Top Down to date 312-50 exam topics Reviews!

Master the 312-50 Ethical Hacking and Countermeasures (CEHv6) content and be ready for exam day success quickly with this Pass4sure 312-50 free question. We guarantee it!We make it a reality and give you real 312-50 questions in our EC-Council 312-50 braindumps.Latest 100% VALID EC-Council 312-50 Exam Questions Dumps at below page. You can use our EC-Council 312-50 braindumps and pass your exam.


♥♥ 2021 NEW RECOMMEND ♥♥

Free VCE & PDF File for EC-Council 312-50 Real Exam (Full Version!)

★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW 312-50 Exam Dumps (PDF & VCE):
Available on: http://www.surepassexam.com/312-50-exam-dumps.html

Q221. Which of the following tools can be used to perform a zone transfer? 

A. NSLookup 

B. Finger 

C. Dig 

D. Sam Spade 

E. Host 

F. Netcat 

G. Neotrace 

Answer: ACDE

Explanation: There are a number of tools that can be used to perform a zone transfer. Some of these include: NSLookup, Host, Dig, and Sam Spade. 


Q222. As a securing consultant, what are some of the things you would recommend to a company to ensure DNS security? 

Select the best answers. 

A. Use the same machines for DNS and other applications 

B. Harden DNS servers 

C. Use split-horizon operation for DNS servers 

D. Restrict Zone transfers 

E. Have subnet diversity between DNS servers 

Answer: BCDE

Explanations: 

A is not a correct answer as it is never recommended to use a DNS server for any other application. Hardening of the DNS servers makes them less vulnerable to attack. It is recommended to split internal and external DNS servers (called split-horizon operation). Zone transfers should only be accepted from authorized DNS servers. By having DNS servers on different subnets, you may prevent both from going down, even if one of your networks goes down. 


Q223. Kevin has been asked to write a short program to gather user input for a web application. He likes to keep his code neat and simple. He chooses to use printf(str) where he should have ideally used printf(?s? str). What attack will his program expose the web application to? 

A. Cross Site Scripting 

B. SQL injection Attack 

C. Format String Attack 

D. Unicode Traversal Attack 

Answer: C

Explanation: Format string attacks are a new class of software vulnerability discovered around 1999, previously thought harmless. Format string attacks can be used to crash a program or to execute harmful code. The problem stems from the use of unfiltered user input as the format string parameter in certain C functions that perform formatting, such as printf(). A malicious user may use the %s and %x format tokens, among others, to print data from the stack or possibly other locations in memory. One may also write arbitrary data to arbitrary locations using the %n format token, which commands printf() and similar functions to write back the number of bytes formatted to the same argument to printf(), assuming that the corresponding argument exists, and is of type int * . 


Q224. In an attempt to secure his wireless network, Bob implements a VPN to cover the wireless communications. Immediately after the implementation, users begin complaining about how slow the wireless network is. After benchmarking the network’s speed. Bob discovers that throughput has dropped by almost half even though the number of users has remained the same. 

Why does this happen in the VPN over wireless implementation? 

A. The stronger encryption used by the VPN slows down the network. 

B. Using a VPN with wireless doubles the overhead on an access point for all direct client to access point communications. 

C. VPNs use larger packets then wireless networks normally do. 

D. Using a VPN on wireless automatically enables WEP, which causes additional overhead. 

Answer: B

Explanation: By applying VPN the access point will have to recalculate all headers destined for client and from clients twice. 


Q225. James is an IT security consultant as well as a certified ethical hacker. James has been asked to audit the network security of Yerta Manufacturing, a tool manufacturing company in Phoenix. James performs some initial external tests and then begins testing the security from inside the company's network. 

James finds some big problems right away; a number of users that are working on Windows XP computers have saved their usernames and passwords used to connect to servers on the network. This way, those users do not have to type in their credentials every time they want access to a server. James tells the IT manager of Yerta Manufacturing about this, and the manager does not believe this is possible on Windows XP. To prove his point, James has a user logon to a computer and then James types in a command that brings up a window that says "Stored User Names and Passwords". 

What command did James type in to get this window to come up? 

A. To bring up this stored user names and passwords window, James typed in "rundll32.exe storedpwd.dll, ShowWindow" 

B. James had to type in "rundll32.exe keymgr.dll, KRShowKeyMgr" to get the window to pop up 

C. James typed in the command "rundll32.exe storedpwd.dll" to get the Stored User Names and Passwords window to come up 

D. The command to bring up this window is "KRShowKeyMgr" 

Answer: B

Explanation: The Stored User Names and Passwords applet lets you assign user names and passwords to use when needing to authenticate yourself to services in domains other than the one you are currently logged into. The normal way of running this applet can be difficult to find quickly, so here is a way to launch it using a desktop shortcut using the rundll32.exe program: 

Click on START - RUN and type the following (follwed by ENTER): rundll32.exe 

keymgr.dll,KRShowKeyMgr 

http://www.tweakxp.com/article37352.aspx 


Q226. Ethereal works best on ____________. 

A. Switched networks 

B. Linux platforms 

C. Networks using hubs 

D. Windows platforms 

E. LAN's 

Answer: C

Explanation: Ethereal is used for sniffing traffic. It will return the best results when used on an unswitched (i.e. hub. network. 


Q227. What framework architecture is shown in this exhibit? 

A. Core Impact 

B. Metasploit 

C. Immunity Canvas 

D. Nessus 

Answer: B


Q228. Why attackers use proxy servers? 

A. To ensure the exploits used in the attacks always flip reverse vectors 

B. Faster bandwidth performance and increase in attack speed 

C. Interrupt the remote victim's network traffic and reroute the packets to attackers machine 

D. To hide the source IP address so that an attacker can hack without any legal corollary 

Answer: D


Q229. You are the chief information officer for your company, a shipping company based out of Oklahoma City. You are responsible for network security throughout the home office and all branch offices. You have implemented numerous layers of security from logical to physical. As part of your procedures, you perform a yearly network assessment which includes vulnerability analysis, internal network scanning, and external penetration tests. Your main concern currently is the server in the DMZ which hosts a number of company websites. To see how the server appears to external users, you log onto a laptop at a Wi-Fi hot spot. Since you already know the IP address of the web server, you create a telnet session to that server and type in the command: 

HEAD /HTTP/1.0 

After typing in this command, you are presented with the following screen: 

What are you trying to do here? 

A. You are attempting to send an html file over port 25 to the web server. 

B. By typing in the HEAD command, you are attempting to create a buffer overflow on the web server. 

C. You are trying to open a remote shell to the web server. 

D. You are trying to grab the banner of the web server. * 

Answer: D


Q230. John wishes to install a new application onto his Windows 2000 server. 

He wants to ensure that any application he uses has not been Trojaned. 

What can he do to help ensure this? 

A. Compare the file's MD5 signature with the one published on the distribution media 

B. Obtain the application via SSL 

C. Compare the file's virus signature with the one published on the distribution media 

D. Obtain the application from a CD-ROM disc 

Answer: A

Explanation: MD5 was developed by Professor Ronald L. Rivest of MIT. What it does, to quote the executive summary of rfc1321, is: 

[The MD5 algorithm] takes as input a message of arbitrary length and produces as output a 128-bit "fingerprint" or "message digest" of the input. It is conjectured that it is computationally infeasible to produce two messages having the same message digest, or to produce any message having a given prespecified target message digest. The MD5 algorithm is intended for digital signature applications, where a large file must be "compressed" in a secure manner before being encrypted with a private (secret) key under a public-key cryptosystem such as RSA. 

In essence, MD5 is a way to verify data integrity, and is much more reliable than checksum and many other commonly used methods.