10 tips on How to 312-50 Test Like a Badass [331 to 340]

Depending on excellent technology, much better services for customers. Actualtests provide 24 hour customer care with regard to EC-Council examinee and you will obtain what you need realize at any time. Your pleasure in our 312-50 is actually our services objective, the companys shared improvement along with consumers is actually our persistent quest in the large part. So do not think twice to make contact with all of us when you have any queries regarding 312-50 test.

2016 Jun 312-50 dumps

Q331. An attacker runs netcat tool to transfer a secret file between two hosts. 

Machine A: netcat -1 –p 1234 < secretfile Machine B: netcat 192.168.3.4 > 1234 

He is worried about information being sniffed on the network. 

How would the attacker use netcat to encrypt information before transmitting it on the wire? 

A. Machine A: netcat -1 –p –s password 1234 < testfile Machine B: netcat <machine A IP> 1234 

B. Machine A: netcat -1 –e magickey –p 1234 < testfile Machine B: netcat <machine A IP> 1234 

C. Machine A: netcat -1 –p 1234 < testfile –pw password Machine B: netcat <machine A IP> 1234 –pw password 

D. Use cryptcat instead of netcat. 

Answer: D

Explanation: Cryptcat is the standard netcat enhanced with twofish encryption with ports for WIndows NT, BSD and Linux. Twofish is courtesy of counterpane, and cryptix. A default netcat installation does not contain any cryptography support. 


Q332. Which of the following snort rules look for FTP root login attempts? 

A. alert tcp -> any port 21 (msg:"user root";) 

B. alert tcp -> any port 21 (message:"user root";) 

C. alert ftp -> ftp (content:"user password root";) 

D. alert tcp any any -> any any 21 (content:"user root";) 

Answer: D

Explanation: The snort rule header is built by defining action (alert), protocol (tcp), from IP subnet port (any any), to IP subnet port (any any 21), Payload Detection Rule Options (content:”user root”;) 


Q333. Dan is conducting a penetration testing and has found a vulnerability in a Web Application which gave him the sessionID token via a cross site scripting vulnerability. Dan wants to replay this token. However, the session ID manager (on the server) checks the originating IP address as well. Dan decides to spoof his IP address in order to replay the sessionID. Why do you think Dan might not be able to get an interactive session? 

A. Dan cannot spoof his IP address over TCP network 

B. The server will send replies back to the spoofed IP address 

C. Dan can establish an interactive session only if he uses a NAT 

D. The scenario is incorrect as Dan can spoof his IP and get responses 

Answer: B 

Explanation: Spoofing your IP address is only effective when there is no need to establish a two way connection as all traffic meant to go to the attacker will end up at the place of the spoofed address. 


Q334. ou are footprinting Acme.com to gather competitive intelligence. You visit the acme.com websire for contact information and telephone number numbers but do not find it listed there. You know that they had the entire staff directory listed on their website 12 months ago but now it is not there. How would it be possible for you to retrieve information from the website that is outdated? 

A. Visit google search engine and view the cached copy. 

B. Visit Archive.org site to retrieve the Internet archive of the acme website. 

C. Crawl the entire website and store them into your computer. 

D. Visit the company’s partners and customers website for this information. 

Answer: B

Explanation: The Internet Archive (IA) is a non-profit organization dedicated to maintaining an archive of Web and multimedia resources. Located at the Presidio in San Francisco, California, this archive includes "snapshots of the World Wide Web" (archived copies of pages, taken at various points in time), software, movies, books, and audio recordings (including recordings of live concerts from bands that allow it). This site is found at www.archive.org. 


Q335. Steven the hacker realizes that the network administrator of company is using syskey to protect organization resources in the Windows 2000 Server. Syskey independently encrypts the hashes so that physical access to the server, tapes, or ERDs is only first step to cracking the passwords. Steven must break through the encryption used by syskey before he can attempt to brute force dictionary attacks on the hashes. Steven runs a program called “SysCracker” targeting the Windows 2000 Server machine in attempting to crack the hash used by Syskey. He needs to configure the encryption level before he can launch attach. 

How many bits does Syskey use for encryption? 

A. 40 bit 

B. 64 bit 

C. 256 bit 

D. 128 bit 

Answer: D

Explanation: SYSKEY is a utility that encrypts the hashed password information in a SAM database using a 128-bit encryption key. 


312-50  actual exam

Leading 312-50 dumps:

Q336. File extensions provide information regarding the underlying server technology. Attackers can use this information to search vulnerabilities and launch attacks. How would you disable file extensions in Apache servers? 

A. Use disable-eXchange 

B. Use mod_negotiation 

C. Use Stop_Files 

D. Use Lib_exchanges 

Answer: B


Q337. On wireless networks, SSID is used to identify the network. Why are SSID not considered to be a good security mechanism to protect a wireless networks? 

A. The SSID is only 32 bits in length. 

B. The SSID is transmitted in clear text. 

C. The SSID is the same as the MAC address for all vendors. 

D. The SSID is to identify a station, not a network. 

Answer: B

Explanation: The SSID IS constructed to identify a network, it IS NOT the same as the MAC address and SSID’s consists of a maximum of 32 alphanumeric characters. 


Q338. Curt has successfully compromised a web server sitting behind a firewall using a vulnerability in the web server program. He would now like to install a backdoor program but knows that all ports are not open inbound on the firewall. Which port in the list below will most likely be open and allowed to reach the server that Curt has just compromised? (Select the Best Answer) 

A. 53 

B. 25 

C. 110 

D. 69 

Answer: A


Q339. Joe the Hacker breaks into company’s Linux system and plants a wiretap program in order to sniff passwords and user accounts off the wire. The wiretap program is embedded as a Trojan horse in one of the network utilities. Joe is worried that network administrator might detect the wiretap program by querying the interfaces to see if they are running in promiscuous mode. 

Running “ifconfig –a” will produce the following: 

# ifconfig –a 

1o0: flags=848<UP,LOOPBACK,RUNNING,MULTICAST> mtu 8232 

inet 127.0.0.1 netmask ff000000hme0: 

flags=863<UP,BROADCAST,NOTRAILERS,RUNNING,PROMISC,MULTICAST> mtu inet 192.0.2.99 netmask ffffff00 broadcast 134.5.2.255 ether 

8:0:20:9c:a2:35 

What can Joe do to hide the wiretap program from being detected by ifconfig command? 

A. Block output to the console whenever the user runs ifconfig command by running screen capture utiliyu 

B. Run the wiretap program in stealth mode from being detected by the ifconfig command. 

C. Replace original ifconfig utility with the rootkit version of ifconfig hiding Promiscuous information being displayed on the console. 

D. You cannot disable Promiscuous mode detection on Linux systems. 

Answer: C

Explanation: The normal way to hide these rogue programs running on systems is the use crafted commands like ifconfig and ls. 


Q340. While doing fast scan using –F option, which file is used to list the range of ports to scan by nmap? 

A. services 

B. nmap-services 

C. protocols 

D. ports 

Answer: B

Explanation: Nmap uses the nmap-services file to provide additional port detail for almost every scanning method. Every time a port is referenced, it's compared to an available description in this support file. If the nmap-services file isn't available, nmap reverts to the /etc/services file applicable for the current operating system. 



see more 312-50 dumps