Want to know Testking 312-50 Exam practice test features? Want to lear more about EC-Council Ethical Hacking and Countermeasures (CEHv6) certification experience? Study Download EC-Council 312-50 answers to Improved 312-50 questions at Testking. Gat a success with an absolute guarantee to pass EC-Council 312-50 (Ethical Hacking and Countermeasures (CEHv6)) test on your first attempt.
♥♥ 2021 NEW RECOMMEND ♥♥
Free VCE & PDF File for EC-Council 312-50 Real Exam (Full Version!)
★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW 312-50 Exam Dumps (PDF & VCE):
Available on:
http://www.surepassexam.com/312-50-exam-dumps.html
Q301. While examining a log report you find out that an intrusion has been attempted by a machine whose IP address is displayed as 0xde.0xad.0xbe.0xef. It looks to you like a hexadecimal number. You perform a ping 0xde.0xad.0xbe.0xef. Which of the following IP addresses will respond to the ping and hence will likely be responsible for the the intrusion ?
A. 192.10.25.9
B. 10.0.3.4
C. 203.20.4.5
D. 222.273.290.239
E. 222.173.290.239
Answer: E
Explanation: Convert the hex number to binary and then to decimal.
0xde.0xad.0xbe.0xef translates to 222.173.190.239 and not 222.273.290.239
0xef =
15*1 = 15
14*16 = 224
= 239
0xbe = 14*1 = 14 11*16 = 176
= 190
0xad = 13*1 = 13 10*16 = 160
= 173
0xde = 14*1 = 14 13*16 = 208
= 222
Q302. Jason is the network administrator of Spears Technology. He has enabled SNORT IDS to detect attacks going through his network. He receives Snort SMS alerts on his iPhone whenever there is an attempted intrusion to his network.
He receives the following SMS message during the weekend.
An attacker Chew Siew sitting in Beijing, China had just launched a remote scan on Jason's network with the hping command.
Which of the following hping2 command is responsible for the above snort alert?
A. chenrocks:/home/siew # hping -S -R -P -A -F -U 192.168.2.56 -p 22 -c 5 -t 118
B. chenrocks:/home/siew # hping -F -Q -J -A -C -W 192.168.2.56 -p 22 -c 5 -t 118
C. chenrocks:/home/siew # hping -D -V -R -S -Z -Y 192.168.2.56 -p 22 -c 5 -t 118
D. chenrocks:/home/siew # hping -G -T -H -S -L -W 192.168.2.56 -p 22 -c 5 -t 118
Answer: A
Q303. E-mail scams and mail fraud are regulated by which of the following?
A. 18 U.S.C. par. 1030 Fraud and Related activity in connection with Computers
B. 18 U.S.C. par. 1029 Fraud and Related activity in connection with Access Devices
C. 18 U.S.C. par. 1362 Communication Lines, Stations, or Systems
D. 18 U.S.C. par. 2510 Wire and Electronic Communications Interception and Interception of Oral Communication
Answer: A
Explanation: http://www.law.cornell.edu/uscode/html/uscode18/usc_sec_18_00001030----000-.html
Q304. You want to scan the live machine on the LAN, what type of scan you should use?
A. Connect
B. SYN
C. TCP
D. UDP
E. PING
Answer: E
Explanation: The ping scan is one of the quickest scans that nmap performs, since no actual ports are queried. Unlike a port scan where thousands of packets are transferred between two stations, a ping scan requires only two frames. This scan is useful for locating active devices or determining if ICMP is passing through a firewall.
Q305. Choose one of the following pseudo codes to describe this statement:
If we have written 200 characters to the buffer variable, the stack should stop because it cannot hold any more data.
A. If (I > 200) then exit (1)
B. If (I < 200) then exit (1)
C. If (I <= 200) then exit (1)
D. If (I >= 200) then exit (1)
Answer: D
Q306. What are the limitations of Vulnerability scanners? (Select 2 answers)
A. There are often better at detecting well-known vulnerabilities than more esoteric ones
B. The scanning speed of their scanners are extremely high
C. It is impossible for any, one scanning product to incorporate all known vulnerabilities in a timely manner
D. The more vulnerabilities detected, the more tests required
E. They are highly expensive and require per host scan license
Answer: AC
Q307. Sabotage, Advertising and Covering are the three stages of _____
A. Social engineering
B. Reverse Social Engineering
C. Reverse Software Engineering
D. Rapid Development Engineering
Answer: B
Explanation: Typical social interaction dictates that if someone gives us something then it is only right for us to return the favour. This is known as reverse social engineering, when an attacker sets up a situation where the victim encounters a problem, they ask the attacker for help and once the problem is solved the victim then feels obliged to give the information requested by the attacker.
Q308. John Beetlesman, the hacker has successfully compromised the Linux System of Agent Telecommunications, Inc’s WebServer running Apache. He has downloaded sensitive documents and database files off the machine.
Upon performing various tasks, Beetlesman finally runs the following command on the Linux box before disconnecting.
for ((i=0;i<1;i++));do
?dd if=/dev/random of=/dev/hda && dd if=/dev/zero of=/dev/hda
done
What exactly is John trying to do?
A. He is making a bit stream copy of the entire hard disk for later download
B. He is deleting log files to remove his trace
C. He is wiping the contents of the hard disk with zeros
D. He is infecting the hard disk with random virus strings
Answer: C
Explanation: dd copies an input file to an output file with optional conversions. –if is input file, -of is output file. /dev/zero is a special file that provides as many null characters (ASCII NULL, 0x00; not ASCII character "digit zero", "0", 0x30) as are read from it. /dev/hda is the hard drive.
Q309. "Testing the network using the same methodologies and tools employed by attackers" Identify the correct terminology that defines the above statement.
A. Vulnerability Scanning
B. Penetration Testing
C. Security Policy Implementation
D. Designing Network Security
Answer: B
Q310. James is an IT security consultant as well as a certified ethical hacker. James has been asked to audit the network security of Yerta Manufacturing, a tool manufacturing company in Phoenix. James performs some initial external tests and then begins testing the security from inside the company's network.
James finds some big problems right away; a number of users that are working on Windows XP computers have saved their usernames and passwords used to connect to servers on the network. This way, those users do not have to type in their credentials every time they want access to a server. James tells the IT manager of Yerta Manufacturing about this, and the manager does not believe this is possible on Windows XP. To prove his point, James has a user logon to a computer and then James types in a command that brings up a window that says "Stored User Names and Passwords".
What command did James type in to get this window to come up?
A. To bring up this stored user names and passwords window, James typed in "rundll32.exe storedpwd.dll, ShowWindow"
B. James had to type in "rundll32.exe keymgr.dll, KRShowKeyMgr" to get the window to pop up
C. James typed in the command "rundll32.exe storedpwd.dll" to get the Stored User Names and Passwords window to come up
D. The command to bring up this window is "KRShowKeyMgr"
Answer: B
Explanation: The Stored User Names and Passwords applet lets you assign user names and passwords to use when needing to authenticate yourself to services in domains other than the one you are currently logged into. The normal way of running this applet can be difficult to find quickly, so here is a way to launch it using a desktop shortcut using the rundll32.exe program:
Click on START - RUN and type the following (follwed by ENTER): rundll32.exe
keymgr.dll,KRShowKeyMgr
http://www.tweakxp.com/article37352.aspx