Name Service (DNS). The hacker uses the nslookup interactive mode for the search. Which command should the hacker type into t...
nslookupDNSNS recordsinteractive mode - Question #605Footprinting and Reconnaissance
A hacker searches in Google for filetype:pcf to find Cisco VPN config files. Those files may contain connectivity passwords that can be decoded with which of the following?
Google hackingCisco VPN configpcf filesCain and Abel - Question #606Scanning Networks
An NMAP scan of a server shows port 25 is open. What risk could this pose?
port 25SMTPopen relayservice identification - Question #607Social Engineering
When utilizing technical assessment methods to assess the security posture of a network, which of the following techniques would be most effective in determining whether end-user s...
social engineeringend-user awarenesssecurity assessmentpenetration testing - Question #608Enumeration
A company has publicly hosted web applications and an internal Intranet protected by a firewall. Which technique will help protect against enumeration?
DNS zone transferA recordsenumeration preventionfirewall protection - Question #609Information Security and Ethical Hacking Fundamentals
Which of the following techniques will identify if computer files have been changed?
file integrityhashingchange detectionhost security - Question #610Scanning Networks
What are two things that are possible when scanning UDP ports? (Choose two)
UDP scanningICMP unreachableport statesscan responses - Question #611Scanning Networks
What does a type 3 code 13 represent?(Choose two.
ICMP type 3 code 13destination unreachableadministratively prohibitedICMP messages - Question #612Scanning Networks
Destination unreachable administratively prohibited messages can inform the hacker to what?
ICMP admin prohibitedpacket filteringrouter ACLfirewall detection - Question #613Scanning Networks
Which of the following Nmap commands would be used to perform a stack fingerprinting?
NmapOS fingerprintingstack fingerprintingTCP/IP stack - Question #614Scanning Networks
(Note: the student is being tested on concepts learnt during passive OS fingerprinting, basic TCP/IP connection concepts and the ability to read packet signatures from a sniff dump...
port 31337Back Orificepacket analysispassive OS fingerprinting - Question #615Scanning Networks
Which type of Nmap scan is the most reliable, but also the most visible, and likely to be picked up by and IDS?
TCP connect scanIDS detectionscan reliabilityNmap scan types - Question #616Scanning Networks
Name two software tools used for OS guessing? (Choose two.
OS fingerprintingNmapQuesopassive fingerprinting tools - Question #617Information Security and Ethical Hacking Fundamentals
Sandra is the security administrator of XYZ.com. One day she notices that the XYZ.com Oracle database server has been compromised and customer information along with financial data...
computer crimelaw enforcementincident responsecybercrime reporting - Question #618Enumeration
While reviewing the result of scanning run against a target network you come across the following: Which among the following can be used to get this output?
SNMP walkenumerationnetwork scanningprotocol scan output - Question #619Scanning Networks
You are manually conducting Idle Scanning using Hping2. During your scanning you notice that almost every query increments the IPID regardless of the port being queried. One or two...
idle scanningIPIDzombie hostHping2 - Question #620Scanning Networks
While performing ping scans into a target network you get a frantic call from the organization's security team. They report that they are under a denial of service attack. When you...
ping scansmurf attackbroadcast IPIDS evasion - Question #621Scanning Networks
Neil notices that a single address is generating traffic from its port 500 to port 500 of several other machines on the network. This scan is eating up most of the network bandwidt...
port 500IPSecIKEVPN detection - Question #622Scanning Networks
A distributed port scan operates by:
distributed scanningport scanningscan coordination - Question #623Scanning Networks
An nmap command that includes the host specification of 202.176.56-57.* will scan _______ number of hosts.
nmaphost specificationIP rangewildcard - Question #624Scanning Networks
A specific site received 91 ICMP_ECHO packets within 90 minutes from 47 different sites. 77 of the ICMP_ECHO packets had an ICMP ID:39612 and Seq:57072. 13 of the ICMP_ECHO packets...
ICMPpacket analysistraffic analysisscan detection - Question #625Sniffing
Which of the following commands runs snort in packet logger mode?
snortpacket logger modeIDScommand syntax - Question #626Scanning Networks
You have initiated an active operating system fingerprinting attempt with nmap against a target system: What operating system is the target host running based on the open ports sho...
OS fingerprintingnmapactive scanningopen ports - Question #627Scanning Networks
Study the log below and identify the scan type.
nmapIP protocol scanscan type identificationlog analysis - Question #628Scanning Networks
Which of the following command line switch would you use for OS detection in Nmap?
nmapOS detection-O flagcommand options - Question #629Enumeration
Why would an attacker want to perform a scan on port 137?
NetBIOSport 137NBTSTAThost information - Question #630Scanning Networks
Which Type of scan sends a packets with no flags set? Select the Answer
null scanTCP flagsstealth scanningport scanning - Question #631Scanning Networks
Sandra has been actively scanning the client network on which she is doing a vulnerability assessment test. While conducting a port scan she notices open ports in the range of 135...
SMBNetBIOSports 135-139Windows services - Question #632Enumeration
SNMP is a protocol used to query hosts, servers, and devices about performance or health status data. This protocol has long been used by hackers to gather great amount of informat...
SNMPcommunity stringscleartext protocolenumeration - Question #633Information Security and Ethical Hacking Fundamentals
Bob is acknowledged as a hacker of repute and is popular among visitors of "underground" sites. Bob is willing to share his knowledge with those who are willing to learn, and many...
ethical hackingsecurity educationblack hatwhite hat - Question #634Enumeration
Peter extracts the SIDs list from Windows 2000 Server machine using the hacking tool "SIDExtractor". Here is the output of the SIDs: From the above list identify the user account w...
SIDWindows accountsRID 500user enumeration - Question #635Scanning Networks
Which address translation scheme would allow a single public IP address to always correspond to a single machine on an internal network, allowing "server publishing"?
static NATaddress translationserver publishingNAT types - Question #636Enumeration
What is the following command used for? net use \targetipc$ "" /u:""
null sessionIPC$net useWindows enumeration - Question #637Footprinting and Reconnaissance
One of your team members has asked you to analyze the following SOA record. What is the TTL? Rutgers.edu.SOA NS1.Rutgers.edu ipad.college.edu (200302028 3600 3600 604800 2400.
DNSSOA recordminimum TTLzone records - Question #638Footprinting and Reconnaissance
One of your team members has asked you to analyze the following SOA record. What is the version? Rutgers.edu.SOA NS1.Rutgers.edu ipad.college.edu (200302028 3600 3600 604800 2400.
DNSSOA recordserial numberzone versioning - Question #639Footprinting and Reconnaissance
MX record priority increases as the number increases. (True/False.)
DNSMX recordmail priorityrecord types - Question #640Footprinting and Reconnaissance
Which of the following tools can be used to perform a zone transfer?
DNS zone transferNSLookupdigAXFR - Question #641Footprinting and Reconnaissance
Under what conditions does a secondary name server request a zone transfer from a primary name server?
DNS zone transferSOA serial numberprimary name serversecondary name server - Question #642Enumeration
What ports should be blocked on the firewall to prevent NetBIOS traffic from not coming through the firewall if your network is comprised of Windows NT, 2000, and XP?(Choose all th...
NetBIOSport filteringSMB portsfirewall rules - Question #643Hacking Web Servers
Joseph was the Web site administrator for the Mason Insurance in New York, who's main Web the Web site. One night, Joseph received an urgent phone call from his friend, Smith. Acco...
DNS cache poisoningDNS spoofingweb defacementname resolution - Question #644Enumeration
Which of the following tools are used for enumeration? (Choose three.)
enumeration toolsUSER2SIDDumpSecWindows enumeration - Question #645Enumeration
What did the following commands determine?
SID 500administrator accountSID lookupWindows enumeration - Question #646Evading IDS, Firewalls, and Honeypots
Which definition among those given below best describes a covert channel?
covert channelprotocol misusetunnelingIDS evasion - Question #647Session Hijacking
Susan has attached to her company's network. She has managed to synchronize her boss's sessions with that of the file server. She then intercepted his traffic destined for the serv...
man-in-the-middlesession synchronizationtraffic interceptiondata modification - Question #648Sniffing
Eric has discovered a fantastic package of tools named Dsniff on the Internet. He has learnt to use these tools in his lab and is now ready for real world exploitation. He was able...
man-in-the-middleDsniffcredential interceptionnetwork sniffing - Question #649Enumeration
Eve is spending her day scanning the library computers. She notices that Alice is using a computer whose port 445 is active and listening. Eve uses the ENUM tool to enumerate Alice...
ENUM toolnull sessionpassword crackingSMB enumeration - Question #650Malware Threats
Which of the following represents the initial two commands that an IRC client sends to join an IRC network?
IRC protocolbotnet C&CUSER commandNICK command