Top Renewal 312-50 brain dumps Reviews!

It is more faster and easier to pass the EC-Council 312-50 exam by using Practical EC-Council Ethical Hacking and Countermeasures (CEHv6) questuins and answers. Immediate access to the Far out 312-50 Exam and find the same core area 312-50 questions with professionally verified answers, then PASS your exam with a high score now.


Free VCE & PDF File for EC-Council 312-50 Real Exam
(Full Version!)

Pass on Your First TRY 100% Money Back Guarantee Realistic Practice Exam Questions

Free Instant Download NEW 312-50 Exam Dumps (PDF & VCE):
Available on:

Q321. Jason works in the sales and marketing department for a very large advertising agency located in Atlanta. Jason is working on a very important marketing campaign for his company's largest client. Before the project could be completed and implemented, a competing advertising company comes out with the exact same marketing materials and advertising, thus rendering all the work done for Jason's client unusable. Jason is questioned about this and says he has no idea how all the material ended up in the hands of a competitor. 

Without any proof, Jason's company cannot do anything except move on. After working on another high profile client for about a month, all the marketing and sales material again ends up in the hands of another competitor and is released to the public before Jason's company can finish the project. Once again, Jason says that he had nothing to do with it and does not know how this could have happened. Jason is given leave with pay until they can figure out what is going on. 

Jason's supervisor decides to go through his email and finds a number of emails that were sent to the competitors that ended up with the marketing material. The only items in the emails were attached jpg files, but nothing else. Jason's supervisor opens the picture files, but cannot find anything out of the ordinary with them. 

What technique has Jason most likely used? 

A. Stealth Rootkit Technique 

B. Snow Hiding Technique 

C. ADS Streams Technique 

D. Image Steganography Technique 

Answer: D

Q322. Clive has been monitoring his IDS and sees that there are a huge number of ICMP Echo Reply packets that are being received on the external gateway interface. Further inspection reveals that they are not responses from the internal hosts’ requests but simply responses coming from the Internet. 

What could be the most likely cause? 

A. Someone has spoofed Clive’s IP address while doing a smurf attack. 

B. Someone has spoofed Clive’s IP address while doing a land attack. 

C. Someone has spoofed Clive’s IP address while doing a fraggle attack. 

D. Someone has spoofed Clive’s IP address while doing a DoS attack. 

Answer: A

Explanation: The smurf attack, named after its exploit program, is a denial-of-service attack that uses spoofed broadcast ping messages to flood a target system. In such an attack, a perpetrator sends a large amount of ICMP echo (ping) traffic to IP broadcast addresses, all of it having a spoofed source address of the intended victim. If the routing device delivering traffic to those broadcast addresses performs the IP broadcast to layer 2 broadcast function, most hosts on that IP network will take the ICMP echo request and reply to it with an echo reply, multiplying the traffic by the number of hosts responding. On a multi-access broadcast network, hundreds of machines might reply to each packet. 

Q323. Which of the following tools can be used to perform a zone transfer? 

A. NSLookup 

B. Finger 

C. Dig 

D. Sam Spade 

E. Host 

F. Netcat 

G. Neotrace 

Answer: ACDE

Explanation: There are a number of tools that can be used to perform a zone transfer. Some of these include: NSLookup, Host, Dig, and Sam Spade. 

Q324. You are a Administrator of Windows server. You want to find the port number for POP3. What file would you find the information in and where? 

Select the best answer. 

A. %windir%\\\\etc\\\\services 

B. system32\\\\drivers\\\\etc\\\\services 

C. %windir%\\\\system32\\\\drivers\\\\etc\\\\services 

D. /etc/services 

E. %windir%/system32/drivers/etc/services 

Answer: C


Explanations: %windir%\\\\system32\\\\drivers\\\\etc\\\\services is the correct place to look for this information. 

Q325. RC4 is known to be a good stream generator. RC4 is used within the WEP standard on wireless LAN. WEP is known to be insecure even if we are using a stream cipher that is known to be secured. 

What is the most likely cause behind this? 

A. There are some flaws in the implementation. 

B. There is no key management. 

C. The IV range is too small. 

D. All of the above. 

E. None of the above. 

Answer: D

Explanation: Because RC4 is a stream cipher, the same traffic key must never be used twice. The purpose of an IV, which is transmitted as plain text, is to prevent any repetition, but a 24-bit IV is not long enough to ensure this on a busy network. The way the IV was used also opened WEP to a related key attack. For a 24-bit IV, there is a 50% probability the same IV will repeat after 5000 packets. Many WEP systems require a key in hexadecimal format. Some users choose keys that spell words in the limited 0-9, A-F hex character set, for example C0DE C0DE C0DE C0DE. Such keys are often easily guessed. 

Q326. What is the proper response for a FIN scan if the port is open? 






F. No response 


Explanation: Open ports respond to a FIN scan by ignoring the packet in question. 

Q327. When working with Windows systems, what is the RID of the true administrator account? 

A. 500 

B. 501 

C. 512 

D. 1001 

E. 1024 

F. 1000 


Explanation: The built-in administrator account always has a RID of 500. 

Q328. What is the best means of prevention against viruses? 

A. Assign read only permission to all files on your system. 

B. Remove any external devices such as floppy and USB connectors. 

C. Install a rootkit detection tool. 

D. Install and update anti-virus scanner. 

Answer: D

Explanation: Although virus scanners only can find already known viruses this is still the best defense, together with users that are informed about risks with the internet. 

Q329. You visit a website to retrieve the listing of a company's staff members. But you can not find it on the website. You know the listing was certainly present one year before. How can you retrieve information from the outdated website? 

A. Through Google searching cached files 

B. Through 

C. Download the website and crawl it 

D. Visit customers' and prtners' websites 

Answer: B

Explanation: mirrors websites and categorizes them by date and month depending on the crawl time. dates back to 1996, Google is incorrect because the cache is only as recent as the latest crawl, the cache is over-written on each subsequent crawl. Download the website is incorrect because that's the same as what you see online. Visiting customer partners websites is just bogus. The answer is then Firmly, C, 

Q330. Stephanie works as a records clerk in a large office building in downtown Chicago. On Monday, she went to a mandatory security awareness class (Security5) put on by her company's IT department. During the class, the IT department informed all employees that everyone's Internet activity was thenceforth going to be monitored. 

Stephanie is worried that her Internet activity might give her supervisor reason to write her up, or worse get her fired. Stephanie's daily work duties only consume about four hours of her time, so she usually spends the rest of the day surfing the web. Stephanie really enjoys surfing the Internet but definitely does not want to get fired for it. 

What should Stephanie use so that she does not get in trouble for surfing the Internet? 

A. Cookie Disabler 

B. Stealth Anonymizer 

C. Stealth Firefox 

D. Stealth IE 

Answer: C

Explanation: Stealth Firefox If there are times you want to surf the web without leaving a trace in your local computer, then this is the right extension for you.