Eccouncil 312-50 Exam Practice Test Instant Access

Question 1

Chandler works as a pen-tester in an IT-firm in New York. As a part of detecting viruses in the systems, he uses a detection method where the anti-virus executes the malicious codes on a virtual machine to simulate CPU and memory activities. Which type of virus detection method did Chandler use in this context?

AHeuristic Analysis

BCode Emulation

CScanning

DIntegrity checking

Answer : B

Question 2

Bobby, an attacker, targeted a user and decided to hijack and intercept all their wireless communications. He installed a fake communication tower between two authentic endpoints to mislead the victim. Bobby used this virtual tower to interrupt the data transmission between the user and real tower, attempting to hijack an active session, upon receiving the users request. Bobby manipulated the traffic with the virtual tower and redirected the victim to a malicious website. What is the attack performed by Bobby in the above scenario?

AWardriving

BKRACK attack

Cjamming signal attack

DaLTEr attack

Answer : D

aLTEr attacks are usually performed on LTE devices Attacker installs a virtual (fake) communication tower between two authentic endpoints intending to mislead the victim This virtual tower is used to interrupt the data transmission between the user and real tower attempting to hijack the active session.

https://alter-attack.net/media/breaking_lte_on_layer_two.pdf

The new aLTEr attack can be used against nearly all LTE connected endpoints by intercepting traffic and redirecting it to malicious websites together with a particular approach for Apple iOS devices.

This attack works by taking advantage of a style flaw among the LTE network --- the information link layer (aka: layer-2) of the LTE network is encrypted with AES-CTR however it's not integrity-protected, that is why an offender will modify the payload.

As a result, the offender is acting a classic man-in-the-middle wherever they're movement as a cell tower to the victim.

Question 3

what are common files on a web server that can be misconfigured and provide useful Information for a hacker such as verbose error messages?

Ahttpd.conf

Badministration.config

Cidq.dll

Dphp.ini

Answer : D

The php.ini file may be a special file for PHP. it's where you declare changes to your PHP settings. The server is already configured with standard settings for PHP, which your site will use by default. Unless you would like to vary one or more settings, there's no got to create or modify a php.ini file. If you'd wish to make any changes to settings, please do so through the MultiPHP INI Editor.

Question 4

To determine if a software program properly handles a wide range of invalid input, a form of automated testing can be used to randomly generate invalid input in an attempt to crash the program.

What term is commonly used when referring to this type of testing?

ARandomizing

BBounding

CMutating

DFuzzing

Answer : D

Question 5

A penetration tester is tasked with gathering information about the subdomains of a target organization's website. The tester needs a versatile and efficient solution for the task. Which of the following options would be the most effective method to accomplish this goal?

AEmploying a tool like Sublist3r, which is designed to enumerate the subdomains of websites using OSINT

BAnalyzing Linkedin profiles to find employees of the target company and their job titles

CUtilizing the Harvester tool to extract email addresses related to the target domain using a search engine like Google or Bing

DUsing a people search service, such as Spokeo or Intelius, to gather information about the employees of the target organization
Explanation:
Employing a tool like Sublist3r, which is designed to enumerate the subdomains of websites using OSINT, would be the most effective method to accomplish this goal. This option works as follows:
Sublist3r is a python tool designed to enumerate subdomains of websites using OSINT (Open Source Intelligence). It helps penetration testers and bug hunters collect and gather subdomains for the domain they are targeting. Sublist3r enumerates subdomains using many search engines such as Google, Yahoo, Bing, Baidu, and Ask. Sublist3r also enumerates subdomains using Netcraft, Virustotal, ThreatCrowd, DNSdumpster, and ReverseDNS.Subbrute was integrated with Sublist3r to increase the possibility of finding more subdomains using bruteforce with an improved wordlist1.
By using Sublist3r, the tester can quickly and efficiently discover the subdomains of the target organization's website, which can provide valuable information about the network structure, the services offered, the potential vulnerabilities, and the attack surface.Sublist3r can also be used to perform passive reconnaissance, which does not send any packets to the target domain, and thus avoids detection by the target organization12.
The other options are not as effective as option A for the following reasons:
B . Analyzing Linkedin profiles to find employees of the target company and their job titles: This option is not relevant because it does not address the subdomain enumeration task, but the social engineering task. Linkedin is a social networking platform that allows users to create and share their professional profiles, which may include their name, job title, company, skills, education, and contacts. By analyzing Linkedin profiles, the tester may be able to find employees of the target company and their job titles, which can be useful for crafting phishing emails, impersonating employees, or exploiting human weaknesses.However, this option does not help to discover the subdomains of the target organization's website, which is the goal of this scenario3.
C . Utilizing the Harvester tool to extract email addresses related to the target domain using a search engine like Google or Bing: This option is not sufficient because it does not provide a comprehensive list of subdomains, but only a partial list based on email addresses. The Harvester is a tool that can extract email addresses, subdomains, hosts, employee names, open ports, and banners from different public sources, such as search engines, PGP key servers, and SHODAN computer database. By using the Harvester, the tester may be able to extract some email addresses related to the target domain, which can reveal some subdomains, such as mail.target.com or support.target.com.However, this option does not guarantee to find all the subdomains of the target organization's website, as some subdomains may not have any email addresses associated with them, or may not be indexed by the search engines4.
D . Using a people search service, such as Spokeo or Intelius, to gather information about the employees of the target organization: This option is not applicable because it does not address the subdomain enumeration task, but the personal information gathering task. Spokeo and Intelius are people search services that can provide various information about individuals, such as their name, address, phone number, email, social media, criminal records, and financial history. By using these services, the tester may be able to gather information about the employees of the target organization, which can be useful for performing background checks, identity theft, or blackmail.However, this option does not help to discover the subdomains of the target organization's website, which is the goal of this scenario56.

Answer : A

1: GitHub - aboul3la/Sublist3r: Fast subdomains enumeration tool for penetration testers

2: Subdomain Discovery in Cybersecurity with Kali Linux | Medium

3: LinkedIn - Wikipedia

4: The Harvester - Kali Linux Tools

5: Spokeo - Wikipedia

6: Intelius - Wikipedia

Question 6

Which of the following tools are used for enumeration? (Choose three.)

ASolarWinds

BUSER2SID

CCheops