Latest Certified Success Dumps Download

CISCO, MICROSOFT, COMPTIA, HP, IBM, ORACLE, VMWARE
312-50 Latest Exam (Sep 2017)

[Free] 2017(Sep) EnsurePass Testinsides ECCouncil 312-50 Dumps with VCE and PDF 261-270

September 22, 2017

EnsurePass
2017 Sep ECCouncil Official New Released 312-50
100% Free Download! 100% Pass Guaranteed!
http://www.EnsurePass.com/312-50.html

Ethical Hacking and Countermeasures

Question No: 261 – (Topic 7)

You are sniffing as unprotected WiFi network located in a JonDonalds Cybercafe with Ethereal to capture hotmail e-mail traffic. You see lots of people using their laptops browsing the web while snipping brewed coffee from JonDonalds. You want to sniff their email message traversing the unprotected WiFi network.

Which of the following ethereal filters will you configure to display only the packets with the hotmail messages?

  1. (http contains “hotmail”) amp;amp; ( http contains “Reply-To”)

  2. (http contains “e-mail” ) amp;amp; (http contains “hotmail”)

  3. (http = “login.passport.com” ) amp;amp; (http contains “SMTP”)

  4. (http = “login.passport.com” ) amp;amp; (http contains “POP3”)

Answer: A

Explanation: Each Hotmail message contains the tag Reply-To:lt;sender addressgt; and “xxxx-xxx-xxx.xxxx.hotmail.com” in the received tag.

Question No: 262 – (Topic 7)

Bob is conducting a password assessment for one of his clients. Bob suspects that password policies are not in place and weak passwords are probably the norm throughout the company he is evaluating. Bob is familiar with password weakness and key loggers. What are the means that Bob can use to get password from his client hosts and servers?

  1. Hardware, Software and Sniffing

  2. Hardware and Software Keyloggers

  3. Software only, they are the most effective

  4. Passwords are always best obtained using Hardware key loggers

Answer: A

Explanation: All loggers will work as long as he has physical access to the computers.

Question No: 263 – (Topic 7)

The follows is an email header. What address is that of the true originator of the message?

Return-Path: lt;bgates@microsoft.comgt;

Received: from smtp.com (fw.emumail.com [215.52.220.122].

by raq-221-181.ev1.net (8.10.2/8.10.2. with ESMTP id h78NIn404807 for lt;mikeg@thesolutionfirm.comgt;; Sat, 9 Aug 2003 18:18:50 -0500

Received: (qmail 12685 invoked from network.; 8 Aug 2003 23:25:25 -0000

Received: from ([19.25.19.10]. by smtp.com with SMTP

Received: from unknown (HELO CHRISLAPTOP. (168.150.84.123. by localhost with SMTP; 8 Aug 2003 23:25:01 -0000

From: quot;Bill Gatesquot; lt;bgates@microsoft.comgt; To: quot;mikegquot; lt;mikeg@thesolutionfirm.comgt;

Subject: We need your help!

Date: Fri, 8 Aug 2003 19:12:28 -0400

Message-ID: lt;51.32.123.21@CHRISLAPTOPgt;

MIME-Version: 1.0

Content-Type: multipart/mixed;

boundary=quot;–=_NextPart_000_0052_01C35DE1.03202950quot; X-Priority: 3 (Normal.

X-MSMail-Priority: Normal

X-Mailer: Microsoft Outlook, Build 10.0.2627

X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Importance: Normal

A. 19.25.19.10

B. 51.32.123.21

C. 168.150.84.123

D. 215.52.220.122

E. 8.10.2/8.10.2

Answer: C

Explanation: Spoofing can be easily achieved by manipulating the quot;fromquot; name field, however, it is much more difficult to hide the true source address. The quot;received fromquot; IP address 168.150.84.123 is the true source of the

Question No: 264 – (Topic 7)

How would you describe a simple yet very effective mechanism for sending and receiving unauthorized information or data between machines without alerting any firewalls and IDS#39;s on a network?

  1. Covert Channel

  2. Crafted Channel

  3. Bounce Channel

  4. Deceptive Channel

Answer: A

Explanation: A covert channel is described as: quot;any communication channel that can be exploited by a process to transfer information in a manner that violates the systems security policy.quot; Essentially, it is a method of communication that is not part of an actual computer system design, but can be used to transfer information to users or system processes that normally would not be allowed access to the information.

Question No: 265 – (Topic 7)

A remote user tries to login to a secure network using Telnet, but accidently types in an invalid user name or password. Which responses would NOT be preferred by an experienced Security Manager? (multiple answer)

  1. Invalid Username

  2. Invalid Password

  3. Authentication Failure

  4. Login Attempt Failed

  5. Access Denied

Answer: A,B Explanation:

As little information as possible should be given about a failed login attempt. Invalid username or password is not desirable.

Question No: 266 – (Topic 7)

When Jason moves a file via NFS over the company#39;s network, you want to grab a copy of it by sniffing. Which of the following tool accomplishes this?

  1. macof

  2. webspy

  3. filesnarf

  4. nfscopy

Answer: C

Explanation: Filesnarf – sniff files from NFS traffic OPTIONS

-i interface

Specify the interface to listen on.

-v quot;Versusquot; mode. Invert the sense of matching, to select non-matching files.

pattern

Specify regular expression for filename matching.

expression

Specify a tcpdump(8) filter expression to select traffic to sniff.

SEE ALSO

Dsniff, nfsd

Question No: 267 – (Topic 7)

How do you defend against ARP spoofing?

  1. Place static ARP entries on servers, workstation and routers

  2. True IDS Sensors to look for large amount of ARP traffic on local subnets

  3. Use private VLANS

  4. Use ARPWALL system and block ARP spoofing attacks

Answer: A,B,C

Explanation: ARPWALL is a opensource tools will give early warning when arp attack occurs. This tool is still under construction.

Question No: 268 – (Topic 7)

Which of the following is not considered to be a part of active sniffing?

  1. MAC Flooding

  2. ARP Spoofing

  3. SMAC Fueling

  4. MAC Duplicating

Answer: C

Question No: 269 – (Topic 7)

What does the following command in quot;Ettercapquot; do? ettercap -NCLzs -quiet

  1. This command will provide you the entire list of hosts in the LAN

  2. This command will check if someone is poisoning you and will report its IP

  3. This command will detach ettercap from console and log all the sniffed passwords to a file

  4. This command broadcasts ping to scan the LAN instead of ARP request all the subset IPs

Answer: C

Explanation: -L specifies that logging will be done to a binary file and -s tells us it is running in script mode.

Question No: 270 – (Topic 7)

Bob wants to prevent attackers from sniffing his passwords on the wired network. Which of the following lists the best options?

  1. RSA, LSA, POP

  2. SSID, WEP, Kerberos

  3. SMB, SMTP, Smart card

  4. Kerberos, Smart card, Stanford SRP

Answer: D

Explanation: Kerberos, Smart cards and Stanford SRP are techniques where the password never leaves the computer.

100% Free Download!
Download Free Demo:312-50 Demo PDF
100% Pass Guaranteed!
Download 2017 EnsurePass 312-50 Full Exam PDF and VCE

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 EnsurePass IT Certification PDF and VCE