Online Access Free ECCouncil.312-50v11.v2022-10-19.q182 Practice Test (Page 16)

312-50v11 Exam Question 71

Wilson, a professional hacker, targets an organization for financial benefit and plans to compromise its systems by sending malicious emails. For this purpose, he uses a tool to track the emails of the target and extracts information such as sender identities, mail servers, sender IP addresses, and sender locations from different public sources. He also checks if an email address was leaked using the haveibeenpwned.com API.
Which of the following tools is used by Wilson in the above scenario?

A.Netcraft

B.Infoga

C.Factiva

D.ZoomInfo

312-50v11 Exam Question 72

Gerard, a disgruntled ex-employee of Sunglass IT Solutions, targets this organization to perform sophisticated attacks and bring down its reputation in the market. To launch the attacks process, he performed DNS footprinting to gather information about DNS servers and to identify the hosts connected in the target network.
He used an automated tool that can retrieve information about DNS zone data including DNS domain names, computer names, IP addresses, DNS records, and network Whois records. He further exploited this information to launch other sophisticated attacks.
What is the tool employed by Gerard in the above scenario?

A.Bluto

B.zANTI

C.Knative

D.Towelroot

312-50v11 Exam Question 73

Henry is a penetration tester who works for XYZ organization. While performing enumeration on a client organization, he queries the DNS server for a specific cached DNS record. Further, by using this cached record, he determines the sites recently visited by the organization's user. What is the enumeration technique used by Henry on the organization?

A.DNS cache poisoning

B.DNS cache snooping

C.DNS SEC zone walking

D.DNS zone walking

312-50v11 Exam Question 74

Bill is a network administrator. He wants to eliminate unencrypted traffic inside his company's network. He decides to setup a SPAN port and capture all traffic to the datacenter. He immediately discovers unencrypted traffic in port UDP 161. what protocol is this port using and how can he secure that traffic?

A.it is not necessary to perform any actions, as SNMP is not carrying important information.

B.SNMP and he should change it to SNMP V3

C.RPC and the best practice is to disable RPC completely

D.SNMP and he should change it to SNMP v2, which is encrypted

Correct Answer: B

Explanation
We have various articles already in our documentation for setting up SNMPv2 trap handling in Opsview, but SNMPv3 traps are a whole new ballgame. They can be quite confusing and complicated to set up the first time you go through the process, but when you understand what is going on, everything should make more sense.
SNMP has gone through several revisions to improve performance and security (version 1, 2c and 3). By default, it is a UDP port based protocol where communication is based on a 'fire and forget' methodology in which network packets are sent to another device, but there is no check for receipt of that packet (versus TCP port when a network packet must be acknowledged by the other end of the communication link).
There are two modes of operation with SNMP - get requests (or polling) where one device requests information from an SNMP enabled device on a regular basis (normally using UDP port 161), and traps where the SNMP enabled device sends a message to another device when an event occurs (normally using UDP port
162). The latter includes instances such as someone logging on, the device powering up or down, or a wide variety of other problems that would need this type of investigation.
This blog covers SNMPv3 traps, as polling and version 2c traps are covered elsewhere in our documentation.
SNMP trapsSince SNMP is primarily a UDP port based system, traps may be 'lost' when sending between devices; the sending device does not wait to see if the receiver got the trap. This means if the configuration on the sending device is wrong (using the wrong receiver IP address or port) or the receiver isn't listening for traps or rejecting them out of hand due to misconfiguration, the sender will never know.
The SNMP v2c specification introduced the idea of splitting traps into two types; the original 'hope it gets there' trap and the newer 'INFORM' traps. Upon receipt of an INFORM, the receiver must send an acknowledgement back. If the sender doesn't get the acknowledgement back, then it knows there is an existing problem and can log it for sysadmins to find when they interrogate the device.

312-50v11 Exam Question 75

While scanning with Nmap, Patin found several hosts which have the IP ID of incremental sequences. He then decided to conduct: nmap -Pn -p- -si kiosk.adobe.com www.riaa.com. kiosk.adobe.com is the host with incremental IP ID sequence. What is the purpose of using "-si" with Nmap?

A.Conduct stealth scan

B.Conduct ICMP scan

C.Conduct IDLE scan

D.Conduct silent scan

Other Version: 1212ECCouncil.312-50v11.v2024-04-29.q284; 124ECCouncil.Pass4surecert.312-50v11.v2022-04-01.by.julius.198q.pdf; 6239ECCouncil.312-50v11.v2022-03-17.q198; 2830ECCouncil.312-50v11.v2021-11-17.q136; 43ECCouncil.Updatedumps.312-50v11.v2021-09-16.by.gene.138q.pdf

Latest Upload: 155NREMT.EMT.v2026-06-06.q125; 123Juniper.JN0-232.v2026-06-06.q60; 154Oracle.1D0-1057-25-D.v2026-06-03.q29; 285NAHQ.CPHQ.v2026-06-03.q396; 262CompTIA.220-1201.v2026-06-03.q196; 163GIAC.GCFE.v2026-06-03.q78; 159HIMSS.CPHIMS.v2026-06-03.q45; 249Google.Professional-Cloud-Architect.v2026-06-03.q165; 165HP.HPE7-A09.v2026-06-02.q48; 178ACDIS.CCDS-O.v2026-06-02.q56

312-50v11 Exam Question 71

312-50v11 Exam Question 72

312-50v11 Exam Question 73

312-50v11 Exam Question 74

312-50v11 Exam Question 75

Download PDF File