High value of 312-50 exam cram materials and cram for EC-Council certification for IT examinee, Real Success Guaranteed with Updated 312-50 pdf dumps vce Materials. 100% PASS Ethical Hacking and Countermeasures (CEHv6) exam Today!
2016 Jun 312-50 Study Guide Questions:
Q181. What port number is used by LDAP protocol?
Explanation: Active Directory and Exchange use LDAP via TCP port 389 for clients.
Q182. Which port, when configured on a switch receives a copy of every packet that passes through it?
A. R-DUPE Port
B. MIRROR port
C. SPAN port
Q183. Within the context of Computer Security, which of the following statements best describe Social Engineering?
A. Social Engineering is the act of publicly disclosing information.
B. Social Engineering is the act of getting needed information from a person rather than breaking into a system.
C. Social Engineering is the means put in place by human resource to perform time accounting.
D. Social Engineering is a training program within sociology studies.
Explanation: Social engineering is a collection of techniques used to manipulate people into performing actions or divulging confidential information.
Improve 350-018 security:
Q184. Usernames, passwords, e-mail addresses, and the location of CGI scripts may be obtained from which of the following information sources?
A. Company web site
B. Search engines
C. EDGAR Database query
D. Whois query
Explanation: Whois query would not enable us to find the CGI scripts whereas in the actual website, some of them will have scripts written to make the website more user friendly. The EDGAR database would in fact give us a lot of the information requested but not the location of CGI scripts, as would a simple search engine on the Internet if you have the time needed.
Q185. What does FIN in TCP flag define?
A. Used to close a TCP connection
B. Used to abort a TCP connection abruptly
C. Used to indicate the beginning of a TCP connection
D. Used to acknowledge receipt of a previous packet or transmission
Explanation: The FIN flag stands for the word FINished. This flag is used to tear down the virtual connections created using the previous flag (SYN), so because of this reason, the FIN flag always appears when the last packets are exchanged between a connection.
Q186. How do you defend against Privilege Escalation?
A. Use encryption to protect sensitive data
B. Restrict the interactive logon privileges
C. Run services as unprivileged accounts
D. Allow security settings of IE to zero or Low
E. Run users and applications on the least privileges
Approved 350-018 lab:
Q187. In the context of Trojans, what is the definition of a Wrapper?
A. An encryption tool to protect the Trojan.
B. A tool used to bind the Trojan with legitimate file.
C. A tool used to encapsulated packets within a new header and footer.
D. A tool used to calculate bandwidth and CPU cycles wasted by the Trojan.
Explanation: These wrappers allow an attacker to take any executable back-door program and combine it with any legitimate executable, creating a Trojan horse without writing a single line of new code.
Q188. Which of the following is one of the key features found in a worm but not seen in a virus?
A. The payload is very small, usually below 800 bytes.
B. It is self replicating without need for user intervention.
C. It does not have the ability to propagate on its own.
D. All of them cannot be detected by virus scanners.
Explanation: A worm is similar to a virus by its design, and is considered to be a sub-class of a virus. Worms spread from computer to computer, but unlike a virus, it has the capability to travel without any help from a person. A worm takes advantage of file or information transport features on your system, which allows it to travel unaided.
Q189. RC4 is known to be a good stream generator. RC4 is used within the WEP standard on wireless LAN. WEP is known to be insecure even if we are using a stream cipher that is known to be secured.
What is the most likely cause behind this?
A. There are some flaws in the implementation.
B. There is no key management.
C. The IV range is too small.
D. All of the above.
E. None of the above.
Explanation: Because RC4 is a stream cipher, the same traffic key must never be used twice. The purpose of an IV, which is transmitted as plain text, is to prevent any repetition, but a 24-bit IV is not long enough to ensure this on a busy network. The way the IV was used also opened WEP to a related key attack. For a 24-bit IV, there is a 50% probability the same IV will repeat after 5000 packets. Many WEP systems require a key in hexadecimal format. Some users choose keys that spell words in the limited 0-9, A-F hex character set, for example C0DE C0DE C0DE C0DE. Such keys are often easily guessed.
Q190. How do you defend against MAC attacks on a switch?
A. Disable SPAN port on the switch
B. Enable SNMP Trap on the switch
C. Configure IP security on the switch
D. Enable Port Security on the switch
see more 312-50 dumps