Your success in EC-Council 312-50 is our sole target and we develop all our 312-50 braindumps in a way that facilitates the attainment of this target. Not only is our 312-50 study material the best you can find, it is also the most detailed and the most updated. 312-50 Practice Exams for EC-Council 312-50 are written to the highest standards of technical accuracy.
♥♥ 2021 NEW RECOMMEND ♥♥
Free VCE & PDF File for EC-Council 312-50 Real Exam (Full Version!)
★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW 312-50 Exam Dumps (PDF & VCE):
Available on:
http://www.surepassexam.com/312-50-exam-dumps.html
Q381. ou have hidden a Trojan file virus.exe inside another file readme.txt using NTFS streaming.
Which command would you execute to extract the Trojan to a standalone file?
A. c:> type readme.txt:virus.exe > virus.exe
B. c:> more readme.txt | virus.exe > virus.exe
C. c:> cat readme.txt:virus.exe > virus.exe
D. c:> list redme.txt$virus.exe > virus.exe
Answer: C
Explanation: cat will concatenate, or write, the alternate data stream to its own file named virus.exe
Q382. 802.11b is considered a ____________ protocol.
A. Connectionless
B. Secure
C. Unsecure
D. Token ring based
E. Unreliable
Answer: C
Explanation: 802.11b is an insecure protocol. It has many weaknesses that can be used by a hacker.
Q383. You are the chief information officer for your company, a shipping company based out of Oklahoma City. You are responsible for network security throughout the home office and all branch offices. You have implemented numerous layers of security from logical to physical. As part of your procedures, you perform a yearly network assessment which includes vulnerability analysis, internal network scanning, and external penetration tests. Your main concern currently is the server in the DMZ which hosts a number of company websites. To see how the server appears to external users, you log onto a laptop at a Wi-Fi hot spot. Since you already know the IP address of the web server, you create a telnet session to that server and type in the command:
HEAD /HTTP/1.0
After typing in this command, you are presented with the following screen:
What are you trying to do here?
A. You are attempting to send an html file over port 25 to the web server.
B. By typing in the HEAD command, you are attempting to create a buffer overflow on the web server.
C. You are trying to open a remote shell to the web server.
D. You are trying to grab the banner of the web server. *
Answer: D
Q384. Bob is a Junior Administrator at ABC.com is searching the port number of POP3 in a file. The partial output of the file is look like:
In which file he is searching?
A. services
B. protocols
C. hosts
D. resolve.conf
Answer: A
Explanation: The port numbers on which certain standard services are offered are defined in the RFC 1700 Assigned Numbers. The /etc/services file enables server and client programs to convert service names to these numbers -ports. The list is kept on each host and it is stored in the file /etc/services.
Q385. Jeremy is web security consultant for Information Securitas. Jeremy has just been hired to perform contract work for a large state agency in Michigan. Jeremy's first task is to scan all the company's external websites. Jeremy comes upon a login page which appears to allow employees access to sensitive areas on the website. James types in the following statement in the username field:
SELECT * from Users where username='admin' ?AND password='' AND email like '%@testers.com%'
What will the SQL statement accomplish?
A. If the page is susceptible to SQL injection, it will look in the Users table for usernames of admin
B. This statement will look for users with the name of admin, blank passwords, and email addresses that end in @testers.com
C. This Select SQL statement will log James in if there are any users with NULL passwords
D. James will be able to see if there are any default user accounts in the SQL database
Answer: A
Q386. File extensions provide information regarding the underlying server technology. Attackers can use this information to search vulnerabilities and launch attacks. How would you disable file extensions in Apache servers?
A. Use disable-eXchange
B. Use mod_negotiation
C. Use Stop_Files
D. Use Lib_exchanges
Answer: B
Q387. Ethereal works best on ____________.
A. Switched networks
B. Linux platforms
C. Networks using hubs
D. Windows platforms
E. LAN's
Answer: C
Explanation: Ethereal is used for sniffing traffic. It will return the best results when used on an unswitched (i.e. hub. network.
Q388. What type of attack changes its signature and/or payload to avoid detection by antivirus programs?
A. Polymorphic
B. Rootkit C. Boot sector
D. File infecting
Answer: A
Explanation: In computer terminology, polymorphic code is code that mutates while keeping the original algorithm intact. This technique is sometimes used by computer viruses, shellcodes and computer worms to hide their presence.
Q389. Why attackers use proxy servers?
A. To ensure the exploits used in the attacks always flip reverse vectors
B. Faster bandwidth performance and increase in attack speed
C. Interrupt the remote victim's network traffic and reroute the packets to attackers machine
D. To hide the source IP address so that an attacker can hack without any legal corollary
Answer: D
Q390. Study the following e-mail message. When the link in the message is clicked, it will take you to an address like: http://hacker.xsecurity.com/in.htm. Note that hacker.xsecurity.com is not an official SuperShopper site!
What attack is depicted in the below e-mail?
Dear SuperShopper valued member,
Due to concerns, for the safety and integrity of the SuperShopper community we have issued this warning message. It has come to our attention that your account information needs to be updated due to inactive members, frauds and spoof reports.
If you could please take 5-10 minutes out of your online experience and renew your records you will not run into any future problems with the online service. However, failure to update your records will result to your account cancellation. This notification expires within 24 hours.
Once you have updated your account records your SuperShopper will not be interrupted and will continue as normal.
Please follow the link below and renew your account information.
https://www.supershopper.com/cgi-bin/webscr?cmd=update-run
SuperShopper Technical Support http://www.supershopper.com
A. Phishing attack
B. E-mail spoofing
C. social engineering
D. Man in the middle attack
Answer: A
Explanation: Phishing is a criminal activity using social engineering techniques. Phishers attempt to fraudulently acquire sensitive information, such as passwords and credit card details, by masquerading as a trustworthy person or business in an electronic communication. Phishing is typically carried out using email or an instant message, although phone contact has been used as well.
