Latest Certified Success Dumps Download

312-50 Latest Exam (Sep 2017)

[Free] 2017(Sep) EnsurePass Testinsides ECCouncil 312-50 Dumps with VCE and PDF 371-380

September 22, 2017

2017 Sep ECCouncil Official New Released 312-50
100% Free Download! 100% Pass Guaranteed!

Ethical Hacking and Countermeasures

Question No: 371 – (Topic 12)

Jane has just accessed her preferred e-commerce web site and she has seen an item she would like to buy. Jane considers the price a bit too steep; she looks at the page source code and decides to save the page locally to modify some of the page variables. In the context of web application security, what do you think Jane has changed?

  1. An integer variable

  2. A #39;hidden#39; price value

  3. A #39;hidden#39; form field value

  4. A page cannot be changed locally; it can only be served by a web server

Answer: C

Explanation: Changing hidden form values is possible when a web site is poorly built and is trusting the visitors computer to submit vital data, like the price of a product, to the database.

Question No: 372 – (Topic 12)

ensures that the enforcement of organizational security policy does not rely on voluntary web application user compliance. It secures information by assigning sensitivity labels on information and comparing this to the level of security a user is operating at.

  1. Mandatory Access Control

  2. Authorized Access Control

  3. Role-based Access Control

  4. Discretionary Access Control

Answer: A

Explanation: Explanation : In computer security, mandatory access control (MAC) is a kind of access control, defined by the TCSEC as quot;a means of restricting access to objects based on the sensitivity (as represented by a label) of the information contained in the objects and the formal authorization (i.e., clearance) of subjects to access information of such sensitivity.quot;

Question No: 373 – (Topic 12)

Which of the following statements best describes the term Vulnerability?

  1. A weakness or error that can lead to a compromise

  2. An agent that has the potential to take advantage of a weakness

  3. An action or event that might prejudice security

  4. The loss potential of a threat.

Answer: A

Explanation: Vulnerabilities are all weaknesses that can be exploited.

Question No: 374 – (Topic 12)

Jim is having no luck performing a penetration test in company’s network. He is running the tests from home and has downloaded every security scanner that he could lay his hands on. Despite knowing the IP range of all the systems, and the exact network configuration, Jim is unable to get any useful results.

Why is Jim having these problems?

  1. Security scanners are not designed to do testing through a firewall.

  2. Security scanners cannot perform vulnerability linkage.

  3. Security scanners are only as smart as their database and cannot find unpublished vulnerabilities.

  4. All of the above.

Answer: D

Explanation: The Security scanners available online are often to “outdated” to perform a live pentest against a victim.

Question No: 375 – (Topic 12)

Ivan is auditing a corporate website. Using Winhex, he alters a cookie as shown below.

Before Alteration: Cookie: lang=en-us; ADMIN=no; y=1 ; time=10:30GMT ;

After Alteration: Cookie: lang=en-us; ADMIN=yes; y=1 ; time=12:30GMT ; What attack is being depicted here?

  1. Cookie Stealing

  2. Session Hijacking

  3. Cross Site Scripting

  4. Parameter Manipulation

Answer: D

Explanation: Cookies are the preferred method to maintain state in the stateless HTTP protocol. They are however also used as a convenient mechanism to store user preferences and other data including session tokens. Both persistent and non-persistent cookies, secure or insecure can be modified by the client and sent to the server with URL requests. Therefore any malicious user can modify cookie content to his advantage. There is a popular misconception that non-persistent cookies cannot be modified but this is not true; tools like Winhex are freely available. SSL also only protects the cookie in transit.

Topic 13, Web Based Password Cracking Techniques

Question No: 376 – (Topic 13)

You have chosen a 22 character word from the dictionary as your password. How long will it take to crack the password by an attacker?

  1. 5 minutes

  2. 23 days

  3. 200 years

  4. 16 million years

Answer: A

Explanation: A dictionary password cracker simply takes a list of dictionary words, and one at a time encrypts them to see if they encrypt to the one way hash from the system. If the hashes are equal, the password is considered cracked, and the word tried from the dictionary list is the password. As long as you use a word found in or similar to a word

found in a dictionary the password is considered to be weak.

Question No: 377 – (Topic 13)

Which of the following is most effective against passwords ? Select the Answer:

  1. Dictionary Attack

  2. BruteForce attack

  3. Targeted Attack

  4. Manual password Attack

Answer: B Explanation:

The most effective means of password attack is brute force, in a brute force attack the program will attempt to use every possible combination of characters. While this takes longer then a dictionary attack, which uses a text file of real words, it is always capable of breaking the password.

Question No: 378 – (Topic 13)

Johnny is a member of the hacking group orpheus1. He is currently working on breaking into the Department of Defense’s front end exchange server. He was able to get into the server, located in a DMZ, by using an unused service account that had a very weak password that he was able to guess. Johnny wants to crack the administrator password, but does not have a lot of time to crack it. He wants to use a tool that already has the LM hashes computed for all possible permutations of the administrator password.

What tool would be best used to accomplish this?

  1. RainbowCrack

  2. SMBCrack

  3. SmurfCrack

  4. PSCrack

Answer: A

Explanation: RainbowCrack is a general propose implementation of Philippe Oechslin#39;s faster time-memory trade-off technique. In short, the RainbowCrack tool is a hash cracker. A traditional brute force cracker try all possible plaintexts one by one in cracking time. It is time consuming to break complex password in this way. The idea of time-memory trade-off is to do all cracking time computation in advance and store the result in files so called quot;rainbow tablequot;. It does take a long time to precompute the tables. But once the one time precomputation is finished, a time-memory trade-off cracker can be hundreds of times faster than a brute force cracker, with the help of precomputed tables.

Question No: 379 – (Topic 13)

Which of the following is the best way an attacker can passively learn about technologies used in an organization?

  1. By sending web bugs to key personnel

  2. By webcrawling the organization web site

  3. By searching regional newspapers and job databases for skill sets technology hires need to possess in the organization

  4. By performing a port scan on the organization#39;s web site

Answer: C

Explanation: Note: Sending web bugs, webcrawling their site and port scanning are considered quot;activequot; attacks, the question asks quot;passivequot;

Topic 14, SQL Injection

Question No: 380 – (Topic 14)

Central Frost Bank was a medium-sized, regional financial institution in New York. The bank recently deployed a new Internet-accessible Web application. Using this application, Central Frost#39;s customers could access their account balances, transfer money between accounts, pay bills and conduct online financial business through a Web browser. John Stevens was in charge of information security at Central Frost Bank. After one month in production, the Internet banking application was the subject of several customer complaints. Mysteriously, the account balances ofmany of Central Frost#39;s customers had been changed! However, moneyhadn#39;t been removed from the bank. Instead, money was transferred between

accounts. Given this attack profile, John Stevens reviewed the Web application#39;s logs and found the following entries:

Attempted login of unknown user: johnm Attempted login of unknown user: susaR Attempted login of unknown user: sencat Attempted login of unknown user: pete#39;#39;; Attempted login of unknown user: #39; or 1=1-

Attempted login of unknown user: #39;; drop table logins- Login of user jason, sessionID= 0x75627578626F6F6B Login of user daniel, sessionID= 0x98627579539E13BE Login of user rebecca, sessionID= 0x9062757944CCB811 Login of user mike, sessionID= 0x9062757935FB5C64 Transfer Funds user jason

Pay Bill user mike Logout of user mike

What type of attack did the Hacker attempt?

  1. Brute force attack in which the Hacker attempted guessing login ID and password from

    password cracking tools.

  2. The Hacker used a random generator module to pass results to the Web server and exploited Web application CGI vulnerability.

  3. The Hacker attempted SQL Injection technique to gain access to a valid bank login ID.

  4. The Hacker attempted Session hijacking, in which the Hacker opened an account with the bank, then logged in to receive a session ID, guessed the next ID and took over Jason#39;s session.

Answer: C Explanation:

The 1=1 or drop table logins are attempts at SQL injection.

100% Free Download!
Download Free Demo:312-50 Demo PDF
100% Pass Guaranteed!
Download 2017 EnsurePass 312-50 Full Exam PDF and VCE

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 EnsurePass IT Certification PDF and VCE