[Sep 2016] intitle index of 312-50 pdf

EC-Council recognition, which often operates optimum worth from it employment market, may possibly prevent "pirate talent" having a overpriced service charge in addition to rigorous applying system, specially the system pertaining to apply, support the factors to learn an item earned in addition to carry that it is initial "solid feature.Inch The strictness with EC-Council recognition is definitely world-famous in addition to whoever has acquired the document acquired been given around 3-4 situations training. Now, there is certainly even now hardly any the track record you that has passed the recognition analyze merely is definitely educated at least.

2016 Sep ethical hacking and countermeasures exam 312-50:

Q81. DRAG DROP 

Drag the application to match with its correct description. 

Exhibit: 


Answer: 



Q82. What flags are set in a X-MAS scan?(Choose all that apply. 

A. SYN 

B. ACK 

C. FIN 

D. PSH 

E. RST 

F. URG 

Answer: CDF

Explanation: FIN, URG, and PSH are set high in the TCP packet for a X-MAS scan 


Q83. You want to know whether a packet filter is in front of 192.168.1.10. Pings to 192.168.1.10 don't get answered. A basic nmap scan of 192.168.1.10 seems to hang without returning any information. What should you do next? 

A. Use NetScan Tools Pro to conduct the scan 

B. Run nmap XMAS scan against 192.168.1.10 

C. Run NULL TCP hping2 against 192.168.1.10 

D. The firewall is blocking all the scans to 192.168.1.10 

Answer: C


Q84. You have just installed a new Linux file server at your office. This server is going to be used by several individuals in the organization, and unauthorized personnel must not be able to modify any data. 

What kind of program can you use to track changes to files on the server? 

A. Network Based IDS (NIDS) 

B. Personal Firewall 

C. System Integrity Verifier (SIV) 

D. Linux IP Chains 

Answer: C

Explanation: System Integrity Verifiers like Tripwire aids system administrators and users in monitoring a designated set of files for any changes. Used with system files on a regular (e.g., daily) basis, Tripwire can notify system administrators of corrupted or tampered files, so damage control measures can be taken in a timely manner. 


Q85. Sally is a network admin for a small company. She was asked to install wireless accesspoints in the building. In looking at the specifications for the access-points, she sees that all of them offer WEP. Which of these are true about WEP? 

Select the best answer. 

A. Stands for Wireless Encryption Protocol 

B. It makes a WLAN as secure as a LAN 

C. Stands for Wired Equivalent Privacy 

D. It offers end to end security 

Answer: C 

Explanations: 

WEP is intended to make a WLAN as secure as a LAN but because a WLAN is not constrained by wired, this makes access much easier. Also, WEP has flaws that make it less secure than was once thought.WEP does not offer end-to-end security. It only attempts to protect the wireless portion of the network. 


312-50 study guide

Update ethical hacking and countermeasures exam 312-50:

Q86. What is a Trojan Horse? 

A. A malicious program that captures your username and password 

B. Malicious code masquerading as or replacing legitimate code 

C. An unauthorized user who gains access to your user database and adds themselves as a user 

D. A server that is to be sacrificed to all hacking attempts in order to log and monitor the hacking activity 

Answer: B

Explanation: A Trojan Horse is an apparently useful and innocent program containing additional hidden code which allows the unauthorized collection, exploitation, falsification, or destruction of data. 


Q87. What is the term 8 to describe an attack that falsifies a broadcast ICMP echo request and includes a primary and secondary victim? 

A. Fraggle Attack 

B. Man in the Middle Attack 

C. Trojan Horse Attack 

D. Smurf Attack 

E. Back Orifice Attack 

Answer: D

Explanation: Trojan and Back orifice are Trojan horse attacks. Man in the middle spoofs the Ip and redirects the victems packets to the cracker The infamous Smurf attack. preys on ICMP's capability to send traffic to the broadcast address. Many hosts can listen and respond to a single ICMP echo request sent to a broadcast address. 

Network Intrusion Detection third Edition by Stephen Northcutt and Judy Novak pg 70 The "smurf" attack's cousin is called "fraggle", which uses UDP echo packets in the same fashion as the ICMP echo packets; it was a simple re-write of "smurf". 


Q88. Blane is a security analyst for a law firm. One of the lawyers needs to send out an email to a client but he wants to know if the email is forwarded on to any other recipients. The client is explicitly asked not to re-send the email since that would be a violation of the lawyer's and client's agreement for this particular case. What can Blane use to accomplish this? 

A. He can use a split-DNS service to ensure the email is not forwarded on. 

B. A service such as HTTrack would accomplish this. 

C. Blane could use MetaGoofil tracking tool. 

D. Blane can use a service such as ReadNotify tracking tool. 

Answer: D


Q89. Jake is a network administrator who needs to get reports from all the computer and network devices on his network. Jake wants to use SNMP but is afraid that won't be secure since passwords and messages are in clear text. How can Jake gather network information in a secure manner? 

A. He can use SNMPv3 

B. Jake can use SNMPrev5 

C. He can use SecWMI 

D. Jake can use SecSNMP 

Answer: A


Q90. Which of the following steganography utilities exploits the nature of white space and allows the user to conceal information in these white spaces? 

A. Snow 

B. Gif-It-Up 

C. NiceText 

D. Image Hide 

Answer: A

Explanation: The program snow is used to conceal messages in ASCII text by appending whitespace to the end of lines. Because spaces and tabs are generally not visible in text viewers, the message is effectively hidden from casual observers. And if the built-in encryption is used, the message cannot be read even if it is detected. 



see more 312-50 dumps