312-50V11 Practice Questions
1,039 real 312-50V11 exam questions with expert-verified answers and explanations. Page 14 of 21.
- Question #651Hacking Web Applications
Study the following log extract and identify the attack.
directory traversalUnicode encodinglog analysisweb attack - Question #652Enumeration
Null sessions are un-authenticated connections (not using a username or password.) to an NT or 2000 system. Which TCP and UDP ports must you filter to check null sessions on your n...
null sessionNetBIOSSMBport 445 - Question #653System Hacking
The following is an entry captured by a network IDS.You are assigned the task of analyzing this entry. You notice the value 0x90, which is the most common NOOP instruction for the...
buffer overflowNOP sledshellcodeexploit analysis - Question #654System Hacking
Based on the following extract from the log of a compromised machine, what is the hacker really trying to steal? c:\> cmd /c type c:\winnt\repair\sam > c:\har.txt Volume in drive C...
SAM filepassword hashescredential theftWindows passwords - Question #655Footprinting and Reconnaissance
As a securing consultant, what are some of the things you would recommend to a company to ensure DNS security? Select the best answers.
DNS securityzone transfer restrictionsplit-horizon DNSDNS hardening - Question #656Footprinting and Reconnaissance
Why would you consider sending an email to an address that you know does not exist within the company you are performing a Penetration Test for?
email footprintingbounce-back analysisemail server enumerationinformation gathering - Question #657System Hacking
What tool can crack Windows SMB passwords simply by listening to network traffic? Select the best answer.
L0phtcrackSMB password crackingWindows passwordsnetwork sniffing - Question #658Sniffing
A network admin contacts you. He is concerned that ARP spoofing or poisoning might occur on his network. What are some things he can do to prevent it? Select the best answers.
ARP spoofing preventionARPwatchport securitystatic ARP entries - Question #659Enumeration
Peter, a Network Administrator, has come to you looking for advice on a tool that would help him perform SNMP enquires over the network. Which of these tools would do the SNMP enum...
SNMP enumerationSNMPUtilSNScanSolarwinds - Question #660Cryptography
If a token and 4-digit personal identification number (PIN) are used to access a computer system and the token performs off-line checking for the correct PIN, what type of attack i...
token authenticationoffline brute forcePIN attackmulti-factor authentication - Question #661System Hacking
Bob is doing a password assessment for one of his clients. Bob suspects that security policies are not in place. He also suspects that weak passwords are probably the norm througho...
password crackingkeyloggerssniffingpassword assessment - Question #662Evading IDS, Firewalls, and Honeypots
Study the snort rule given below: From the options below, choose the exploit against which this rule applies.
snort rulesIDS signaturesMS Blasterexploit detection - Question #663Cryptography
Which of the following algorithms can be used to guarantee the integrity of messages being sent, in transit, or stored? (Choose the best answer)
hashing algorithmsdata integritymessage integrity - Question #664Sniffing
A user on your Windows 2000 network has discovered that he can use L0phtcrack to sniff the SMB exchanges which carry user logons. The user is plugged into a hub with 23 other syste...
KerberosSMB sniffingL0phtcrackauthentication protocols - Question #665System Hacking
You are attempting to crack LM Manager hashed from Windows 2000 SAM file. You will be using LM Brute force hacking tool for decryption. What encryption algorithm will you be decryp...
LM hashDESWindows SAMpassword encryption - Question #666System Hacking
In the context of password security, a simple dictionary attack involves loading a dictionary file (a text file full of dictionary words) into a cracking application such as L0phtC...
hybrid attackdictionary attackbrute forcepassword cracking - Question #667System Hacking
What is the algorithm used by LM for Windows2000 SAM?
LM hashDESWindows SAMpassword encryption - Question #668Information Security and Ethical Hacking Fundamentals
E-mail scams and mail fraud are regulated by which of the following?
cyber lawemail fraud18 U.S.C.computer crime legislation - Question #669System Hacking
Which of the following LM hashes represent a password of less than 8 characters? (Select 2)
LM hashpassword length detectionWindows authenticationhash analysis - Question #670Malware Threats
Which of the following is the primary objective of a rootkit?
rootkitmalware stealthprogram replacementsystem compromise - Question #671System Hacking
This kind of password cracking method uses word lists in combination with numbers and special characters:
hybrid attackword listsspecial characterspassword cracking - Question #672Malware Threats
_________ is a tool that can hide processes from the process list, can hide files, registry entries, and intercept keystrokes.
rootkitprocess hidingkeyloggingregistry manipulation - Question #673Malware Threats
What is the BEST alternative if you discover that a rootkit has been installed on one of your computers?
rootkit remediationincident responsesystem recoverytrusted media - Question #674Denial of Service
What do Trinoo, TFN2k, WinTrinoo, T-Sight, and Stracheldraht have in common?
DDoS toolsTrinooTFN2kbotnet frameworks - Question #675System Hacking
How can you determine if an LM hash you extracted contains a password that is less than 8 characters long?
LM hashpassword length detectionAAD3B435B51404EEhash patterns - Question #676System Hacking
When discussing passwords, what is considered a brute force attack?
brute force attackpassword crackingexhaustive searchauthentication attacks - Question #677System Hacking
Which of the following are well know password-cracking programs?(Choose all that apply.
L0phtcrackJohn the Ripperpassword cracking toolscredential auditing - Question #678System Hacking
Password cracking programs reverse the hashing process to recover passwords.(True/False.)
password crackingone-way hashingrainbow tableshash functions - Question #679System Hacking
You have retrieved the raw hash values from a Windows 2000 Domain Controller. Using social engineering, you come to know that they are enforcing strong passwords. You understand th...
hybrid attackstrong password policyattack strategypassword cracking - Question #680Sniffing
An attacker runs netcat tool to transfer a secret file between two hosts. Machine A: netcat -l -p 1234 < secretfile Machine B: netcat 192.168.3.4 > 1234 He is worried about informa...
netcatcryptcatnetwork encryptionfile transfer security - Question #682Malware Threats
ViruXine.W32 virus hides their presence by changing the underlying executable code. This Virus code mutates while keeping the original algorithm intact, the code changes itself eac...
polymorphic viruscode mutationmalware evasionvirus types - Question #683Information Security and Ethical Hacking Fundamentals
"Testing the network using the same methodologies and tools employed by attackers" Identify the correct terminology that defines the above statement.
penetration testingethical hackingsecurity assessmentmethodology - Question #684Sniffing
Nathan is testing some of his network devices. Nathan is using Macof to try and flood the ARP cache of these switches. If these switches' ARP cache is successfully flooded, what wi...
MAC floodingCAM table overflowhub modeMacof - Question #685System Hacking
You are programming a buffer overflow exploit and you want to create a NOP sled of 200 bytes in the program exploit.c What is the hexadecimal value of NOP instruction?
buffer overflowNOP sledshellcodeexploit development - Question #686Malware Threats
In Trojan terminology, what is a covert channel?
covert channelTrojaninformation transfermalware concepts - Question #687Denial of Service
When a normal TCP connection starts, a destination host receives a SYN (synchronize/start) packet from a source host and sends back a SYN/ACK (synchronize acknowledge). The destina...
SYN floodTCP three-way handshakeconnection queueDoS attack - Question #688Information Security and Ethical Hacking Fundamentals
Yancey is a network security administrator for a large electric company. This company provides power for over 100, 000 people in Las Vegas. Yancey has worked for his company for ov...
suicide hackerhacker typesinsider threatdisgruntled employee - Question #689Social Engineering
You receive an e-mail like the one shown below. When you click on the link contained in the mail, you are redirected to a website seeking you to download free Anti-Virus software....
phishingfake antivirussocial engineeringmalware distribution - Question #690Information Security and Ethical Hacking Fundamentals
Every company needs a formal written document which spells out to employees precisely what they are allowed to use the company's systems for, what is prohibited, and what will happ...
information security policyacceptable use policysecurity documentationcompliance - Question #691Hacking Web Servers
Take a look at the following attack on a Web Server using obstructed URL: How would you protect from these attacks?
URL obfuscationhex encodingweb server attackIDS rules - Question #692Sniffing
Which type of sniffing technique is generally referred as MiTM attack?
ARP poisoningMiTM attacksniffing techniquesnetwork attack - Question #693Sniffing
Switches maintain a CAM Table that maps individual MAC addresses on the network to physical ports on the switch. In MAC flooding attack, a switch is fed with many Ethernet frames,...
CAM table overflowMAC floodingswitch behaviornetwork sniffing - Question #694Social Engineering
You went to great lengths to install all the necessary technologies to prevent hacking attacks, such as expensive firewalls, antivirus software, anti-spam systems and intrusion det...
human factorsecurity awarenessweakest linksocial engineering - Question #695Denial of Service
How does a denial-of-service attack work?
denial of serviceDoS attackavailabilityattack definition - Question #696Social Engineering
You are trying to break into a highly classified top-secret mainframe computer with highest security system in place at Merclyn Barley Bank located in Los Angeles. You know that co...
social engineeringinsider threatphysical securityimpenetrable systems - Question #697Hacking Web Applications
This is an attack that takes advantage of a web site vulnerability in which the site displays content that includes un-sanitized user-provided data. What is this attack?
cross-site scriptingXSSinput sanitizationweb application vulnerability - Question #698Scanning Networks
Trinity needs to scan all hosts on a /16 network for TCP port 445 only. What is the fastest way she can accomplish this with Nmap? Stealth is not a concern.
Nmapport scanningTCP scannetwork scanning - Question #699Hacking Wireless Networks
It is a short-range wireless communication technology intended to replace the cables connecting portable of fixed devices while maintaining high levels of security. It allows mobil...
Bluetoothshort-range wirelesswireless technologywireless security - Question #700Information Security and Ethical Hacking Fundamentals
Which of the following can the administrator do to verify that a tape backup can be recovered in its entirety?
backup verificationfull restoredisaster recoverydata integrity - Question #701Session Hijacking
A company's security policy states that all Web browsers must automatically delete their HTTP browser cookies upon terminating. What sort of security breach is this policy attempti...
session cookiescookie theftsession hijackingbrowser security