Want to know Examcollection 312-50 Exam practice test features? Want to lear more about EC-Council Ethical Hacking and Countermeasures (CEHv6) certification experience? Study Precise EC-Council 312-50 answers to Renewal 312-50 questions at Examcollection. Gat a success with an absolute guarantee to pass EC-Council 312-50 (Ethical Hacking and Countermeasures (CEHv6)) test on your first attempt.
♥♥ 2021 NEW RECOMMEND ♥♥
Free VCE & PDF File for EC-Council 312-50 Real Exam (Full Version!)
★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW 312-50 Exam Dumps (PDF & VCE):
Available on:
http://www.surepassexam.com/312-50-exam-dumps.html
2021 Apr 312-50 practice test
Q321. Bob is doing a password assessment for one of his clients. Bob suspects that security policies are not in place. He also suspects that weak passwords are probably the norm throughout the company he is evaluating. Bob is familiar with password weaknesses and key loggers.
Which of the following options best represents the means that Bob can adopt to retrieve passwords from his clients hosts and servers.
A. Hardware, Software, and Sniffing.
B. Hardware and Software Keyloggers.
C. Passwords are always best obtained using Hardware key loggers.
D. Software only, they are the most effective.
Answer: A
Explanation: Different types of keylogger planted into the environment would retrieve the passwords for Bob..
Q322. This attack uses social engineering techniques to trick users into accessing a fake Web site and divulging personal information. Attackers send a legitimate-looking e-mail asking users to update their information on the company's Web site, but the URLs in the e-mail actually point to a false Web site.
A. Wiresharp attack
B. Switch and bait attack
C. Phishing attack
D. Man-in-the-Middle attack
Answer: C
Q323. What are two things that are possible when scanning UDP ports? (Choose two.
A. A reset will be returned
B. An ICMP message will be returned
C. The four-way handshake will not be completed
D. An RFC 1294 message will be returned
E. Nothing
Answer: BE
Explanation: Closed UDP ports can return an ICMP type 3 code 3 message. No response can mean the port is open or the packet was silently dropped.
Q324. While examining audit logs, you discover that people are able to telnet into the SMTP server on port 25. You would like to block this, though you do not see any evidence of an attack or other wrong doing. However, you are concerned about affecting the normal functionality of the email server. From the following options choose how best you can achieve this objective?
A. Block port 25 at the firewall.
B. Shut off the SMTP service on the server.
C. Force all connections to use a username and password.
D. Switch from Windows Exchange to UNIX Sendmail.
E. None of the above.
Answer: E
Explanation: Blocking port 25 in the firewall or forcing all connections to use username and password would have the consequences that the server is unable to communicate with other SMTP servers. Turning of the SMTP service would disable the email function completely. All email servers use SMTP to communicate with other email servers and therefore changing email server will not help.
Q325. Which of the following would be the best reason for sending a single SMTP message to an address that does not exist within the target company?
A. To create a denial of service attack.
B. To verify information about the mail administrator and his address.
C. To gather information about internal hosts used in email treatment.
D. To gather information about procedures that are in place to deal with such messages.
Answer: C
Explanation: The replay from the email server that states that there is no such recipient will also give you some information about the name of the email server, versions used and so on.
Regenerate 312-50 book:
Q326. _______ is one of the programs used to wardial.
A. DialIT
B. Netstumbler
C. TooPac
D. Kismet
E. ToneLoc
Answer: E
Explanation: ToneLoc is one of the programs used to wardial. While this is considered an "old school" technique, it is still effective at finding backdoors and out of band network entry points.
Q327. Harold just got home from working at Henderson LLC where he works as an IT technician. He was able to get off early because they were not too busy. When he walks into his home office, he notices his teenage daughter on the computer, apparently chatting with someone online. As soon as she hears Harold enter the room, she closes all her windows and tries to act like she was playing a game. When Harold asks her what she was doing, she acts very nervous and does not give him a straight answer. Harold is very concerned because he does not want his daughter to fall victim to online predators and the sort. Harold doesn't necessarily want to install any programs that will restrict the sites his daughter goes to, because he doesn't want to alert her to his trying to figure out what she is doing. Harold wants to use some kind of program that will track her activities online, and send Harold an email of her activity once a day so he can see what she has been up to. What kind of software could Harold use to accomplish this?
A. Install hardware Keylogger on her computer
B. Install screen capturing Spyware on her computer
C. Enable Remote Desktop on her computer
D. Install VNC on her computer
Answer: B
Q328. What type of attack changes its signature and/or payload to avoid detection by antivirus programs?
A. Polymorphic
B. Rootkit C. Boot sector
D. File infecting
Answer: A
Explanation: In computer terminology, polymorphic code is code that mutates while keeping the original algorithm intact. This technique is sometimes used by computer viruses, shellcodes and computer worms to hide their presence.
Q329. You run nmap port Scan on 10.0.0.5 and attempt to gain banner/server information from services running on ports 21, 110 and 123.
Here is the output of your scan results:
Which of the following nmap command did you run?
A. nmap -A -sV -p21,110,123 10.0.0.5
B. nmap -F -sV -p21,110,123 10.0.0.5
C. nmap -O -sV -p21,110,123 10.0.0.5
D. nmap -T -sV -p21,110,123 10.0.0.5
Answer: C
Q330. This method is used to determine the Operating system and version running on a remote target system. What is it called?
A. Service Degradation
B. OS Fingerprinting
C. Manual Target System
D. Identification Scanning
Answer: B