Up to the immediate present EC-Council 312-50 – An Overview 11 to 20

We provide real 312-50 exam questions and answers braindumps in two formats. Download PDF & Practice Tests. Pass EC-Council 312-50 Exam quickly & easily. The 312-50 PDF type is available for reading and printing. You can print more and practice many times. With the help of our EC-Council 312-50 dumps pdf and vce product and material, you can easily pass the 312-50 exam.

2018 NEW RECOMMEND

Free VCE & PDF File for EC-Council 312-50 Real Exam
(Full Version!)

Pass on Your First TRY 100% Money Back Guarantee Realistic Practice Exam Questions

Free Instant Download NEW 312-50 Exam Dumps (PDF & VCE):
Available on:
https://www.certleader.com/312-50-dumps.html

Q11. An Employee wants to bypass detection by a network-based IDS application and does not want to attack the system containing the IDS application. Which of the following strategies can the employee use to evade detection by the network based IDS application? 

A. Create a ping flood 

B. Create a SYN flood 

C. Create a covert network tunnel 

D. Create multiple false positives 

Answer: C

Explanation: HTTP Tunneling is a technique by which communications performed using various network protocols are encapsulated using the HTTP protocol, the network protocols in question usually belonging to the TCP/IP family of protocols. The HTTP protocol therefore acts as a wrapper for a covert channel that the network protocol being tunneled uses to communicate. The HTTP stream with its covert channel is termed a HTTP Tunnel. Very few firewalls blocks outgoing HTTP traffic. 

Q12. Hampton is the senior security analyst for the city of Columbus in Ohio. His primary responsibility is to ensure that all physical and logical aspects of the city's computer network are secure from all angles. Bill is an IT technician that works with Hampton in the same IT department. Bill's primary responsibility is to keep PC's and servers up to date and to keep track of all the agency laptops that the company owns and lends out to its employees. After Bill setup a wireless network for the agency, Hampton made sure that everything was secure. He instituted encryption, rotating keys, turned off SSID broadcasting, and enabled MAC filtering. According to agency policy, only company laptops are allowed to use the wireless network, so Hampton entered all the MAC addresses for those laptops into the wireless security utility so that only those laptops should be able to access the wireless network. 

Hampton does not keep track of all the laptops, but he is pretty certain that the agency only purchases Dell laptops. Hampton is curious about this because he notices Bill working on a Toshiba laptop one day and saw that he was on the Internet. Instead of jumping to conclusions, Hampton decides to talk to Bill's boss and see if they had purchased a Toshiba laptop instead of the usual Dell. Bill's boss said no, so now Hampton is very curious to see how Bill is accessing the Internet. Hampton does site surveys every couple of days, and has yet to see any outside wireless network signals inside the company's building. 

How was Bill able to get Internet access without using an agency laptop? 

A. Bill spoofed the MAC address of Dell laptop 

B. Bill connected to a Rogue access point 

C. Toshiba and Dell laptops share the same hardware address 

D. Bill brute forced the Mac address ACLs 

Answer: B

Q13. Which of the following built-in C/C++ functions you should avoid to prevent your program from buffer overflow attacks? 

A. strcpy() 

B. strcat() 

C. streadd() 

D. strscock() 

Answer: ABC

Explanation: When hunting buffer overflows, the first thing to look for is functions which write into arrays without any way to know the amount of space available. If you get to define the function, you can pass a length parameter in, or ensure that every array you ever pass to it is at least as big as the hard-coded maximum amount it will write. If you're using a function someone else (like, say, the compiler vendor) has provided then avoiding functions like gets(), which take some amount of data over which you have no control and stuff it into arrays they can never know the size of, is a good start. Make sure that functions like the str…() family which expect NUL-terminated strings actually get them – store a '\\0' in the last element of each array involved just before you call the function, if necessary. Strscock() is not a valid C/C++ function. 

Q14. The programmers on your team are analyzing the free, open source software being used to run FTP services on a server in your organization. They notice that there is excessive number of functions in the source code that might lead to buffer overflow. These C++ functions do not check bounds. Identify the line the source code that might lead to buffer overflow. 

A. Line number 31. 

B. Line number 15 

C. Line number 8 

D. Line number 14 

Answer: B

Q15. Vulnerability scanners are automated tools that are used to identify vulnerabilities and misconfigurations of hosts. They also provide information regarding mitigating discovered vulnerabilities. 

Which of the following statements is incorrect? 

A. Vulnerability scanners attempt to identify vulnerabilities in the hosts scanned. 

B. Vulnerability scanners can help identify out-of-date software versions, missing patches, or system upgrades 

C. They can validate compliance with or deviations from the organization's security policy 

D. Vulnerability scanners can identify weakness and automatically fix and patch the vulnerabilities without user intervention 

Answer: D

Q16. You are trying to package a RAT Trojan so that Anti-Virus software will not detect it. Which of the listed technique will NOT be effective in evading Anti-Virus scanner? 

A. Convert the Trojan.exe file extension to Trojan.txt disguising as text file 

B. Break the Trojan into multiple smaller files and zip the individual pieces 

C. Change the content of the Trojan using hex editor and modify the checksum 

D. Encrypt the Trojan using multiple hashing algorithms like MD5 and SHA-1 

Answer: A

Q17. How can you determine if an LM hash you extracted contains a password that is less than 8 characters long? 

A. There is no way to tell because a hash cannot be reversed 

B. The right most portion of the hash is always the same 

C. The hash always starts with AB923D 

D. The left most portion of the hash is always the same 

E. A portion of the hash will be all 0's 

Answer: B

Explanation: When looking at an extracted LM hash, you will sometimes observe that the right most portion is always the same. This is padding that has been added to a password that is less than 8 characters long. 

Q18. Which type of hacker represents the highest risk to your network? 

A. script kiddies 

B. grey hat hackers 

C. black hat hackers 

D. disgruntled employees 

Answer: D

Explanation: The disgruntled users have some permission on your database, versus a hacker who might not get into the database. Global Crossings is a good example of how a disgruntled employee — who took the internal payroll database home on a hard drive — caused big problems for the telecommunications company. The employee posted the names, Social Security numbers and birthdates of company employees on his Web site. He may have been one of the factors that helped put them out of business. 

Q19. Exhibit: 

What type of attack is shown in the above diagram? 

A. SSL Spoofing Attack 

B. Identity Stealing Attack 

C. Session Hijacking Attack 

D. Man-in-the-Middle (MiTM) Attack 

Answer: D

Explanation: A man-in-the-middle attack (MITM) is an attack in which an attacker is able to read, insert and modify at will, messages between two parties without either party knowing that the link between them has been compromised. 

Q20. What makes web application vulnerabilities so aggravating? (Choose two) 

A. They can be launched through an authorized port. 

B. A firewall will not stop them. 

C. They exist only on the Linux platform. 

D. They are detectable by most leading antivirus software. 

Answer: AB

Explanation: As the vulnerabilities exists on a web server, incoming traffic on port 80 will probably be allowed and no firewall rules will stop the attack.