EC-Council 312-50v11 Certified Ethical Hacker Exam – C|EH v11 Online Training

EC-Council 312-50v11 Online Training

The questions for 312-50v11 were last updated at Dec 26,2024.

Exam Code: 312-50v11
Exam Name: Certified Ethical Hacker Exam - C|EH v11
Certification Provider: EC-Council
Latest update: Dec 26,2024

Question #31

What does the following command in netcat do?

nc -l -u -p55555 < /etc/passwd

A . logs the incoming connections to /etc/passwd file
B . loads the /etc/passwd file to the UDP port 55555
C . grabs the /etc/passwd file when connected to UDP port 55555
D . deletes the /etc/passwd file when connected to the UDP port 55555

Question #32

This form of encryption algorithm is asymmetric key block cipher that is characterized by a 128-bit block size, and its key size can be up to 256 bits .

Which among the following is this encryption algorithm?

A . Twofish encryption algorithm
B . HMAC encryption algorithm
C . IDEA
D . Blowfish encryption algorithm

Reveal Solution Hide Solution

Correct Answer: A
A

Explanation:

Twofish is an encryption algorithm designed by Bruce Schneier. It’s a symmetric key block cipher with a block size of 128 bits, with keys up to 256 bits. it’s associated with AES (Advanced Encryption Standard) and an earlier block cipher called Blowfish. Twofish was actually a finalist to become the industry standard for encryption, but was ultimately beaten out by the present AES. Twofish has some distinctive features that set it aside from most other cryptographic protocols. For one, it uses pre-computed, key-dependent S-boxes. An S-box (substitution-box) may be a basic component of any symmetric key algorithm which performs substitution. within the context of Twofish’s block cipher, the S-box works to obscure the connection of the key to the ciphertext. Twofish uses a pre-computed, key-dependent S-box which suggests that the S-box is already provided, but depends on the cipher key to decrypt the knowledge.

How Secure is Twofish? Twofish is seen as a really secure option as far as encryption protocols go. one among the explanations that it wasn’t selected because the advanced encryption standard is thanks to its slower speed. Any encryption standard that uses a 128-bit or higher key, is theoretically safe from brute force attacks. Twofish is during this category. Because Twofish uses “pre-computed key-dependent S-boxes”, it are often susceptible to side channel attacks. this is often thanks to the tables being pre-computed. However, making these tables key-dependent helps mitigate that risk. There are a couple of attacks on Twofish, but consistent with its creator, Bruce Schneier, it didn’t constitute a real cryptanalysis. These attacks didn’t constitue a practical break within the cipher. Products That Use TwofishGnuPG: GnuPG may be a complete and free implementation of the OpenPGP standard as defined by RFC4880 (also referred to as PGP). GnuPG allows you to encrypt and sign your data and communications; it features a flexible key management system, along side access modules for all types of public key directories. KeePass: KeePass may be a password management tool that generates passwords with top-notch security. It’s a free, open source, lightweight and easy-to-use password manager with many extensions and plugins. Password Safe: Password Safe uses one master password to stay all of your passwords protected, almost like the functionality of most of the password managers on this list. It allows you to store all of your passwords during a single password database, or multiple databases for various purposes. Creating a database is straightforward, just create the database, set your master password. PGP (Pretty Good Privacy): PGP is employed mostly for email encryption, it encrypts the content of the e-mail. However, Pretty Good Privacy doesn’t encrypt the topic and sender of the e-mail, so make certain to never put sensitive information in these fields when using PGP. TrueCrypt: TrueCrypt may be a software program that encrypts and protects files on your devices. With TrueCrypt the encryption is transparent to the user and is completed locally at the user’s computer. this suggests you’ll store a TrueCrypt file on a server and TrueCrypt will encrypt that file before it’s sent over the network.

Question #33

Sam is a penetration tester hired by Inception Tech, a security organization. He was asked to perform port scanning on a target host in the network. While performing the given task, Sam sends FIN/ACK probes and determines that an RST packet is sent in response by the target host, indicating that the port is closed.

What is the port scanning technique used by Sam to discover open ports?

A . Xmas scan
B . IDLE/IPID header scan
C . TCP Maimon scan
D . ACK flag probe scan

Reveal Solution Hide Solution

Question #34

Mason, a professional hacker, targets an organization and spreads Emotet malware through malicious script. After infecting the victim’s device. Mason further used Emotet to spread the infection across local networks and beyond to compromise as many machines as possible. In this process, he used a tool, which is a self-extracting RAR file, to retrieve information related to network resources such as writable share drives .

What is the tool employed by Mason in the above scenario?

A . NetPass.exe
B . Outlook scraper
C . WebBrowserPassView
D . Credential enumerator

Reveal Solution Hide Solution

Question #35

An attacker utilizes a Wi-Fi Pineapple to run an access point with a legitimate-looking SSID for a nearby business in order to capture the wireless password .

What kind of attack is this?

A . MAC spoofing attack
B . Evil-twin attack
C . War driving attack
D . Phishing attack

Reveal Solution Hide Solution

Question #36

Mike, a security engineer, was recently hired by BigFox Ltd. The company recently experienced disastrous DoS attacks. The management had instructed Mike to build defensive strategies for the company’s IT infrastructure to thwart DoS/DDoS attacks. Mike deployed some countermeasures to handle jamming and scrambling attacks .

What is the countermeasure Mike applied to defend against jamming and scrambling attacks?

A . Allow the usage of functions such as gets and strcpy
B . Allow the transmission of all types of addressed packets at the ISP level
C . Implement cognitive radios in the physical layer
D . A Disable TCP SYN cookie protection

Reveal Solution Hide Solution

Question #37

Which type of malware spreads from one system to another or from one network to another and causes similar types of damage as viruses do to the infected system?

A . Rootkit
B . Trojan
C . A Worm
D . Adware

Reveal Solution Hide Solution

Question #38

Louis, a professional hacker, had used specialized tools or search engines to encrypt all his browsing activity and navigate anonymously to obtain sensitive/hidden information about official government or federal databases. After gathering the Information, he successfully performed an attack on the target government organization without being traced .

Which of the following techniques is described in the above scenario?

A . Dark web footprinting
B . VoIP footpnnting
C . VPN footprinting
D . website footprinting

Reveal Solution Hide Solution

Question #39

Fred is the network administrator for his company. Fred is testing an internal switch.

From an external IP address, Fred wants to try and trick this switch into thinking it already has established a session with his computer .

How can Fred accomplish this?

A . Fred can accomplish this by sending an IP packet with the RST/SIN bit and the source address of his computer.
B . He can send an IP packet with the SYN bit and the source address of his computer.
C . Fred can send an IP packet with the ACK bit set to zero and the source address of the switch.
D . Fred can send an IP packet to the switch with the ACK bit and the source address of his machine.

Reveal Solution Hide Solution

Question #40

in this attack, an adversary tricks a victim into reinstalling an already-in-use key. This is achieved by manipulating and replaying cryptographic handshake messages. When the victim reinstall the key, associated parameters such as the incremental transmit packet number and receive packet number are reset to their initial values .

What is this attack called?

A . Chop chop attack
B . KRACK
C . Evil twin
D . Wardriving

Reveal Solution Hide Solution

Correct Answer: B
B

Explanation:

In this attack KRACK is an acronym for Key Reinstallation Attack. KRACK may be a severe replay attack on Wi-Fi Protected Access protocol (WPA2), which secures your Wi-Fi connection. Hackers use KRACK to take advantage of a vulnerability in WPA2. When in close range of a possible victim, attackers can access and skim encrypted data using KRACK.

How KRACK Works Your Wi-Fi client uses a four-way handshake when attempting to attach to a protected network. The handshake confirms that both the client ― your smartphone, laptop, et cetera ― and therefore the access point share the right credentials, usually a password for the network. This establishes the Pairwise passkey (PMK), which allows for encoding. Overall, this handshake procedure allows for quick logins and connections and sets up a replacement encryption key with each connection. this is often what keeps data secure on Wi-Fi connections, and every one protected Wi-Fi connections use the four-way

handshake for security. This protocol is that the reason users are encouraged to use private or credential-protected Wi-Fi instead of public connections. RACK affects the third step of the handshake, allowing the attacker to control and replay the WPA2 encryption key to trick it into installing a key already in use. When the key’s reinstalled, other parameters related to it ― the incremental transmit packet number called the nonce and therefore the replay counter ― are set to their original values. Rather than move to the fourth step within the four-way handshake, nonce resets still replay transmissions of the third step. This sets up the encryption protocol for attack, and counting on how the attackers replay the third-step transmissions, they will take down Wi-Fi security.

Why KRACK may be a ThreatThink of all the devices you employ that believe Wi-Fi. it isn’t almost laptops and smartphones; numerous smart devices now structure the web of Things (IoT). due to the vulnerability in WPA2, everything connected to Wi-Fi is in danger of being hacked or hijacked. Attackers using KRACK can gain access to usernames and passwords also as data stored on devices. Hackers can read emails and consider photos of transmitted data then use that information to blackmail users or sell it on the Dark Web. Theft of stored data requires more steps, like an HTTP content injection to load malware into the system. Hackers could conceivably take hold of any device used thereon Wi-Fi connection. Because the attacks require hackers to be on the brink of the target, these internet security threats could also cause physical security threats. On the opposite hand, the necessity to be in close proximity is that the only excellent news associated with KRACK, as meaning a widespread attack would be extremely difficult. Victims are specifically targeted. However, there are concerns that a experienced attacker could develop the talents to use HTTP content injection to load malware onto websites to make a more widespread affect.

Everyone is in danger from KRACK vulnerability. Patches are available for Windows and iOS devices, but a released patch for Android devices is currently in question (November 2017). There are issues with the discharge, and lots of question if all versions and devices are covered. The real problem is with routers and IoT devices. These devices aren’t updated as regularly as computer operating systems, and for several devices, security flaws got to be addressed on the manufacturing side. New devices should address KRACK, but the devices you have already got in your home probably aren’t protected. The best protection against KRACK is to make sure any device connected to Wi-Fi is patched and updated with the newest firmware. that has checking together with your router’s manufacturer periodically to ascertain if patches are available.

The safest connection option may be a private VPN, especially when publicly spaces. If you would like a VPN for private use, avoid free options, as they need their own security problems and there’ll even be issues with HTTPs. Use a paid service offered by a trusted vendor like Kaspersky. Also, more modern networks use WPA3 for better security. Avoid using public Wi-Fi, albeit it’s password protection. That password is out there to almost anyone, which reduces the safety level considerably. All the widespread implications of KRACK and therefore the WPA2 vulnerability aren’t yet clear. what’s certain is that everybody who uses Wi-Fi is in danger and wishes to require precautions to guard their data and devices.

Previous Questions Next Questions

EC-Council 312-50v11 Certified Ethical Hacker Exam – C|EH v11 Online Training

EC-Council 312-50v11 Certified Ethical Hacker Exam – C|EH v11 Online Training

EC-Council 312-50v11 Online Training

The questions for 312-50v11 were last updated at Dec 26,2024.

Latest 312-50v11 Dumps Valid Version with 432 Q&As

Related Posts