Decide Fast & Get 50% Flat Discount | Limited Time Offer - Ends In 0d 00h 00m 00s Coupon code: SAVE50

Master Eccouncil 312-38 Exam with Reliable Practice Questions

Page: 1 out of Viewing questions 1-5 out of 346 questions
Last exam update: Nov 15,2024
Upgrade to Premium
Question 1

Xenon is a leading real estate firm located in Australi

a. Recently, the company had decided a bid

amount for a prestigious construction project and was sure of being awarded the project. Unfortunately,

the company lost the tender to one of its competitors. A few days later, while performing a network

scan, the network admin identified that somebody had captured the confidential e-mails conversions

related to the tender. Upon further investigation, the admin discovered that one of the switch ports was

left open and an employee had plugged into the network using an Ethernet cable.

Which attack did the employee perform in the above situation?


Correct : A

In the scenario described, the employee performed aNetwork Sniffingattack. This type of attack involves capturing and analyzing packets traveling through a network. Since the admin discovered that confidential emails related to the tender were captured and that an open switch port was used to connect to the network, it indicates that the data was intercepted as it traveled across the network, which is characteristic of a sniffing attack. Network sniffing can be either passive or active; however, the scenario suggests a passive approach where the packets were monitored and captured without altering the network traffic.


Options Selected by Other Users:
Mark Question:

Start a Discussions

Submit Your Answer:
0 / 1500
Question 2

An attacker has access to password hashes of a Windows 7 computer. Which of the following attacks can the attacker use to reveal the passwords?


Correct : D

In the context of password hashes on a Windows 7 computer, a Rainbow Table attack is a feasible method an attacker might use to reveal passwords. This type of attack utilizes precomputed tables known as rainbow tables that contain hash values for every possible combination of characters. An attacker with access to password hashes can use these tables to look up the corresponding plaintext passwords. The effectiveness of rainbow tables stems from their ability to reverse cryptographic hash functions, which are used to store passwords securely.Since Windows 7 uses NTLM hashes, which are known to be vulnerable to rainbow table attacks, this method is particularly relevant12.


Options Selected by Other Users:
Mark Question:

Start a Discussions

Submit Your Answer:
0 / 1500
Question 3

Cindy is the network security administrator for her company. She just got back from a security

conference in Las Vegas where they talked about all kinds of old and new security threats; many of

which she did not know of. She is worried about the current security state of her company's network so

she decides to start scanning the network from an external IP address. To see how some of the hosts on

her network react, she sends out SYN packets to an IP range. A number of IPs responds with a SYN/ACK

response. Before the connection is established, she sends RST packets to those hosts to stop the session.

She has done this to see how her intrusion detection system will log the traffic. What type of scan is

Cindy attempting here?


Correct : A

The technique Cindy is using is known as a SYN scan, also referred to as a half-open scan. This method involves sending SYN packets to initiate a TCP connection. If a SYN/ACK response is received, it indicates that the port is listening (open). Cindy then sends an RST packet to close the session before the handshake is completed. This type of scan is useful for mapping out live hosts on a network without establishing a full TCP connection, which can be logged by intrusion detection systems and is less likely to be logged by the host system.


Options Selected by Other Users:
Mark Question:

Start a Discussions

Submit Your Answer:
0 / 1500
Question 4

Jason works as a System Administrator for www.company.com Inc. The company has a Windows

based network. Sam, an employee of the company, accidentally changes some of the applications and

system settings. He complains to Jason that his system is not working properly. To troubleshoot the

problem, Jason diagnoses the internals of his computer and observes that some changes have been

made in Sam's computer registry. To rectify the issue, Jason has to restore the registry. Which of the

following utilities can Jason use to accomplish the task? Each correct answer represents a complete

solution. Choose all that apply.


Correct : B, C


Options Selected by Other Users:
Mark Question:

Start a Discussions

Submit Your Answer:
0 / 1500
Question 5

Which of the following NIST incident category includes any activity that seeks to access or identify a federal agency computer, open ports, protocols, service or any combination for later exploit?


Correct : A

According to NIST guidelines, the incident category that includes activities seeking to access or identify a federal agency computer, open ports, protocols, services, or any combination thereof for later exploitation is categorized as 'Scans/Probes/Attempted Access'. This category encompasses any unauthorized attempts to access systems, networks, or data, which may include scanning for vulnerabilities or probing to discover open ports and services.


Options Selected by Other Users:
Mark Question:

Start a Discussions

Submit Your Answer:
0 / 1500