Exam Code: 312-50 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: Ethical Hacking and Countermeasures (CEHv6)
Certification Provider: EC-Council
Free Today! Guaranteed Training- Pass 312-50 Exam.
♥♥ 2017 NEW RECOMMEND ♥♥
Free VCE & PDF File for EC-Council 312-50 Real Exam
★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
2017 Mar 312-50 Study Guide Questions:
Q251. Rebecca is a security analyst and knows of a local root exploit that has the ability to enable local users to use available exploits to gain root privileges. This vulnerability exploits a condition in the Linux kernel within the execve() system call. There is no known workaround that exists for this vulnerability. What is the correct action to be taken by Rebecca in this situation as a recommendation to management?
A. Rebecca should make a recommendation to disable the () system call
B. Rebecca should make a recommendation to upgrade the Linux kernel promptly
C. Rebecca should make a recommendation to set all child-process to sleep within the execve()
D. Rebecca should make a recommendation to hire more system administrators to monitor all child processes to ensure that each child process can't elevate privilege
Q252. You have successfully brute forced basic authentication configured on a Web Server using Brutus hacking tool. The username/password is “Admin” and “Bettlemani@”. You logon to the system using the brute forced password and plant backdoors and rootkits.
After downloading various sensitive documents from the compromised machine, you proceed to clear the log files to hide your trace..
Which event log located at C:\\Windows\\system32\\config contains the trace of your brute force attempts?
Explanation: The Security Event log (SecEvent.Evt) will contain all the failed logins against the system.
Topic 6, Trojans and Backdoors
Q253. How would you describe an attack where an attacker attempts to deliver the payload over multiple packets over long periods of time with the purpose of defeating simple pattern matching in IDS systems without session reconstruction? A characteristic of this attack would be a continuous stream of small packets.
A. Session Splicing
B. Session Stealing
C. Session Hijacking
D. Session Fragmentation
Abreast of the times 312-50 practice test:
Q254. To scan a host downstream from a security gateway, Firewalking:
A. Sends a UDP-based packet that it knows will be blocked by the firewall to determine how specifically the firewall responds to such packets
B. Uses the TTL function to send packets with a TTL value set to expire one hop past the identified security gateway
C. Sends an ICMP ''administratively prohibited'' packet to determine if the gateway will drop the packet without comment.
D. Assesses the security rules that relate to the target system before it sends packets to any hops on the route to the gateway
Explanation: Firewalking uses a traceroute-like IP packet analysis to determine whether or not a particular packet can pass from the attacker’s host to a destination host through a packet-filtering device. This technique can be used to map ‘open’ or ‘pass through’ ports on a gateway. More over, it can determine whether packets with various control information can pass through a given gateway.
Q255. While examining a log report you find out that an intrusion has been attempted by a machine whose IP address is displayed as 0xde.0xad.0xbe.0xef. It looks to you like a hexadecimal number. You perform a ping 0xde.0xad.0xbe.0xef. Which of the following IP addresses will respond to the ping and hence will likely be responsible for the the intrusion ?
Explanation: Convert the hex number to binary and then to decimal.
0xde.0xad.0xbe.0xef translates to 188.8.131.52 and not 222.273.290.239
15*1 = 15
14*16 = 224
0xbe = 14*1 = 14 11*16 = 176
0xad = 13*1 = 13 10*16 = 160
0xde = 14*1 = 14 13*16 = 208
Q256. Steven the hacker realizes the network administrator of Acme Corporation is using syskey in Windows 2008 Server to protect his resources in the organization. Syskey independently encrypts the hashes so that physical access to the server, tapes, or ERDs is only first step to cracking the passwords. Steven must break through the encryption used by syskey before he can attempt to use brute force dictionary attacks on the hashes. Steven runs a program called "SysCracker" targeting the Windows 2008 Server machine in attempting to crack the hash used by Syskey. He needs to configure the encryption level before he can launch the attack. How many bits does Syskey use for encryption?
A. 40-bit encryption
B. 128-bit encryption
C. 256-bit encryption
D. 64-bit encryption
Pinpoint 312-50 samples:
Q257. What is the advantage in encrypting the communication between the agent and the monitor in an Intrusion Detection System?
A. Encryption of agent communications will conceal the presence of the agents
B. The monitor will know if counterfeit messages are being generated because they will not be encrypted
C. Alerts are sent to the monitor when a potential intrusion is detected
D. An intruder could intercept and delete data or alerts and the intrusion can go undetected
Q258. This type of Port Scanning technique splits TCP header into several packets so that the packet filters are not able to detect what the packets intends to do.
A. UDP Scanning
B. IP Fragment Scanning
C. Inverse TCP flag scanning
D. ACK flag scanning
Q259. Bob was frustrated with his competitor, Brownies Inc., and decided to launch an attack that would result in serious financial losses. He planned the attack carefully and carried out the attack at the appropriate moment. Meanwhile, Trent, an administrator at Brownies Inc., realized that their main financial transaction server had been attacked. As a result of the attack, the server crashed and Trent needed to reboot the system, as no one was able to access the resources of the company. This process involves human interaction to fix it. What kind of Denial of Service attack was best illustrated in the scenario above?
A. DOS attacks which involves flooding a network or system
B. DOS attacks which involves crashing a network or system
C. DOS attacks which is done accidentally or deliberately
D. Simple DDOS attack
Explanation: This is not a DDOS, there is only one person involved as attacker
Q260. Which of the following statements would not be a proper definition for a Trojan Horse?
A. An unauthorized program contained within a legitimate program.
This unauthorized program performs functions unknown (and probably unwanted) by the user.
B. A legitimate program that has been altered by the placement of unauthorized code within it; this code perform functions unknown (and probably unwanted) by the user.
C. An authorized program that has been designed to capture keyboard keystrokes while the user remains unaware of such an activity being performed.
D. Any program that appears to perform a desirable and necessary function but that (because of unauthorized code within it that is unknown to the user) performs functions unknown (and definitely unwanted) by the user.
Explanation: A Trojan is all about running unauthorized code on the users computer without the user knowing of it.