EC-COUNCIL Ethical Hacker Certified - 312-50 FREE EXAM DUMPS QUESTIONS & ANSWERS

Based on the following extract from the log of a compromised machine, what is the hacker really trying to steal?
Correct Answer: B Vote an answer
To invisibly maintain access to a machine, an attacker utilizes a toolkit that sits undetected In the core components of the operating system. What is this type of rootkit an example of?
Correct Answer: C Vote an answer
Explanation: Only visible for FreeCram members. You can sign-up / login (it's free).
#!/usr/bin/python import socket buffer=[""A""] counter=50 while len(buffer)<=100: buffer.append (""A""*counter) counter=counter+50 commands= [""HELP"",""STATS ."",""RTIME ."",""LTIME. "",""SRUN ."',""TRUN ."",""GMON
."",""GDOG ."",""KSTET .",""GTER ."",""HTER ."", ""LTER .",""KSTAN .""] for command in commands: for buffstring in buffer: print ""Exploiting"" +command +"":""+str(len(buffstring)) s=socket.socket(socket.AF_INET, socket.SOCK_STREAM) s.connect(('127.0.0.1', 9999)) s.recv(50) s.send(command+buffstring) s.close() What is the code written for?
Correct Answer: B Vote an answer
Shiela is an information security analyst working at HiTech Security Solutions. She is performing service version discovery using Nmap to obtain information about the running services and their versions on a target system.
Which of the following Nmap options must she use to perform service version discovery on the target host?
Correct Answer: D Vote an answer
The network in ABC company is using the network address 192.168.1.64 with mask 255.255.255.192. In the network the servers are in the addresses 192.168.1.122, 192.168.1.123 and 192.168.1.124. An attacker is trying to find those servers but he cannot see them in his scanning. The command he is using is: nmap 192.168.1.64/28.
Why he cannot see the servers?
Correct Answer: A Vote an answer
Explanation: Only visible for FreeCram members. You can sign-up / login (it's free).
In an intricate web application architecture using an Oracle database, you, as a security analyst, have identified a potential SQL Injection attack surface. The database consists of 'x' tables, each with y columns. Each table contains z1 records. An attacker, well-versed in SQLi techniques, crafts 'u' SQL payloads, each attempting to extract maximum data from the database. The payloads include UNION SELECT' statements and 'DBMS_XSLPPOCESSOR.READ2CLOB' to read sensitive files. The attacker aims to maximize the total data extracted E=xyz'u'. Assuming 'x=4\ y=2\ and varying z' and 'u\ which situation is likely to result in the highest extracted data volume?
Correct Answer: D Vote an answer
Explanation: Only visible for FreeCram members. You can sign-up / login (it's free).
Jack, a professional hacker, targets an organization and performs vulnerability scanning on the target web server to identify any possible weaknesses, vulnerabilities, and misconfigurations. In this process, Jack uses an automated tool that eases his work and performs vulnerability scanning to find hosts, services, and other vulnerabilities in the target server. Which of the following tools is used by Jack to perform vulnerability scanning?
Correct Answer: B Vote an answer
Which of the following provides a security professional with most information about the system's security posture?
Correct Answer: C Vote an answer
0
0
0
10