312-50v13 EC-Council Exam Questions and Free Practice Test

Question 115

- (Topic 3)
What would you enter if you wanted to perform a stealth scan using Nmap?

A. nmap -sM

B. nmap -sU

C. nmap -sS

D. nmap -sT

Correct Answer:C

Question 116

- (Topic 1)
What is correct about digital signatures?

A. A digital signature cannot be moved from one signed document to another because it is the hash of the original document encrypted with the private key of the signing party.

B. Digital signatures may be used in different documents of the same type.

C. A digital signature cannot be moved from one signed document to another because it is a plain hash of the document content.

D. Digital signatures are issued once for each user and can be used everywhere until they expire.

Correct Answer:A

Question 117

- (Topic 3)
Jacob works as a system administrator in an organization. He wants to extract the source code of a mobile application and disassemble the application to analyze its design flaws. Using this technique, he wants to fix any bugs in the application, discover underlying vulnerabilities, and improve defense strategies against attacks.
What is the technique used by Jacob in the above scenario to improve the security of the mobile application?

A. Reverse engineering

B. App sandboxing

C. Jailbreaking

D. Social engineering

Correct Answer:A

Question 118

- (Topic 3)
As a part of an ethical hacking exercise, an attacker is probing a target network that is
suspected to employ various honeypot systems for security. The attacker needs to detect and bypass these honeypots without alerting the target. The attacker decides to utilize a suite of techniques. Which of the following techniques would NOT assist in detecting a honeypot?

A. Probing system services and observing the three-way handshake

B. Using honeypot detection tools like Send-Safe Honeypot Hunter

C. Implementing a brute force attack to verify system vulnerability

D. Analyzing the MAC address to detect instances running on VMware

Correct Answer:C
A brute force attack is a method of trying different combinations of passwords or keys to gain access to a system or service. It is not a reliable way of detecting a honeypot, as it may trigger an alert or response from the target. Moreover, a brute force attack does not provide any information about the system??s characteristics or behavior that could indicate a honeypot. A honeypot is a decoy system that is designed to attract and trap attackers, while providing security teams with valuable intelligence and insights. Therefore, an ethical hacker needs to use more subtle and stealthy techniques to detect and avoid honeypots.
The other options are valid techniques for detecting a honeypot. Probing system services and observing the three-way handshake can reveal anomalies or inconsistencies in the system??s responses, such as abnormal banners, ports, or protocols. Using honeypot detection tools like Send-Safe Honeypot Hunter can scan the target network and identify potential honeypots based on various criteria, such as IP address, domain name, or open ports. Analyzing the MAC address can detect instances running on VMware, which is a common platform for deploying honeypots. A honeypot running on VMware will have a MAC address that starts with 00:0C:29, 00:50:56, or 00:05:69. References:
✑ What is a Honeypot? Types, Benefits, Risks and Best Practices
✑ Using Honeypots for Network Intrusion Detection
✑ Detecting Honeypot Access With Varonis

Question 119

- (Topic 2)
Which of the following steps for risk assessment methodology refers to vulnerability identification?

A. Determines if any flaws exist in systems, policies, or procedures

B. Assigns values to risk probabilities; Impact values.

C. Determines risk probability that vulnerability will be exploited (Hig

D. Medium, Low)

E. Identifies sources of harm to an IT syste

F. (Natural, Huma

G. Environmental)

Correct Answer:C

Question 120

- (Topic 3)
#!/usr/bin/python import socket buffer=[????A????] counter=50 while len(buffer)<=100: buffer.append (????A????*counter)
counter=counter+50 commands= [????HELP????,????STATS .????,????RTIME .????,????LTIME. ????,????SRUN
.????,????TRUN .????,????GMON
.????,????GDOG .????,????KSTET .??,????GTER .????,????HTER .????, ????LTER .??,????KSTAN .????] for command in
commands: for
buffstring in buffer: print ????Exploiting???? +command +????:????+str(len(buffstring)) s=socket.socket(socket.AF_INET,
socket.SOCK_STREAM) s.connect((??127.0.0.1??, 9999)) s.recv(50) s.send(command+buffstring) s.close()
What is the code written for?

A. Denial-of-service (DOS)

B. Buffer Overflow

C. Bruteforce

D. Encryption

Correct Answer:B

START 312-50v13 EXAM