Ensurepass

QUESTION 521

Which one of the following is defined as the process of distributing incorrect Internet Protocol (IP) addresses/names with the intent of diverting traffic?

 

A.     Network aliasing

B.     Domain Name Server (DNS) poisoning

C.     Reverse Address Resolution Protocol (ARP)

D.     Port scanning

 

Correct Answer: B

 

QUESTION 522

A XYZ security System Administrator is reviewing the network system log files.

 

He notes the following:

 

Ÿ   Network log files are at 5 MB at 12:00 noon.

Ÿ   At 14:00 hours, the log files at 3 MB.

 < /font>

What should he assume has happened and what should he do about the situation?

 

A.     He should contact the attacker’s ISP as soon as possible and have the connection disconnected.

B.     He should log the event as suspicious activity, continue to investigate, and take further steps according to site security policy.

C.     He should log the file size, and archive the information, because the router crashed.

D.     He should run a file system check, because the Syslog server has a self-correcting file system problem.

E.      He should disconnect from the Internet discontinue any further unauthorized use, because an attack has taken place.

 

Correct Answer: B

 

 

QUESTION 523

To what does “message repudiation” refer to what concept in the realm of email security?

 

A.     Message repudiation means a user can validate which mail server or servers a message was passed through.

B.     Message repudiation means a user can claim damages for a mail message that damaged their reputation.

C.     Message repudiation means a recipient can be sure that a message was sent from a particular person.

D.     Message repudiation means a recipient can be sure that a message was sent from a certain host.

E.      Message repudiation means a sender can claim they did not actually send a particular message.

 

Correct Answer: E

 

 

QUESTION 524

Your XYZ trainee Sandra asks you which are the four existing Regional Internet Registry (RIR’s)?

 

A.     APNIC, PICNIC, ARIN, LACNIC.

B.     RIPE NCC, LACNIC, ARIN, APNIC.

C.     RIPE NCC, NANIC, ARIN, APNIC.

D.     RIPE NCC, ARIN, APNIC, LATNIC.

 

Correct Answer: B

 

 

QUESTION 525

A very useful resource for passively gathering information about a target company is:

 

A.     Host scanning

B.     Whois search

C.     Traceroute

D.     Ping sweep

 

Correct Answer: B

 

 

QUESTION 526

You receive an email with the following message:

 

Hello Steve,

 

We are having technical difficulty in restoring user database record after the recent blackout. Your account data is corrupted. Please logon to the SuperEmailServices.com and change your password.

 

http://www.supermailservices.com@0xde.0xad.0xbe.0xef/support/logon.htm

 

If you do not reset your password within 7 days, your account will be permanently disabled locking you out from our e-mail services.

 

Sincerely,

 

Technical Support

SuperEmailServices

 

From this e-mail you suspect that this message was sent by some hacker since you have been using their e-mail services for the last 2 years and they have never sent out an e-mail such as this. You also observe the URL in the message and confirm your suspicion about 0xde.0xad.0xbde.0xef which looks like hexadecimal numbers. You immediately enter the following at Windows 2000 command prompt:

 

Ping 0xde.0xad.0xbe.0xef

You get a response with a valid IP address. What is the obstructed IP address in the e-mail URL?

 

A.     222.173.190.239

B.     233.34.45.64

C.     54.23.56.55

D.     199.223.23.45

&nbsp
;

Correct Answer: A

 

 

QUESTION 527

Which of the following tools are used for footprinting? (Choose four)

 

A.     Sam Spade

B.     NSLookup

C.     Traceroute

D.     Neotrace

E.      Cheops

 

Correct Answer: ABCD

 

 

QUESTION 528

According to the CEH methodology, what is the next step to be performed after footprinting?

 

A.     Enumeration

B.     Scanning

C.     System Hacking

D.     Social Engineering

E.      Expanding Influence

 

Correct Answer: B

 

 

QUESTION 529

NSLookup is a good tool to use to gain additional information about a target network. What does the following command accomplish?

 

nslookup

> server <ipaddress>

> set type =any

> ls -d <target.com>

 

A.     Enables DNS spoofing

B.     Loads bogus entries into the DNS table

C.     Verifies zone security

D.     Performs a zone transfer

E.      Resets the DNS cache

 

Correct Answer: D

 

 

QUESTION 530

While footprinting a network, what port/service should you look for to attempt a zone transfer?

 

A.     53 UDP

B.     53 TCP

C.     25 UDP

D.     25 TCP

E.      161 UDP

F.      22 TCP

G.     60 TCP

 

Correct Answer: B

 

Free VCE & PDF File for ECCouncil 312-50 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

Comments are closed.