Examcollection provides all of the EC-Council certification exam questions and answers that are written for the high standards of technical accuracy. Examcollection.internet is the only site that offers preparation resources for all of the certification exams. Our certified professionals have rich expertise in compiling and also revising the EC-Council EC-Council 312-50 exam questions. The corresponding answers are precise, accurate and within details. These are not only very easily understandable but additionally technical and professional.

♥♥ 2021 NEW RECOMMEND ♥♥

Free VCE & PDF File for EC-Council 312-50 Real Exam (Full Version!)

★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW 312-50 Exam Dumps (PDF & VCE):
Available on: http://www.surepassexam.com/312-50-exam-dumps.html

2021 Apr 312-50 study guide

Q51. The following excerpt is taken from a honeyput log. The log captures activities across three days. There are several intrusion attempts; however, a few are successful. Study the log given below and answer the following question: 

(Note: The objective of this questions is to test whether the student has learnt about passive OS fingerprinting (which should tell them the OS from log captures): can they tell a SQL injection attack signature; can they infer if a user ID has been created by an attacker and whether they can read plain source – destination entries from log entries.) 

What can you infer from the above log? 

A. The system is a windows system which is being scanned unsuccessfully. 

B. The system is a web application server compromised through SQL injection. 

C. The system has been compromised and backdoored by the attacker. 

D. The actual IP of the successful attacker is 

Answer: A

Q52. You are a Administrator of Windows server. You want to find the port number for POP3. What file would you find the information in and where? 

Select the best answer. 

A. %windir%\etc\services 

B. system32\drivers\etc\services 

C. %windir%\system32\drivers\etc\services 

D. /etc/services 

E. %windir%/system32/drivers/etc/services 

Answer: C


Explanations: %windir%\system32\drivers\etc\services is the correct place to look for this information. 

Q53. Which of the following is NOT a reason 802.11 WEP encryption is vulnerable? 

A. There is no mutual authentication between wireless clients and access points 

B. Automated tools like AirSnort are available to discover WEP keys 

C. The standard does not provide for centralized key management 

D. The 24 bit Initialization Vector (IV) field is too small 

Answer: C

Explanation: The lack of centralized key management in itself is not a reason that the WEP encryption is vulnerable, it is the people setting the user shared key that makes it unsecure. 

Q54. Why would you consider sending an email to an address that you know does not exist within the company you are performing a Penetration Test for? 

A. To determine who is the holder of the root account 

B. To perform a DoS 

C. To create needless SPAM 

D. To illicit a response back that will reveal information about email servers and how they treat undeliverable mail 

E. To test for virus protection 

Answer: D

Explanation: Sending a bogus email is one way to find out more about internal servers. Also, to gather additional IP addresses and learn how they treat mail. 

Q55. Which of the following encryption is not based on Block Cipher? 


B. Blowfish 


D. RC4 

Answer: D

Explanation: RC4 (also known as ARC4 or ARCFOUR) is the most widely-used software stream cipher and is used in popular protocols such as Secure Sockets Layer (SSL) (to protect Internet traffic) and WEP (to secure wireless networks). 

Topic 22, Penetration Testing Methodologies 

556. Joel and her team have been going through tons of garbage, recycled paper, and other rubbish in order to find some information about the target they are attempting to penetrate. 

What would you call this kind of activity? 

A. CI Gathering 

B. Scanning 

C. Dumpster Diving 

D. Garbage Scooping 

Answer: C

Up to the minute 312-50 exam cost:

Q56. Which of the following act in the united states specifically criminalizes the transmission of unsolicited commercial e-mail(SPAM) without an existing business relationship. 

A. 2004 CANSPAM Act 

B. 2003 SPAM Preventing Act 

C. 2005 US-SPAM 1030 Act 

D. 1990 Computer Misuse Act 

Answer: A

Explanation: The CAN-SPAM Act of 2003 (Controlling the Assault of Non-Solicited Pornography and Marketing Act) establishes requirements for those who send commercial email, spells out penalties for spammers and companies whose products are advertised in spam if they violate the law, and gives consumers the right to ask emailers to stop spamming them. The law, which became effective January 1, 2004, covers email whose primary purpose is advertising or promoting a commercial product or service, including content on a Web site. A "transactional or relationship message" – email that facilitates an agreed-upon transaction or updates a customer in an existing business relationship – may not contain false or misleading routing information, but otherwise is exempt from most provisions of the CAN-SPAM Act. 

Q57. John is using a special tool on his Linux platform that has a signature database and is therefore able to detect hundred of vulnerabilities in UNIX, Windows, and commonly-used web CGI scripts. Additionally, the database detects DDoS zombies and Trojans. What would be the name of this multifunctional tool? 

A. nmap 

B. hping 

C. nessus 

D. make 

Answer: C

Explanation: Nessus is the world's most popular vulnerability scanner, estimated to be used by over 75,000 organizations world-wide. Nmap is mostly used for scanning, not for detecting vulnerabilities. Hping is a free packet generator and analyzer for the TCP/IP protocol and make is used to automatically build large applications on the *nix plattform. 

Q58. Hackers usually control Bots through: 

A. IRC Channel 

B. MSN Messenger 

C. Trojan Client Software 

D. Yahoo Chat 

E. GoogleTalk 

Answer: A

Explanation: Most of the bots out today has a function to connect to a predetermined IRC channel in order to get orders. 

Q59. Leesa is the senior security analyst for a publicly traded company. The IT department recently rolled out an intranet for company use only with information ranging from training, to holiday schedules, to human resources data. Leesa wants to make sure the site is not accessible from outside and she also wants to ensure the site is Sarbanes-Oxley (SOX) compliant. Leesa goes to a public library as she wants to do some Google searching to verify whether the company's intranet is accessible from outside and has been indexed by Google. Leesa wants to search for a website title of "intranet" with part of the URL containing the word "intranet" and the words "human resources" somewhere in the webpage. 

What Google search will accomplish this? 

A. related:intranet allinurl:intranet:"human resources" 

B. cache:"human resources" inurl:intranet(SharePoint) 

C. intitle:intranet inurl:intranet+intext:"human resources" 

D. site:"human resources"+intext:intranet intitle:intranet 

Answer: C

Q60. If an attacker's computer sends an IPID of 31400 to a zombie (Idle Scanning) computer on an open port, what will be the response? 

A. 31400 

B. 31402 

C. The zombie will not send a response 

D. 31401 

Answer: D