Free Access ECCouncil.312-50v12.v2023-03-24.q184 Practice Test (Page 29)

Question 136

You have retrieved the raw hash values from a Windows 2000 Domain Controller. Using social engineering, you come to know that they are enforcing strong passwords. You understand that all users are required to use passwords that are at least 8 characters in length. All passwords must also use 3 of the 4 following categories: lower case letters, capital letters, numbers and special characters. With your existing knowledge of users, likely user account names and the possibility that they will choose the easiest passwords possible, what would be the fastest type of password cracking attack you can run against these hash values and still get results?

A.Brute Force Attack

B.Online Attack

C.Hybrid Attack

D.Dictionary Attack

Question 137

A Security Engineer at a medium-sized accounting firm has been tasked with discovering how much information can be obtained from the firm's public facing web servers. The engineer decides to start by using netcat to port 80.
The engineer receives this output:
HTTP/1.1 200 OK
Server: Microsoft-IIS/6
Expires: Tue, 17 Jan 2011 01:41:33 GMT
Date: Mon, 16 Jan 2011 01:41:33 GMT
Content-Type: text/html
Accept-Ranges: bytes
Last Modified: Wed, 28 Dec 2010 15:32:21 GMT
ETag:"b0aac0542e25c31:89d"
Content-Length: 7369
Which of the following is an example of what the engineer performed?

A.SQL injection

B.Whois database query

C.Banner grabbing

D.Cross-site scripting

Question 138

A large mobile telephony and data network operator has a data center that houses network elements. These are essentially large computers running on Linux. The perimeter of the data center is secured with firewalls and IPS systems.
What is the best security policy concerning this setup?

A.As long as the physical access to the network elements is restricted, there is no need for additional measures.

B.Network elements must be hardened with user ids and strong passwords. Regular security tests and audits should be performed.

C.The operator knows that attacks and down time are inevitable and should have a backup site.

D.There is no need for specific security measures on the network elements as long as firewalls and IPS systems exist.

Question 139

in this form of encryption algorithm, every Individual block contains 64-bit data, and three keys are used, where each key consists of 56 bits. Which is this encryption algorithm?

A.IDEA

B.Triple Data Encryption standard

C.MDS encryption algorithm

D.AES

Correct Answer: B

Triple DES is another mode of DES operation. It takes three 64-bit keys, for an overall key length of 192 bits. In Stealth, you merely type within the entire 192-bit (24 character) key instead of entering each of the three keys individually. The Triple DES DLL then breaks the user-provided key into three subkeys, padding the keys if necessary in order that they are each 64 bits long. The procedure for encryption is strictly an equivalent as regular DES, but it's repeated 3 times , hence the name Triple DES. the info is encrypted with the primary key, decrypted with the second key, and eventually encrypted again with the third key. Triple DES runs 3 times slower than DES, but is far safer if used properly. The procedure for decrypting something is that the same because the procedure for encryption, except it's executed in reverse. Like DES, data is encrypted and decrypted in 64-bit chunks. Although the input key for DES is 64 bits long, the particular key employed by DES is merely 56 bits long . the smallest amount significant (right-most) bit in each byte may be a parity , and will be set in order that there are always an odd number of 1s in every byte. These parity bits are ignored, so only the seven most vital bits of every byte are used, leading to a key length of 56 bits. this suggests that the effective key strength for Triple DES is really 168 bits because each of the three keys contains 8 parity bits that aren't used during the encryption process. Triple DES Modes Triple ECB (Electronic Code Book) * This variant of Triple DES works precisely the same way because the ECB mode of DES. * this is often the foremost commonly used mode of operation. Triple CBC (Cipher Block Chaining) * This method is extremely almost like the quality DES CBC mode. * like Triple ECB, the effective key length is 168 bits and keys are utilized in an equivalent manner, as described above, but the chaining features of CBC mode also are employed. * the primary 64-bit key acts because the Initialization Vector to DES. * Triple ECB is then executed for one 64-bit block of plaintext. * The resulting ciphertext is then XORed with subsequent plaintext block to be encrypted, and therefore the procedure is repeated. * This method adds an additional layer of security to Triple DES and is therefore safer than Triple ECB, although it's not used as widely as Triple ECB.

Question 140

How is the public key distributed in an orderly, controlled fashion so that the users can be sure of the sender's identity?

A.Hash value

B.Digital signature

C.Private key

D.Digital certificate

Other Version: 1044ECCouncil.312-50v12.v2024-12-18.q147

Latest Upload: 107Oracle.1Z0-1057-23.v2025-09-10.q47; 150Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 155TheSecOpsGroup.CNSP.v2025-09-08.q20; 204CFAInstitute.ESG-Investing.v2025-09-08.q173; 152PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 140Salesforce.Data-Architect.v2025-09-05.q216; 136Adobe.AD0-E605.v2025-09-05.q50; 176Nutanix.NCP-MCI-6.10.v2025-09-05.q55; 114Oracle.1z0-591.v2025-09-05.q104

Question 136

Question 137

Question 138

Question 139

Question 140

Download PDF File