Latest Certified Success Dumps Download

CISCO, MICROSOFT, COMPTIA, HP, IBM, ORACLE, VMWARE
312-50 Latest Exam (Sep 2017)

[Free] 2017(Sep) EnsurePass Testinsides ECCouncil 312-50 Dumps with VCE and PDF 191-200

September 22, 2017

EnsurePass
2017 Sep ECCouncil Official New Released 312-50
100% Free Download! 100% Pass Guaranteed!
http://www.EnsurePass.com/312-50.html

Ethical Hacking and Countermeasures

Question No: 191 – (Topic 5)

Which of the following algorithms can be used to guarantee the integrity of messages being sent, in transit, or stored? (Choose the best answer)

  1. symmetric algorithms

  2. asymmetric algorithms

  3. hashing algorithms

  4. integrity algorithms

Answer: C

Explanation: In cryptography, a cryptographic hash function is a hash function with certain additional security properties to make it suitable for use as a primitive in various information security applications, such as authentication and message integrity. A hash function takes a long string (or #39;message#39;) of any length as input and produces a fixed length string as output, sometimes termed a message digest or a digital fingerprint.

Question No: 192 – (Topic 5)

What is the algorithm used by LM for Windows2000 SAM ?

  1. MD4

  2. DES

  3. SHA

  4. SSL

Answer: B

Explanation: Explanation: Okay, this is a tricky question. We say B, DES, but it could be

A “MD4” depending on what their asking – Windows 2000/XP keeps users passwords not quot;apparentlyquot;, but as hashes, i.e. actually as quot;check sumquot; of the passwords. Let#39;s go into the passwords keeping at large. The most interesting structure of the complex SAM-file building is so called V-block. It#39;s size is 32 bytes and it includes hashes of the password for the local entering: NT Hash of 16-byte length, and hash used during the authentication of access to the common resources of other computers LanMan Hash, or simply LM Hash, of the same 16-byte length. Algorithms of the formation of these hashes are following:

NT Hash formation:

->User password is being generated to the Unicode-line.

->Hash is being generated based on this line using MD4 algorithm.

->Gained hash in being encoded by the DES algorithm, RID (i.e. user identifier) had been used as a key. It was necessary for gaining variant hashes for users who have equal passwords. You remember that all users have different RIDs (RID of the Administrator#39;s built in account is 500, RID of the Guest#39;s built in account is 501, all other users get RIDs equal 1000, 1001,1002, etc.).

LM Hash formation:

->User password is being shifted to capitals and added by nulls up to 14-byte length.

->Gained line is divided on halves 7 bytes each, and each of them is being encoded separately using DES, output is 8-byte hash and total 16-byte hash.

->Then LM Hash is being additionally encoded the same way as it had been done in the NT Hash formation algorithm step 3.

Question No: 193 – (Topic 5)

What file system vulnerability does the following command take advantage of? type c:\anyfile.exe gt; c:\winnt\system32\calc.exe:anyfile.exe

  1. HFS

  2. ADS

  3. NTFS

  4. Backdoor access

Answer: B

Explanation: ADS (or Alternate Data Streams) is a “feature” in the NTFS file system that makes it possible to hide information in alternate data streams in existing files. The file can have multiple data streams and the data streams are accessed by filename:stream.

Question No: 194 – (Topic 5)

What is GINA?

  1. Gateway Interface Network Application

  2. GUI Installed Network Application CLASS

  3. Global Internet National Authority (G-USA)

  4. Graphical Identification and Authentication DLL

Answer: D

Explanation: In computing, GINA refers to the graphical identification and authentication library, a component of some Microsoft Windows operating systems that provides secure authentication and interactive logon services.

Question No: 195 – (Topic 5)

Which of the following LM hashes represent a password of less than 8 characters? (Select 2)

A. BA810DBA98995F1817306D272A9441BB

B. 44EFCE164AB921CQAAD3B435B51404EE C. 0182BD0BD4444BF836077A718CCDF409 D. CEC52EB9C8E3455DC2265B23734E0DAC E. B757BF5C0D87772FAAD3B435B51404EE F. E52CAC67419A9A224A3B108F3FA6CB6D

Answer: B,E Explanation:

Notice the last 8 characters are the same

Question No: 196 – (Topic 5)

Which of the following steganography utilities exploits the nature of white space and allows the user to conceal information in these white spaces?

  1. Snow

  2. Gif-It-Up

  3. NiceText

  4. Image Hide

Answer: A

Explanation: The program snow is used to conceal messages in ASCII text by appending whitespace to the end of lines. Because spaces and tabs are generally not visible in text viewers, the message is effectively hidden from casual observers. And if the built-in encryption is used, the message cannot be read even if it is detected.

Question No: 197 – (Topic 5)

Which of the following is the primary objective of a rootkit?

  1. It opens a port to provide an unauthorized service

  2. It creates a buffer overflow

  3. It replaces legitimate programs

  4. It provides an undocumented opening in a program

Answer: C

Explanation: Actually the objective of the rootkit is more to hide the fact that a system has been compromised and the normal way to do this is by exchanging, for example, ls to a version that doesn’t show the files and process implanted by the attacker.

Question No: 198 – (Topic 5)

LAN Manager passwords are concatenated to 14 bytes and split in half. The two halves are hashed individually. If the password is 7 characters or less, than the second half of the hash is always:

  1. 0xAAD3B435B51404EE

  2. 0xAAD3B435B51404AA

  3. 0xAAD3B435B51404BB

  4. 0xAAD3B435B51404CC

Answer: A

Explanation: A problem with LM stems from the total lack of salting or cipher block chaining in the hashing process. To hash a password the first 7 bytes of it are transformed into an 8 byte odd parity DES key. This key is used to encrypt the 8 byte string quot;KGS!@quot;. Same thing happens with the second part of the password. This lack of salting creates two interesting consequences. Obviously this means the password is always stored in the same way, and just begs for a typical lookup table attack. The other consequence is that it is easy to tell if a password is bigger than 7 bytes in size. If not, the last 7 bytes will all be null and will result in a constant DES hash of 0xAAD3B435B51404EE.

Question No: 199 – (Topic 5)

is found in all versions of NTFS and is described as the ability to fork file data into existing files without affecting their functionality, size, or display to traditional file browsing utilities like dir or Windows Explorer

  1. Steganography

  2. Merge Streams

  3. NetBIOS vulnerability

  4. Alternate Data Streams

Answer: D

Explanation: ADS (or Alternate Data Streams) is a “feature” in the NTFS file system that makes it possible to hide information in alternate data streams in existing files. The file can have multiple data streams and the data streams are accessed by filename:stream.

Question No: 200 – (Topic 5)

John Beetlesman, the hacker has successfully compromised the Linux System of Agent Telecommunications, Inc’s WebServer running Apache. He has downloaded sensitive documents and database files off the machine.

Upon performing various tasks, Beetlesman finally runs the following command on the Linux box before disconnecting.

for ((i=0;ilt;1;i ));do

?dd if=/dev/random of=/dev/hda amp;amp; dd if=/dev/zero of=/dev/hda done

What exactly is John trying to do?

  1. He is making a bit stream copy of the entire hard disk for later download

  2. He is deleting log files to remove his trace

  3. He is wiping the contents of the hard disk with zeros

  4. He is infecting the hard disk with random virus strings

Answer: C

Explanation: dd copies an input file to an output file with optional conversions. -if is input file, -of is output file. /dev/zero is a special file that provides as many null characters (ASCII NULL, 0x00; not ASCII character quot;digit zeroquot;, quot;0quot;, 0x30) as are read from it. /dev/hda is the hard drive.

100% Free Download!
Download Free Demo:312-50 Demo PDF
100% Pass Guaranteed!
Download 2017 EnsurePass 312-50 Full Exam PDF and VCE

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 EnsurePass IT Certification PDF and VCE