Free Access to ECCouncil.312-50v12.v2024-07-08.q287 with Valid Practice Test (Page 36)

Question 171

Shiela is an information security analyst working at HiTech Security Solutions. She is performing service version discovery using Nmap to obtain information about the running services and their versions on a target system.
Which of the following Nmap options must she use to perform service version discovery on the target host?

A.-SN
B.-SX
C.-SF
D.-sV

Question 172

During a reconnaissance mission, an ethical hacker uses Maltego, a popular footprinting tool, to collect information about a target organization. The information includes the target's Internet infrastructure details (domains, DNS names, Netblocks, IP address information). The hacker decides to use social engineering techniques to gain further information. Which of the following would be the least likely method of social engineering to yield beneficial information based on the data collected?

A.Shoulder surfing to observe sensitive credentials input on the target's computers
B.Impersonating an ISP technical support agent to trick the target into providing further network details
C.Dumpster diving in the target company's trash bins for valuable printouts
D.Eavesdropping on internal corporate conversations to understand key topics

Question 173

Session splicing is an IDS evasion technique in which an attacker delivers data in multiple, small sized packets to the target computer, making it very difficult for an IDS to detect the attack signatures. Which tool can be used to perform session splicing attacks?

A.tcpsplice
B.Burp
C.Hydra
D.Whisker

Correct Answer: D

Many IDS reassemble communication streams; hence, if a packet is not received within a reasonable period, many IDS stop reassembling and handling that stream. If the application under attack keeps a session active for a longer time than that spent by the IDS on reassembling it, the IDS will stop. As a result, any session after the IDS stops reassembling the sessions will be susceptible to malicious data theft by attackers. The IDS will not log any attack attempt after a successful splicing attack. Attackers can use tools such as Nessus for session splicing attacks.
Did you know that the EC-Council exam shows how well you know their official book? So, there is no
"Whisker" in it. In the chapter "Evading IDS" -> "Session Splicing", the recommended tool for performing a session-splicing attack is Nessus. Where Wisker came from is not entirely clear, but I will assume the author of the question found it while copying Wikipedia.
https://en.wikipedia.org/wiki/Intrusion_detection_system_evasion_techniques One basic technique is to split the attack payload into multiple small packets so that the IDS must reassemble the packet stream to detect the attack. A simple way of splitting packets is by fragmenting them, but an adversary can also simply craft packets with small payloads. The 'whisker' evasion tool calls crafting packets with small payloads 'session splicing'.
By itself, small packets will not evade any IDS that reassembles packet streams. However, small packets can be further modified in order to complicate reassembly and detection. One evasion technique is to pause between sending parts of the attack, hoping that the IDS will time out before the target computer does. A second evasion technique is to send the packets out of order, confusing simple packet re-assemblers but not the target computer.
NOTE: Yes, I found scraps of information about the tool that existed in 2012, but I can not give you unverified information. According to the official tutorials, the correct answer is Nessus, but if you know anything about Wisker, please write in the QA section. Maybe this question will be updated soon, but I'm not sure about that.

Question 174

What is one of the advantages of using both symmetric and asymmetric cryptography in SSL/TLS?

A.Symmetric encryption allows the server to securely transmit the session keys out-of-band.
B.Asymmetric cryptography is computationally expensive in comparison. However, it is well-suited to securely negotiate keys for use with symmetric cryptography.
C.Symmetric algorithms such as AES provide a failsafe when asymmetric methods fail.
D.Supporting both types of algorithms allows less-powerful devices such as mobile phones to use symmetric encryption instead.

Question 175

What term describes the amount of risk that remains after the vulnerabilities are classified and the countermeasures have been deployed?

A.Residual risk
B.Impact risk
C.Deferred risk
D.Inherent risk

Question 171

Question 172

Question 173

Question 174

Question 175

Download PDF File