ExamTopics Logo
Mail Us[email protected]
Menu
Eccouncil Discussions
exam questions

Exam 312-50v11 All Questions

View all questions & answers for the 312-50v11 exam
Go to Exam

Exam 312-50v11 topic 1 question 168 discussion

Actual exam question from ECCouncil's 312-50v11
Question #: 168
Topic #: 1
[All 312-50v11 Questions]

Jim, a professional hacker, targeted an organization that is operating critical industrial infrastructure. Jim used Nmap to scan open ports and running services on systems connected to the organization's OT network. He used an Nmap command to identify Ethernet/IP devices connected to the Internet and further gathered information such as the vendor name, product code and name, device name, and IP address.
Which of the following Nmap commands helped Jim retrieve the required information?

  • A. nmap -Pn -sT --scan-delay 1s --max-parallelism 1 -p < Port List > < Target IP >
  • B. nmap -Pn -sU -p 44818 --script enip-info < Target IP >
  • C. nmap -Pn -sT -p 46824 < Target IP >
  • D. nmap -Pn -sT -p 102 --script s7-info < Target IP >
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by Mento at April 25, 2021, 5:17 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
kingnachi
Highly Voted 2 years, 9 months ago
I would go with B as it scans on port 44818. Here is the explanation from "Nmap: Network Exploration and Security Auditing Cookbook - Second Edition", By Paulino Calderon - May 2017 : Enumerating Ethernet/IP devices Ethernet/IP is a very popular protocol used in industrial systems that uses Ethernet as the transport layer and CIP for providing services and profiles needed for the applications. Ethernet/IP devices by several vendors usually operate on UDP port 44818 and we can gather information such as vendor name, product name, serial number, device type, product code, internal IP address, and version.
upvoted 17 times
uday1985
1 year, 11 months ago
enip-info: This NSE script is used to send a EtherNet/IP packet to a remote device that has TCP 44818 open. The script will send a Request Identity Packet and once a response is received, it validates that it was a proper response to the command that was sent, and then will parse out the data. Information that is parsed includes Device Type, Vendor ID, Product name, Serial Number, Product code, Revision Number, status, state, as well as the Device IP. so it scans that ports auto.
upvoted 3 times
CHCHCHC
8 months, 1 week ago
In here it says TCP 44818, but in the scan it is -sU
upvoted 1 times
...
...
...
Mento
Highly Voted 2 years, 12 months ago
Based on https://nmap.org/nsedoc/scripts/enip-info.html Must be B.
upvoted 12 times
tille
2 years, 11 months ago
The problem is that the question says -sU which means UDP scan, but the referred link shows the enip script uses port 102/TCP. the answer C is a scada port, which is IoT also the D: The s7-info gives something similar result So in summary, this question is a mess, I couldn't guess a good answer.
upvoted 4 times
spydog
2 years, 6 months ago
enip-info script is indeed using port 44818. In addition it provide all the information required in the question. While s7-info is targeting specific vendor - Siemens.
upvoted 4 times
...
...
...
BallCS
Most Recent 2 months, 4 weeks ago
Selected Answer: B
Scanning Ethernet/IP Devices nmap -Pn -sU -p 44818 --script enip-info <Target IP> Ethernet/IP is a popular protocol implemented by many industrial networks. Ethernet/IP uses Ethernet as a transport layer protocol, and CIP is used to provide services for industrial applications. This protocol operates on UDP port number 44818. Using the above command, attackers can gather information such as the name of the vendor, product code and name, device name, IP address, etc.
upvoted 1 times
...
Daniel8660
1 year, 6 months ago
Selected Answer: B
Scanning Ethernet/IP Devices nmap -Pn -sU -p 44818 --script enip-info <Target IP> # Ethernet/IP is a popular protocol implemented by many industrial networks. Ethernet/IP uses Ethernet as a transport layer protocol, and CIP is used to provide services for industrial applications. This protocol operates on UDP port number 44818.Attackers can gather information such as the name of the vendor, product code and name, device name, IP address, etc. (P.2754/2738)
upvoted 4 times
...
uzey
2 years, 4 months ago
Selected Answer: B
OT - port 44818
upvoted 3 times
...
Qwertyzloy
2 years, 4 months ago
-p102 and s7-info is only about Siemens PLc, 44818 is about several vendors. I would go B.
upvoted 1 times
...
martco
2 years, 5 months ago
a sneaky trick question they are ALL valid scan commands against SCADA type systems but only one of them achieves the general purpose broad sweep for open ports needed here...
upvoted 1 times
martco
2 years, 5 months ago
sorry disregard that...there is one command there that could meet all the stated demands of the scenario (the reference to the various device info AND Ethernet/IP device info IS specific) ans = B
upvoted 1 times
...
...
BigMomma4752
2 years, 7 months ago
The correct answer is B. In this form of encryption algorithm, every individual block contains 64-bit data, and three keys are used, where each key consists of 56 bits.
upvoted 1 times
...
BigMomma4752
2 years, 7 months ago
The correct answer is B. In this form of encryption algorithm, every individual block contains 64-bit data, and three keys are used, where each key consists of 56 bits
upvoted 1 times
...
ANDRESCB1988
2 years, 9 months ago
correct
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago