Eccouncil 312-50 Exam Questions Instant Access

Question 1

Which among the following is the best example of the third step (delivery) in the cyber kill chain?

AAn intruder sends a malicious attachment via email to a target.

BAn intruder creates malware to be used as a malicious attachment to an email.

CAn intruder's malware is triggered when a target opens a malicious email attachment.

DAn intruder's malware is installed on a target's machine.

Answer : A

Question 2

Sarah, a system administrator, was alerted of potential malicious activity on the network of her company. She

discovered a malicious program spread through the instant messenger application used by her team. The

attacker had obtained access to one of her teammate's messenger accounts and started sending files across

the contact list. Which best describes the attack scenario and what measure could have prevented it?

AInstant Messenger Applications; verifying the sender's identity before opening any files

BInsecure Patch Management; updating application software regularly

CRogue/Decoy Applications; ensuring software is labeled as TRUSTED

DPortable Hardware Media/Removable Devices; disabling Autorun functionality
Explanation:
The attack scenario is best described as Instant Messenger Applications, and the measure that could have prevented it is verifying the sender's identity before opening any files. Instant Messenger Applications are communication tools that allow users to exchange text, voice, video, and file messages in real time. However, they can also be used as attack vectors for spreading malware, such as viruses, worms, or Trojans, by exploiting the trust and familiarity between the users. In this scenario, the attacker compromised one of the team member's messenger account and used it to send malicious files to the other team members, who may have opened them without suspicion, thus infecting their systems.This type of attack is also known as an instant messaging worm12.
To prevent this type of attack, the users should verify the sender's identity before opening any files sent through instant messenger applications. This can be done by checking the sender's profile, asking for confirmation, or using a secure channel.Additionally, the users should also follow other security tips, such as using strong passwords, updating the application software, scanning the files with antivirus software, and reporting any suspicious activity34.

Answer : A

1: Instant Messaging Worm - Techopedia

2: Cybersecurity's Silent Foe: A Comprehensive Guide to Computer Worms | Silent Quadrant

3: Instant Messenger Hacks: 10 Security Tips to Protect Yourself - MUO

4: Increased phishing attacks on instant messaging platforms: how to prevent them | Think Digital Partners

Question 3

Which among the following is the best example of the hacking concept called "clearing tracks"?

AAfter a system is breached, a hacker creates a backdoor to allow re-entry into a system.

BDuring a cyberattack, a hacker injects a rootkit into a server.

CAn attacker gains access to a server through an exploitable vulnerability.

DDuring a cyberattack, a hacker corrupts the event logs on all machines.

Answer : D

Question 4

Jane is working as a security professional at CyberSol Inc. She was tasked with ensuring the authentication and integrity of messages being transmitted in the corporate network. To encrypt the messages, she implemented a security model in which every user in the network maintains a ring of public keys. In this model, a user needs to encrypt a message using the receiver's public key, and only the receiver can decrypt the message using their private key. What is the security model implemented by Jane to secure corporate messages?

AZero trust network

BTransport Layer Security (TLS)

CSecure Socket Layer (SSL)

DWeb of trust (WOT)

Answer : D

Question 5

Which Nmap switch helps evade IDS or firewalls?

A-n/-R

B-0N/-0X/-0G

C-T

D-D

Answer : C

Question 6

E-mail scams and mail fraud are regulated by which of the following?

A18 U.S.C. par. 1030 Fraud and Related activity in connection with Computers

B18 U.S.C. par. 1029 Fraud and Related activity in connection with Access Devices

C18 U.S.C. par. 1362 Communication Lines, Stations, or Systems

D18 U.S.C. par. 2510 Wire and Electronic Communications Interception and Interception of Oral Communication

Answer : A

Question 7

If a token and 4-digit personal identification number (PIN) are used to access a computer system and the token performs off-line checking for the correct PIN, what type of attack is possible?

ABirthday

BBrute force

CMan-in-the-middle

DSmurf

Answer : B

Eccouncil Certified Ethical Hacker v13 312-50 Exam Questions