Eccouncil 312-50 Exam Practice Test Instant Access

Question 1

Wilson, a professional hacker, targets an organization for financial benefit and plans to compromise its systems by sending malicious emails. For this purpose, he uses a tool to track the emails of the target and extracts information such as sender identities, mall servers, sender IP addresses, and sender locations from different public sources. He also checks if an email address was leaked using the haveibeenpwned.com API. Which of the following tools is used by Wilson in the above scenario?

AFactiva

BNetcraft

Cinfoga

DZoominfo

Answer : C

Infoga may be a tool gathering email accounts informations (ip,hostname,country,...) from completely different public supply (search engines, pgp key servers and shodan) and check if email was leaked using haveibeenpwned.com API. is a really simple tool, however very effective for the first stages of a penetration test or just to know the visibility of your company within the net.

Question 2

Bob, a network administrator at BigUniversity, realized that some students are connecting their notebooks in the wired network to have Internet access. In the university campus, there are many Ethernet ports available for professors and authorized visitors but not for students.

He identified this when the IDS alerted for malware activities in the network. What should Bob do to avoid this problem?

ADisable unused ports in the switches

BSeparate students in a different VLAN

CUse the 802.1x protocol

DAsk students to use the wireless network

Answer : C

Question 3

A large company intends to use Blackberry for corporate mobile phones and a security analyst is assigned to evaluate the possible threats. The analyst will use the Blackjacking attack method to demonstrate how an attacker could circumvent perimeter defenses and gain access to the Prometric Online Testing -- Reports https://ibt1.prometric.com/users/custom/report_queue/rq_str... corporate network. What tool should the analyst use to perform a Blackjacking attack?

AParos Proxy

BBBProxy

CBlooover

DBBCrack

Answer : B

Question 4

PGP, SSL, and IKE are all examples of which type of cryptography?

ADigest

BSecret Key

CPublic Key

DHash Algorithm

Answer : C

Question 5

Jim, a professional hacker, targeted an organization that is operating critical Industrial Infrastructure. Jim used Nmap to scan open pons and running services on systems connected to the organization's OT network. He used an Nmap command to identify Ethernet/IP devices connected to the Internet and further gathered Information such as the vendor name, product code and name, device name, and IP address. Which of the following Nmap commands helped Jim retrieve the required information?

Anmap -Pn -sT --scan-delay 1s --max-parallelism 1 -p < Port List > < Target IP >

Bnmap -Pn -sU -p 44818 --script enip-info < Target IP >

Cnmap -Pn -sT -p 46824 < Target IP >

Dnmap -Pn -sT -p 102 --script s7-info < Target IP >

Answer : B

https://nmap.org/nsedoc/scripts/enip-info.html

Example Usage enip-info:

-nmap --script enip-info -sU -p 44818 <host>

This NSE script is used to send a EtherNet/IP packet to a remote device that has TCP 44818 open. The script will send a Request Identity Packet and once a response is received, it validates that it was a proper response to the command that was sent, and then will parse out the data. Information that is parsed includes Device Type, Vendor ID, Product name, Serial Number, Product code, Revision Number, status, state, as well as the Device IP.

This script was written based of information collected by using the the Wireshark dissector for CIP, and EtherNet/IP, The original information was collected by running a modified version of the ethernetip.py script (https://github.com/paperwork/pyenip)

Question 6

Within the context of Computer Security, which of the following statements describes Social Engineering best?

ASocial Engineering is the act of publicly disclosing information

BSocial Engineering is the means put in place by human resource to perform time accounting

CSocial Engineering is the act of getting needed information from a person rather than breaking into a system

DSocial Engineering is a training program within sociology studies

Answer : C

Question 7

In an intricate web application architecture using an Oracle database, you, as a security analyst, have identified a potential SQL Injection attack surface. The database consists of 'x' tables, each with y columns. Each table contains z1 records. An attacker, well-versed in SQLi techniques, crafts 'u' SQL payloads, each attempting to extract maximum data from the database. The payloads include UNION SELECT' statements and 'DBMS_XSLPPOCESSOR.READ2CLOB' to read sensitive files. The attacker aims to maximize the total data extracted E=xyz'u'. Assuming 'x=4\ y=2\ and varying z' and 'u\ which situation is likely to result in the highest extracted data volume?

Az=400. u=4: The attacker constructs A SQLpayloads, each focusing on tables with 400 records, influencing all columns of all tables

Bz=550, u=Z Here, the attacker formulates 2 SQL payloads and directs them towards tables containing 550 records, impacting all columns and tables

Cz=600. u=2: The attacker devises 2 SQL payloads. each aimed at tables holding 600 records, affecting all columns across all tables

DAz=500. u=3: The attacker creates 3 SQL payloads and targets tables with 500 records each, exploiting all columns and tables
Explanation:
The total data extracted by the attacker is E=xyz'u', where x is the number of tables, y is the number of columns, z is the number of records, and u is the number of SQL payloads. To maximize E, the attacker would want to choose the highest values of z and u, while keeping x and y constant. Therefore, the situation where z=600 and u=2 would result in the highest extracted data volume, as E=42600*2=9600. The other situations would result in lower values of E, as shown below:
A: E=42400*4=12800
B: E=42550*2=8800
D: E=42500*3=12000
The attacker uses UNION SELECT statements to combine the results from different tables and columns, and DBMS_XSLPPOCESSOR.READ2CLOB to read sensitive files from the database server12.These techniques can bypass input validation and pattern matching measures that are based on the application's responses3.

Answer : C

1: DBMS_XSLPROCESSOR - Oracle Help Center

2: DBMS_XSLPROCESSOR.READ2CLOB Example Script to Read a file data into ...

3: Attack Surface Analysis - OWASP Cheat Sheet Series

Eccouncil 312-50 Certified Ethical Hacker v13 Exam Practice Test