How Does Actualtests EC-Council 312-50 question Work?


♥♥ 2017 NEW RECOMMEND ♥♥

Free VCE & PDF File for EC-Council 312-50 Real Exam (Full Version!)

★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW 312-50 Exam Dumps (PDF & VCE):
Available on: http://www.surepassexam.com/312-50-exam-dumps.html

2017 Apr 312-50 practice test

Q141. Jonathan being a keen administrator has followed all of the best practices he could find on securing his Windows Server. He renamed the Administrator account to a new name that can’t be easily guessed but there remain people who attempt to compromise his newly renamed administrator account. How can a remote attacker decipher the name of the administrator account if it has been renamed? 

A. The attacker guessed the new name 

B. The attacker used the user2sid program 

C. The attacker used to sid2user program 

D. The attacker used NMAP with the V option 

Answer: C

Explanation: User2sid.exe can retrieve a SID from the SAM (Security Accounts Manager) from the local or a remote machine Sid2user.exe can then be used to retrieve the names of all the user accounts and more. These utilities do not exploit a bug but call the functions LookupAccountName and LookupAccountSid respectively. What is more these can be called against a remote machine without providing logon credentials save those needed for a null session connection. 


Q142. Who is an Ethical Hacker? 

A. A person who hacks for ethical reasons 

B. A person who hacks for an ethical cause 

C. A person who hacks for defensive purposes 

D. A person who hacks for offensive purposes 

Answer: C

Explanation: The Ethical hacker is a security professional who applies his hacking skills for defensive purposes. 


Q143. In Trojan terminology, what is required to create the executable file chess.exe as shown below? 

A. Mixer 

B. Converter 

C. Wrapper 

D. Zipper 

Answer: C


Q144. What port number is used by LDAP protocol? 

A. 110 

B. 389 

C. 445 

D. 464 

Answer:

Explanation: Active Directory and Exchange use LDAP via TCP port 389 for clients. 


Q145. What type of session hijacking attack is shown in the exhibit? 

A. Cross-site scripting Attack 

B. SQL Injection Attack 

C. Token sniffing Attack 

D. Session Fixation Attack 

Answer: D


Q146. What attack is being depicted here? 

A. Cookie Stealing 

B. Session Hijacking 

C. Cross Site scripting 

D. Parameter Manipulation 

Answer: D

Explanation: Manipulating the data sent between the browser and the web application to an attacker's advantage has long been a simple but effective way to make applications do things in a way the user often shouldn't be able to. In a badly designed and developed web application, malicious users can modify things like prices in web carts, session tokens or values stored in cookies and even HTTP headers. In this case the user has elevated his rights. 


Q147. Lori has just been tasked by her supervisor conduct vulnerability scan on the corporate network. She has been instructed to perform a very thorough test of the network to ensure that there are no security holes on any of the machines. Lori’s company does not own any commercial scanning products, so she decides to download a free one off the Internet. Lori has never done a vulnerability scan before, so she is unsure of some of the settings available in the software she downloaded. One of the option is to choose which ports that can be scanned. Lori wants to do exactly what her boos has told her, but she does not know ports should be scanned. 

If Lori is supposed to scan all known TCP ports, how many ports should she select in the software? 

A. 65536 

B. 1024 

C. 1025 

D. Lori should not scan TCP ports, only UDP ports 

Answer: A

Explanation: In both TCP and UDP, each packet header will specify a source port and a destination port, each of which is a 16-bit unsigned integer (i.e. ranging from 0 to 65535). 


Q148. Neil is an IT security consultant working on contract for Davidson Avionics. Neil has been hired to audit the network of Davidson Avionics. He has been given permission to perform any tests necessary. Neil has created a fake company ID badge and uniform. Neil waits by one of the company's entrance doors and follows an employee into the office after they use their valid access card to gain entrance. What type of social engineering attack has Neil employed here? 

A. Neil has used a tailgating social engineering attack to gain access to the offices 

B. He has used a piggybacking technique to gain unauthorized access 

C. This type of social engineering attack is called man trapping 

D. Neil is using the technique of reverse social engineering to gain access to the offices of Davidson Avionics 

Answer: A


Q149. You are trying to break into a highly classified top-secret mainframe computer with highest security system in place at Merclyn Barley Bank located in Los Angeles. You know that conventional hacking doesn't work in this case, because organizations such as banks are generally tight and secure when it comes to protecting their systems. In other words you are trying to penetrate an otherwise impenetrable system. How would you proceed? 

A. Look for "zero-day" exploits at various underground hacker websites in Russia and China and buy the necessary exploits from these hackers and target the bank's network B. Try to hang around the local pubs or restaurants near the bank, get talking to a poorly-paid or disgruntled employee, and offer them money if they'll abuse their access privileges by providing you with sensitive information 

C. Launch DDOS attacks against Merclyn Barley Bank's routers and firewall systems using 100,000 or more "zombies" and "bots" 

D. Try to conduct Man-in-the-Middle (MiTM) attack and divert the network traffic going to the Merclyn Barley Bank's Webserver to that of your machine using DNS Cache Poisoning techniques 

Answer: B


Q150. TCP/IP Session Hijacking is carried out in which OSI layer? 

A. Transport layer 

B. Datalink layer 

C. Physical Layer 

D. Network Layer 

Answer: A