Proper study guides for Most up-to-date EC-Council Ethical Hacking and Countermeasures (CEHv6) certified begins with EC-Council 312-50 preparation products which designed to deliver the Download 312-50 questions by making you pass the 312-50 test at your first time. Try the free 312-50 demo right now.
♥♥ 2017 NEW RECOMMEND ♥♥
Free VCE & PDF File for EC-Council 312-50 Real Exam
★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
2017 Apr 312-50 Study Guide Questions:
Q291. Let's imagine three companies (A, B and C), all competing in a challenging global environment. Company A and B are working together in developing a product that will generate a major competitive advantage for them. Company A has a secure DNS server while company B has a DNS server vulnerable to spoofing. With a spoofing attack on the DNS server of company B, company C gains access to outgoing e-mails from company B. How do you prevent DNS spoofing? (Select the Best Answer.)
A. Install DNS logger and track vulnerable packets
B. Disable DNS timeouts
C. Install DNS Anti-spoofing
D. Disable DNS Zone Transfer
Explanation: Explantion: Implement DNS Anit-Spoofing measures to prevent DNS Cache Pollution to occur.
Q292. Steven the hacker realizes that the network administrator of company is using syskey to protect organization resources in the Windows 2000 Server. Syskey independently encrypts the hashes so that physical access to the server, tapes, or ERDs is only first step to cracking the passwords. Steven must break through the encryption used by syskey before he can attempt to brute force dictionary attacks on the hashes. Steven runs a program called “SysCracker” targeting the Windows 2000 Server machine in attempting to crack the hash used by Syskey. He needs to configure the encryption level before he can launch attach.
How many bits does Syskey use for encryption?
A. 40 bit
B. 64 bit
C. 256 bit
D. 128 bit
Explanation: SYSKEY is a utility that encrypts the hashed password information in a SAM database using a 128-bit encryption key.
Q293. You want to use netcat to generate huge amount of useless network data continuously for various performance testing between 2 hosts.
Which of the following commands accomplish this?
A. Machine A #yes AAAAAAAAAAAAAAAAAAAAAA | nc –v –v –l –p 2222 > /dev/null Machine B #yes BBBBBBBBBBBBBBBBBBBBBB | nc machinea 2222 > /dev/null
B. Machine A cat somefile | nc –v –v –l –p 2222 Machine B cat somefile | nc othermachine 2222 C. Machine A nc –l –p 1234 | uncompress –c | tar xvfp Machine B tar cfp – /some/dir | compress –c | nc –w 3 machinea 1234
D. Machine A while true : do nc –v –l –s –p 6000 machineb 2 Machine B while true ; do nc –v –l –s –p 6000 machinea 2 done
Explanation: Machine A is setting up a listener on port 2222 using the nc command and then having the letter A sent an infinite amount of times, when yes is used to send data yes NEVER stops until it recieves a break signal from the terminal (Control+C), on the client end (machine B), nc is being used as a client to connect to machine A, sending the letter B and infinite amount of times, while both clients have established a TCP connection each client is infinitely sending data to each other, this process will run FOREVER until it has been stopped by an administrator or the attacker.
Replace 312-50 actual test:
Q294. System Administrators sometimes post questions to newsgroups when they run into technical challenges. As an ethical hacker, you could use the information in newsgroup posting to glean insight into the makeup of a target network. How would you search for these posting using Google search?
A. Search in Google using the key strings “the target company” and “newsgroups”
B. Search for the target company name at http://groups.google.com
C. Use NNTP websites to search for these postings
D. Search in Google using the key search strings “the target company” and “forums”
Explanation: Using http://groups.google.com is the easiest way to access various newsgroups today. Before http://groups.google.com you had to use special NNTP clients or subscribe to some nntp to web services.
Q295. Bob is doing a password assessment for one of his clients. Bob suspects that security policies are not in place. He also suspects that weak passwords are probably the norm throughout the company he is evaluating. Bob is familiar with password weaknesses and key loggers.
Which of the following options best represents the means that Bob can adopt to retrieve passwords from his clients hosts and servers.
A. Hardware, Software, and Sniffing.
B. Hardware and Software Keyloggers.
C. Passwords are always best obtained using Hardware key loggers.
D. Software only, they are the most effective.
Explanation: Different types of keylogger planted into the environment would retrieve the passwords for Bob..
Q296. Which of the following best describes Vulnerability?
A. The loss potential of a threat
B. An action or event that might prejudice security
C. An agent that could take advantage of a weakness
D. A weakness or error that can lead to compromise
Explanation: A vulnerability is a flaw or weakness in system security procedures, design or implementation that could be exercised (accidentally triggered or intentionally exploited) and result in a harm to an IT system or activity.
Refined 312-50 torrent:
Q297. You suspect that your Windows machine has been compromised with a Trojan virus. When you run anti-virus software it does not pick of the Trojan. Next you run netstat command to look for open ports and you notice a strange port 6666 open.
What is the next step you would do?
A. Re-install the operating system.
B. Re-run anti-virus software.
C. Install and run Trojan removal software.
D. Run utility fport and look for the application executable that listens on port 6666.
Explanation: Fport reports all open TCP/IP and UDP ports and maps them to the owning application. This is the same information you would see using the 'netstat -an' command, but it also maps those ports to running processes with the PID, process name and path. Fport can be used to quickly identify unknown open ports and their associated applications.
Q298. When working with Windows systems, what is the RID of the true administrator account?
Explanation: Because of the way in which Windows functions, the true administrator account always has a RID of 500.
Q299. An attacker runs netcat tool to transfer a secret file between two hosts.
Machine A: netcat -1 –p 1234 < secretfile Machine B: netcat 192.168.3.4 > 1234
He is worried about information being sniffed on the network.
How would the attacker use netcat to encrypt information before transmitting it on the wire?
A. Machine A: netcat -1 –p –s password 1234 < testfile Machine B: netcat <machine A IP> 1234
B. Machine A: netcat -1 –e magickey –p 1234 < testfile Machine B: netcat <machine A IP> 1234
C. Machine A: netcat -1 –p 1234 < testfile –pw password Machine B: netcat <machine A IP> 1234 –pw password
D. Use cryptcat instead of netcat.
Explanation: Cryptcat is the standard netcat enhanced with twofish encryption with ports for WIndows NT, BSD and Linux. Twofish is courtesy of counterpane, and cryptix. A default netcat installation does not contain any cryptography support.
Q300. What file system vulnerability does the following command take advantage of?
type c:\\anyfile.exe > c:\\winnt\\system32\\calc.exe:anyfile.exe
D. Backdoor access
Explanation: ADS (or Alternate Data Streams) is a “feature” in the NTFS file system that makes it possible to hide information in alternate data streams in existing files. The file can have multiple data streams and the data streams are accessed by filename:stream.