Home » [Free] 2018(Jan) EnsurePass Braindumps ECCouncil 312-50 Dumps with VCE and PDF 381-390

[Free] 2018(Jan) EnsurePass Braindumps ECCouncil 312-50 Dumps with VCE and PDF 381-390

Ensurepass.com : Ensure you pass the IT Exams
2018 Jan ECCouncil Official New Released 312-50
100% Free Download! 100% Pass Guaranteed!
http://www.EnsurePass.com/312-50.html

Ethical Hacking and Countermeasures

Question No: 381 – (Topic 14)

Exhibit:

Ensurepass 2018 PDF and VCE

You are conducting pen-test against a company’s website using SQL Injection techniques. You enter “anuthing or 1=1-” in the username filed of an authentication

form. This is the output returned from the server. What is the next step you should do?

  1. Identify the user context of the web application by running_ http://www.example.com/order/include_rsa_asp?pressReleaseID=5 AND

    USER_NAME() = ‘dbo’

  2. Identify the database and table name by running: http://www.example.com/order/include_rsa.asp?pressReleaseID=5 AND

    ascii(lower(substring((SELECT TOP 1 name FROM sysobjects WHERE xtype=’U’),1))) gt; 109

  3. Format the C: drive and delete the database by running: http://www.example.com/order/include_rsa.asp?pressReleaseID=5 AND xp_cmdshell ‘format c: /q /yes ‘; drop database myDB; –

  4. Reboot the web server by running: http://www.example.com/order/include_rsa.asp?pressReleaseID=5 AND xp_cmdshell ‘iisreset -reboot’; –

Answer: A

Question No: 382 – (Topic 14)

Which of the following activities will not be considered passive footprinting?

  1. Go through the rubbish to find out any information that might have been discarded

  2. Search on financial site such as Yahoo Financial to identify assets

  3. Scan the range of IP address found in the target DNS database

  4. Perform multiples queries using a search engine

Answer: C

Explanation: Scanning is not considered to be passive footprinting.

Question No: 383 – (Topic 14)

Bank of Timbukut is a medium-sized, regional financial institution in Timbuktu. The bank has deployed a new Internet-accessible Web Application recently. Customers can access their account balances, transfer money between accounts, pay bills and conduct online financial business using a web browser.

John Stevens is in charge of information security at Bank of Timbukut. After one month in production, several customers have complained about the Internet enabled banking application. Strangely, the account balances of many of the bank’s customers had been changed ! However, money hasn’t been removed from the bank, instead money was transferred between accounts. Given this attack profile, John Stevens reviewed the Web Application’s logs and found the following entries.

Ensurepass 2018 PDF and VCE

What kind of attack did the Hacker attempt to carry out at the Bank?

  1. Brute Force attack in which the Hacker attempted guessing login ID and password from password cracking tools

  2. The Hacker used a generator module to pass results to the Web Server and exploited Web Application CGI vulnerability.

  3. The Hacker first attempted logins with suspected user names, then used SQL injection to gain access to valid login IDs

  4. The Hacker attempted Session Hijacking, in which the hacker opened an account with the bank, then logged in to receive a session ID, guessed the next ID and took over Jason’s session.

Answer: C

Explanation: Typing things like ‘ or 1=1 – in the login field is evidence of a hacker trying out if the system is vulnerable to SQL injection.

Question No: 384 – (Topic 14)

A particular database threat utilizes a SQL injection technique to penetrate a target system. How would an attacker use this technique to compromise a database?

  1. An attacker uses poorly designed input validation routines to create or alter SQL commands to gain access to unintended data or execute commands of the database

  2. An attacker submits user input that executes an operating system command to compromise a target system

  3. An attacker gains control of system to flood the target system with requests, preventing legitimate users from gaining access

  4. An attacker utilizes an incorrect configuration that leads to access with higher-than- expected privilege of the database

Answer: A

Explanation: Using the poorly designed input validation to alter or steal data from a database is a SQL injection attack.

Question No: 385 – (Topic 14)

What is the problem with this ASP script (login.asp)?

lt;%

Set objConn = CreateObject(quot;ADODB.Connectionquot;) objConn.Open Application(quot;WebUsersConnectionquot;)

sSQL=quot;SELECT * FROM Users where Username=? amp; Request(quot;userquot;) amp; _ quot;?and Password=? amp; Request(quot;pwdquot;) amp; quot;?

Set RS = objConn.Execute(sSQL)

If RS.EOF then Response.Redirect(quot;login.asp?msg=Invalid Loginquot;) Else

Session.Authorized = True Set RS = nothing

Set objConn = nothing Response.Redirect(quot;mainpage.aspquot;) End If

%gt;

  1. The ASP script is vulnerable to XSS attack

  2. The ASP script is vulnerable to SQL Injection attack

  3. The ASP script is vulnerable to Session Splice attack

  4. The ASP script is vulnerable to Cross Site Scripting attack

Answer: B

Question No: 386 – (Topic 14)

Bob has been hired to do a web application security test. Bob notices that the site is dynamic and infers that they mist be making use of a database at the application back end. Bob wants to validate whether SQL Injection would be possible.

What is the first character that Bob should use to attempt breaking valid SQL requests?

  1. Semi Column

  2. Double Quote

  3. Single Quote

  4. Exclamation Mark

Answer: C

Explanation: In SQL single quotes are used around values in queries, by entering another

single quote Bob tests if the application will submit a null value and probably returning an error.

Question No: 387 – (Topic 14)

Identify SQL injection attack from the HTTP requests shown below:

  1. http://www.victim.com/example?accountnumber=67891amp;creditamount=999999999

  2. http://www.xsecurity.com/cgiin/bad.cgi?foo=…./bin/ls -al C. http://www.myserver.com/search.asp?lname=smith’;update usertable set% 20passwd=’hAx0r’;-

D.

http://www.myserver.com/script.php?mydata=