Exam Code: 312-50 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: Ethical Hacking and Countermeasures (CEHv6)
Certification Provider: EC-Council
Free Today! Guaranteed Training- Pass 312-50 Exam.
♥♥ 2021 NEW RECOMMEND ♥♥
Free VCE & PDF File for EC-Council 312-50 Real Exam (Full Version!)
★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW 312-50 Exam Dumps (PDF & VCE):
Available on:
http://www.surepassexam.com/312-50-exam-dumps.html
2021 Apr 312-50 free draindumps
Q271. Neil is a network administrator working in Istanbul. Neil wants to setup a protocol analyzer on his network that will receive a copy of every packet that passes through the main office switch. What type of port will Neil need to setup in order to accomplish this?
A. Neil will have to configure a Bridged port that will copy all packets to the protocol analyzer.
B. Neil will need to setup SPAN port that will copy all network traffic to the protocol analyzer.
C. He will have to setup an Ether channel port to get a copy of all network traffic to the analyzer.
D. He should setup a MODS port which will copy all network traffic.
Answer: B
Q272. Which type of password cracking technique works like dictionary attack but adds some numbers and symbols to the words from the dictionary and tries to crack the password?
A. Dictionary attack
B. Brute forcing attack
C. Hybrid attack
D. Syllable attack
E. Rule-based attack
Answer: C
Q273. Which of the following keyloggers can’t be detected by anti-virus or anti-spyware products?
A. Hardware keylogger
B. Software Keylogger
C. Stealth Keylogger
D. Convert Keylogger
Answer: A
Explanation: A hardware keylogger will never interact with the operating system and therefore it will never be detected by any security programs running in the operating system.
Q274. Steven, a security analyst for XYZ associates, is analyzing packets captured by Ethereal on a Linux Server inside his network when the server starts to slow down tremendously. Steven examines the following Ethereal captures:
A. Smurf Attack
B. ARP Spoofing
C. Ping of Death
D. SYN Flood
Answer: A
Explanation: A perpetrator is sending a large amount of ICMP echo (ping) traffic to IP broadcast addresses, all of it having a spoofed source address of the intended victim. If the routing device delivering traffic to those broadcast addresses performs the IP broadcast to layer 2 broadcast function, most hosts on that IP network will take the ICMP echo request and reply to it with an echo reply, multiplying the traffic by the number of hosts responding.
Topic 9, Social Engineering
303. Your boss at ABC.com asks you what are the three stages of Reverse Social Engineering.
A. Sabotage, advertising, Assisting
B. Sabotage, Advertising, Covering
C. Sabotage, Assisting, Billing D. Sabotage, Advertising, Covering
Answer: A
Explanation: Typical social interaction dictates that if someone gives us something then it is only right for us to return the favour. This is known as reverse social engineering, when an attacker sets up a situation where the victim encounters a problem, they ask the attacker for help and once the problem is solved the victim then feels obliged to give the information requested by the attacker.
Q275. What is the correct command to run Netcat on a server using port 56 that spawns command shell when connected?
A. nc -port 56 -s cmd.exe
B. nc -p 56 -p -e shell.exe
C. nc -r 56 -c cmd.exe
D. nc -L 56 -t -e cmd.exe
Answer: D
Leading 312-50 practice test:
Q276. DRAG DROP
Drag the application to match with its correct description.
Exhibit:
Answer:
Q277. In Buffer Overflow exploit, which of the following registers gets overwritten with return address of the exploit code?
A. EIP
B. ESP
C. EAP
D. EEP
Answer: A
Explanation: EIP is the instruction pointer which is a register, it points to your next command.
Q278. John is discussing security with Jane. Jane had mentioned to John earlier that she suspects an LKM has been installed on her server. She believes this is the reason that the server has been acting erratically lately. LKM stands for Loadable Kernel Module.
What does this mean in the context of Linux Security?
A. Loadable Kernel Modules are a mechanism for adding functionality to a file system without requiring a kernel recompilation.
B. Loadable Kernel Modules are a mechanism for adding functionality to an operating-system kernel after it has been recompiled and the system rebooted.
C. Loadable Kernel Modules are a mechanism for adding auditing to an operating-system kernel without requiring a kernel recompilation.
D. Loadable Kernel Modules are a mechanism for adding functionality to an operating-system kernel without requiring a kernel recompilation.
Answer: D
Explanation: Loadable Kernel Modules, or LKM, are object files that contain code to extend the running kernel, or so-called base kernel, without the need of a kernel recompilation. Operating systems other than Linux, such as BSD systems, also provide support for LKM's. However, the Linux kernel generally makes far greater and more versatile use of LKM's than other systems. LKM's are typically used to add support for new hardware, filesystems or for adding system calls. When the functionality provided by an LKM is no longer required, it can be unloaded, freeing memory.
Q279. An attacker runs netcat tool to transfer a secret file between two hosts.
Machine A: netcat -1 –p 1234 < secretfile Machine B: netcat 192.168.3.4 > 1234
He is worried about information being sniffed on the network.
How would the attacker use netcat to encrypt information before transmitting it on the wire?
A. Machine A: netcat -1 –p –s password 1234 < testfile Machine B: netcat <machine A IP> 1234
B. Machine A: netcat -1 –e magickey –p 1234 < testfile Machine B: netcat <machine A IP> 1234
C. Machine A: netcat -1 –p 1234 < testfile –pw password Machine B: netcat <machine A IP> 1234 –pw password
D. Use cryptcat instead of netcat.
Answer: D
Explanation: Cryptcat is the standard netcat enhanced with twofish encryption with ports for WIndows NT, BSD and Linux. Twofish is courtesy of counterpane, and cryptix. A default netcat installation does not contain any cryptography support.
Q280. Richard is a network Administrator working at a student loan company in lowa. This company processes over 20,000 students loan a year from colleges all over the state. Most communication between the company, schools and lenders is carried out through email. Because of privacy laws that are in the process of being implemented, Richard wants to get ahead of the game and become compliant before any sort of auditing occurs. Much of the email communication used at his company contains sensitive information such as social security numbers. For this reason, Richard wants to utilize email encryption agency-wide. The only problem for Richard is that his department only has couple of servers and they are utilized to their full capacity. Since a server-based PKI is not an option for him, he is looking for a low/no cost solution to encrypt email.
What should Richard use?
A. PGP
B. RSA
C. 3DES
D. OTP
Answer: A
Explanation: PGP (Pretty Good Privacy) is an encryption program being used for secure transmission of files and e-mails. This adapts public-key encryption technology in which pairs of keys are used to maintain secure communication. For PGP-based communication both the sender and receiver should have public and private key pairs. The sender's public key should be distributed to the receiver. Similarly, the receiver's public key should be distributed to the sender. When sending a message or a file, the sender can sign using his private key. Also, the sender's private key is never distributed. All encryption is made on the workstation sending the e-mail.
