ECCouncil Updated 312-50v13 Exam Questions and Answers by alayah

This phase having the hacker uses different techniques and tools to realize maximum data from the system. they’re –

• Password cracking – Methods like Bruteforce, dictionary attack, rule-based attack, rainbow table are used. Bruteforce is trying all combinations of the password. Dictionary attack is trying an inventory of meaningful words until the password matches. Rainbow table takes the hash value of the password and compares with pre-computed hash values until a match is discovered.

• Password attacks – Passive attacks like wire sniffing, replay attack. Active online attack like Trojans, keyloggers, hash injection, phishing. Offline attacks like pre-computed hash, distributed network and rainbow. Non electronic attack like shoulder surfing, social engineering and dumpster diving.

To start the Computer Management Console from command line just type compmgmt.msc /computer:computername in your run box or at the command line and it should automatically open the Computer Management console.

Comprehensive and Detailed Explanation:

The Snort rule syntax:

alert tcp any any → 192.168.1.0/24 111

This means: Alert on TCP traffic from any IP and any port, going to any host in the 192.168.1.0/24 subnet on destination port 111.

The content "|00 01 86 a5|" identifies a mountd access signature pattern.

Port 111 is used by SunRPC (commonly associated with mountd in UNIX environments).

From CEH v13 Courseware:

Module 13: IDS, Firewalls and Honeypots → Understanding Snort Rules

The SOA (Start of Authority) record is a DNS record that defines the authoritative information about a domain. Its format includes the following fields:

(domain) IN SOA (Primary Name Server) (Responsible Email)

(Serial) (Refresh) (Retry) (Expire) (Minimum TTL)

Given:

Rutgers.edu. SOA NS1.Rutgers.edu ipad.college.edu (200302028 3600 3600 604800 2400.)

Field values:

Serial: 200302028 (→ This is the version number of the zone file.)

Refresh: 3600 seconds

Retry: 3600 seconds

Expire: 604800 seconds

Minimum TTL: 2400 seconds

These values represent key configurations and are all part of the SOA record's operational data.

A: 200302028 = Serial/version (correct)

B: 3600 = Refresh (correct)

C: 604800 = Expire (correct)

D: 2400 = Minimum TTL (correct)

Incorrect Options:

E and F (60, 4800): Not part of the SOA record shown.