Free Access to ECCouncil.312-50v12.v2025-07-31.q254 with Valid Practice Test (Page 9)

Question 36

A newly joined employee. Janet, has been allocated an existing system used by a previous employee. Before issuing the system to Janet, it was assessed by Martin, the administrator. Martin found that there were possibilities of compromise through user directories, registries, and other system parameters. He also Identified vulnerabilities such as native configuration tables, incorrect registry or file permissions, and software configuration errors. What is the type of vulnerability assessment performed by Martin?

A.Credentialed assessment
B.Database assessment
C.Host-based assessment
D.Distributed assessment

Correct Answer: C

The host-based vulnerability assessment (VA) resolution arose from the auditors' got to periodically review systems. Arising before the net becoming common, these tools typically take an "administrator's eye" read of the setting by evaluating all of the knowledge that an administrator has at his or her disposal.
Uses
Host VA tools verify system configuration, user directories, file systems, registry settings, and all forms of other info on a number to gain information about it. Then, it evaluates the chance of compromise. it should also live compliance to a predefined company policy so as to satisfy an annual audit. With administrator access, the scans area unit less possible to disrupt traditional operations since the computer code has the access it has to see into the complete configuration of the system.
What it Measures Host
VA tools will examine the native configuration tables and registries to spot not solely apparent vulnerabilities, however additionally "dormant" vulnerabilities - those weak or misconfigured systems and settings which will be exploited when an initial entry into the setting. Host VA solutions will assess the safety settings of a user account table; the access management lists related to sensitive files or data; and specific levels of trust applied to other systems. The host VA resolution will a lot of accurately verify the extent of the danger by determinant however way any specific exploit could also be ready to get.
Types of Vulnerability Assessment Host-based assessments are a type of security check that involve conducting a configuration-level check to identify system configurations, user directories, file systems, registry settings, and other parameters to evaluate the possibility of compromise.
Host-based scanners assess systems to identify vulnerabilities such as native configuration tables, incorrect registry or file permissions, and software configuration errors. (P.528/512)

Question 37

is a set of extensions to DNS that provide the origin authentication of DNS data to DNS clients (resolvers) so as to reduce the threat of DNS poisoning, spoofing, and similar types of attacks.

A.DNSSEC
B.Resource records
C.Resource transfer
D.Zone transfer

Question 38

Being a Certified Ethical Hacker (CEH), a company has brought you on board to evaluate the safety measures in place for their network system. The company uses a network time protocol server in the demilitarized zone.
During your enumeration, you decide to run a ntptrace command. Given the syntax: ntptrace [-n] [-m maxhosts] [servername/IP_address], which command usage would best serve your objective to find where the NTP server obtains the time from and to trace the list of NTP servers connected to the network?

A.ntptrace -m 5 192.168.1.1
B.tptrace 192.1681.
C.ntptrace -n localhost
D.ntptrace -n -m 5 192.168.1.1

Correct Answer: D

The command usage that would best serve your objective to find where the NTP server obtains the time from and to trace the list of NTP servers connected to the network is ntptrace -n -m 5 192.168.1.1. This command usage works as follows:
* ntptrace is a tool that determines where a given NTP server gets its time from, and follows the chain of NTP servers back to their master time source. For example, a stratum 0 server, which is a device that directly obtains the time from a physical source, such as an atomic clock or a GPS receiver1.
* -n is a flag that outputs host IP addresses instead of host names. This can be useful if the host names are not resolvable or if the IP addresses are more informative1.
* -m 5 is a flag that specifies the maximum number of hosts to be traced. This can be useful to limit the output and avoid tracing irrelevant or unreachable hosts1.
* 192.168.1.1 is the IP address of the NTP server in the demilitarized zone, which is the starting point of the trace. This can be useful to find out the source and the path of the time synchronization for the network system1.
By using this command usage, the output will show the IP addresses, the stratum, the offset, the sync distance, and the reference ID of each NTP server in the chain, up to five hosts. This can provide valuable information about the accuracy, the reliability, and the security of the time service for the network system1.
The other options are not as suitable as option D for the following reasons:
* A. ntptrace -m 5 192.168.1.1: This option is similar to option D, but it does not use the -n flag, which means that it will output host names instead of IP addresses. This can be less useful if the host names are not resolvable or if the IP addresses are more informative1.
* B. tptrace 192.1681.: This option is incorrect because it uses a wrong tool name and a wrong IP address.
tptrace is not a valid tool name, and 192.1681. is not a valid IP address. The correct tool name is ntptrace, and the correct IP address is 192.168.1.11.
* C. ntptrace -n localhost: This option is not effective because it uses localhost as the starting point of the trace, which means that it will only show the local host's time source. This can be useful to check the local host's time configuration, but it does not help to find out the time source and the trace of the NTP server in the demilitarized zone, which is the objective of this scenario1.
References:
* 1: ntptrace - trace a chain of NTP servers back to the primary source

Question 39

This type of injection attack does not show any error message. It is difficult to exploit as it returns information when the application is given SQL payloads that elicit a true or false response from the server. By observing the response, an attacker can extract sensitive information. What type of attack is this?

A.Error-based SQL injection
B.Blind SQL injection
C.Time-based SQL injection
D.Union SQL injection

Question 40

While performing an Nmap scan against a host, Paola determines the existence of a firewall. In an attempt to determine whether the firewall is stateful or stateless, which of the following options would be best to use?

A.-sA
B.-sX
C.-sT
D.-sF

Question 36

Question 37

Question 38

Question 39

Question 40

Download PDF File