EC-Council 312-50 ExamEthical Hacking and Countermeasures (CEHv6)

Total Question: 765 Last Updated: November 01,2017
  • Updated 312-50 Dumps
  • Based on Real 312-50 Exams Scenarios
  • Free 312-50 pdf Demo Available
  • Check out our 312-50 Dumps in a new PDF format
  • Instant 312-50 download
  • Guarantee 312-50 success in first attempt

Price: $65.95 $29.99

Buy Now Free Trial

Jul 2017 updated: Testking EC-Council 312-50 test engine 311-320

Proper study guides for Update EC-Council Ethical Hacking and Countermeasures (CEHv6) certified begins with EC-Council 312-50 preparation products which designed to deliver the Breathing 312-50 questions by making you pass the 312-50 test at your first time. Try the free 312-50 demo right now.

Q311. What is the goal of a Denial of Service Attack? 

A. Capture files from a remote computer. 

B. Render a network or computer incapable of providing normal service. 

C. Exploit a weakness in the TCP stack. 

D. Execute service at PS 1009. 

Answer: B

Explanation: In computer security, a denial-of-service attack (DoS attack) is an attempt to make a computer resource unavailable to its intended users. Typically the targets are high-profile web servers, and the attack attempts to make the hosted web pages unavailable on the Internet. It is a computer crime that violates the Internet proper use policy as indicated by the Internet Architecture Board (IAB). 

Q312. While scanning a network you observe that all of the web servers in the DMZ are responding to ACK packets on port 80. 

What can you infer from this observation? 

A. They are using Windows based web servers. 

B. They are using UNIX based web servers. 

C. They are not using an intrusion detection system. 

D. They are not using a stateful inspection firewall. 

Answer: D

Explanation: If they used a stateful inspection firewall this firewall would know if there has been a SYN-ACK before the ACK. 

Q313. ou are attempting to crack LM Manager hashed from Windows 2000 SAM file. You will be using LM Brute force hacking tool for decryption. 

What encryption algorithm will you be decrypting? 

A. MD4 




Answer: B

Explanation: The LM hash is computed as follows.1. The user’s password as an OEM string is converted to uppercase. 2. This password is either null-padded or truncated to 14 bytes. 3. The “fixed-length” password is split into two 7-byte halves. 4. These values are used to create two DES keys, one from each 7-byte half. 5. Each of these keys is used to DES-encrypt the constant ASCII string “KGS!@#$%”, resulting in two 8-byte ciphertext values. 6. These two ciphertext values are concatenated to form a 16-byte value, which is the LM hash. 

Q314. Which of the following is an automated vulnerability assessment tool. 

A. Whack a Mole 

B. Nmap 

C. Nessus 

D. Kismet 

E. Jill32 


Explanation: Nessus is a vulnerability assessment tool. 

Q315. There are two types of honeypots- high and low interaction. Which of these describes a low interaction honeypot? 

Select the best answers. 

A. Emulators of vulnerable programs 

B. More likely to be penetrated 

C. Easier to deploy and maintain 

D. Tend to be used for production 

E. More detectable 

F. Tend to be used for research 

Answer: ACDE


A low interaction honeypot would have emulators of vulnerable programs, not the real programs. 

A high interaction honeypot is more likely to be penetrated as it is running the real program and is more vulnerable than an emulator. 

Low interaction honeypots are easier to deploy and maintain. Usually you would just use a program that is already available for download and install it. Hackers don't usually crash or destroy these types of programs and it would require little maintenance. 

A low interaction honeypot tends to be used for production. 

Low interaction honeypots are more detectable because you are using emulators of the real programs. Many hackers will see this and realize that they are in a honeypot. 

A low interaction honeypot tends to be used for production. A high interaction honeypot tends to be used for research. 

Q316. Which of the following are potential attacks on cryptography? (Select 3) 

A. One-Time-Pad Attack 

B. Chosen-Ciphertext Attack 

C. Man-in-the-Middle Attack 

D. Known-Ciphertext Attack 

E. Replay Attack 

Answer: BCE

Explanation: A chosen-ciphertext attack (CCA) is an attack model for cryptanalysis in which the cryptanalyst chooses a ciphertext and causes it to be decrypted with an unknown key. Specific forms of this attack are sometimes termed "lunchtime" or "midnight" attacks, referring to a scenario in which an attacker gains access to an unattended decryption machine. In cryptography, a man-in-the-middle attack (MITM) is an attack in which an attacker is able to read, insert and modify at will, messages between two parties without either party knowing that the link between them has been compromised. The attacker must be able to observe and intercept messages going between the two victims. A replay attack is a form of network attack in which a valid data transmission is maliciously or fraudulently repeated or delayed. This is carried out either by the originator or by an adversary who intercepts the data and retransmits it, possibly as part of a masquerade attack by IP packet substitution (such as stream cipher attack). 

Q317. If you perform a port scan with a TCP ACK packet, what should an OPEN port return? 


B. No Reply 




Explanation: Open ports return RST to an ACK scan. 

Q318. What ICMP message types are used by the ping command? 

A. Timestamp request (13) and timestamp reply (14) 

B. Echo request (8) and Echo reply (0) 

C. Echo request (0) and Echo reply (1) 

D. Ping request (1) and Ping reply (2) 

Answer: B

Explanation: ICMP Type 0 = Echo Reply, ICMP Type 8 = Echo 

Q319. Paul has just finished setting up his wireless network. He has enabled numerous security features such as changing the default SSID, enabling WPA encryption and enabling MAC filtering on hi wireless router. Paul notices when he uses his wireless connection, the speed is sometimes 54 Mbps and sometimes it is only 24mbps or less. Paul connects to his wireless router’s management utility and notices that a machine with an unfamiliar name is connected through his wireless connection. Paul checks the router’s logs and notices that the unfamiliar machine has the same MAC address as his laptop. 

What is Paul seeing here? 

A. MAC Spoofing 

B. Macof 

C. ARP Spoofing 

D. DNS Spoofing 

Answer: A

Explanation: You can fool MAC filtering by spoofing your MAC address and pretending to have some other computers MAC address. 

Topic 16, Virus and Worms 

423. Virus Scrubbers and other malware detection program can only detect items that they are aware of. Which of the following tools would allow you to detect unauthorized changes or modifications of binary files on your system by unknown malware? 

A. System integrity verification tools 

B. Anti-Virus Software 

C. A properly configured gateway 

D. There is no way of finding out until a new updated signature file is released 

Answer: A

Explanation: Programs like Tripwire aids system administrators and users in monitoring a designated set of files for any changes. Used with system files on a regular (e.g., daily) basis, Tripwire can notify system administrators of corrupted or tampered files, so damage control measures can be taken in a timely manner. 

Q320. Why would an ethical hacker use the technique of firewalking? 

A. It is a technique used to discover wireless network on foot. 

B. It is a technique used to map routers on a network link. 

C. It is a technique used to discover the nature of rules configured on a gateway. 

D. It is a technique used to discover interfaces in promiscuous mode. 

Answer: C

Explanation: Firewalking uses a traceroute-like IP packet analysis to determine whether or not a particular packet can pass from the attacker’s host to a destination host through a packet-filtering device. This technique can be used to map ‘open’ or ‘pass through’ ports on a gateway. More over, it can determine whether packets with various control information can pass through a given gateway. 

Related 312-50 Articles

best-it-exam-    | for-our-work-    | hottst-on-sale-    | it-sale-    | tast-dumps-us-    | test-king-number-    | pass-do-it-    | just-do-it-    | pass-with-us-    | passresults-everything-    | passtutor-our-dumps-    | realtests-us-exam-    | latest-update-source-for-    | cbtnuggets-sale-exam    | experts-revised-exam    | certguide-sale-exam    | test4actual-sale-exam    | get-well-prepared-    | certkiller-sale-exam    | buy-discount-dumps    | how-to-get-prepared-for-the    | in-an-easy-way    | brain-dumps-sale    | with-pass-exam-guarantee    | accurate-study-material    | at-first-try    | 100%-successful-rate    | get-certification-easily    | material-provider-exam    | real-exam-practice    | with-pass-score-guarantee    | certification-material-provider    | for-certification-professionals    | get-your-certification-successfully    | 100%-Pass-Rate    | in-pdf-file    | practice-exam-for    | it-study-guides    | study-material-sku    | study-guide-pdf    | prep-guide-demo    | certification-material-id    | actual-tests-demo    | brain-demos-test    | best-pdf-download    | our-certification-material    | best-practice-test    | leading-provider-on    | this-course-is-about    | the-most-reliable    | high-pass-rate-of    | money-back-guarantee    | high-pass-rate-demo    | recenty-updated-key    | only-for-students-free-download    | courseware-plus-kit-for    | accurate-answers-of    | the-most-reliable-id    | provide-training-for    | welcome-to-buy    | material-for-success-pass    | provide-free-support    | best-book-for-pass    | accuracy-of-the-answers    | pass-guarantee-id    |    |    |