Cause all that matters here is passing the EC-Council 312-50 exam. Cause all that you need is a high score of 312-50 Ethical Hacking and Countermeasures (CEHv6) exam. The only one thing you need to do is downloading Actualtests 312-50 exam study guides now. We will not let you down with our money-back guarantee.
♥♥ 2021 NEW RECOMMEND ♥♥
Free VCE & PDF File for EC-Council 312-50 Real Exam (Full Version!)
★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW 312-50 Exam Dumps (PDF & VCE):
Available on:
http://www.surepassexam.com/312-50-exam-dumps.html
Q411. How do you defend against ARP Poisoning attack? (Select 2 answers) A. Enable DHCP Snooping Binding Table
B. Restrict ARP Duplicates
C. Enable Dynamic ARP Inspection
D. Enable MAC snooping Table
Answer: AC
Q412. You have successfully brute forced basic authentication configured on a Web Server using Brutus hacking tool. The username/password is “Admin” and “Bettlemani@”. You logon to the system using the brute forced password and plant backdoors and rootkits.
After downloading various sensitive documents from the compromised machine, you proceed to clear the log files to hide your trace..
Which event log located at C:Windowssystem32config contains the trace of your brute force attempts?
A. AppEvent.Evt
B. SecEvent.Evt
C. SysEvent.Evt
D. WinEvent.Evt
Answer: B
Explanation: The Security Event log (SecEvent.Evt) will contain all the failed logins against the system.
Topic 6, Trojans and Backdoors
Q413. This tool is widely used for ARP Poisoning attack. Name the tool.
A. Cain and Able
B. Beat Infector
C. Poison Ivy
D. Webarp Infector
Answer: A
Q414. What is a sniffing performed on a switched network called?
A. Spoofed sniffing
B. Passive sniffing
C. Direct sniffing
D. Active sniffing
Answer: D
Q415. Sally is a network admin for a small company. She was asked to install wireless accesspoints in the building. In looking at the specifications for the access-points, she sees that all of them offer WEP. Which of these are true about WEP?
Select the best answer.
A. Stands for Wireless Encryption Protocol
B. It makes a WLAN as secure as a LAN
C. Stands for Wired Equivalent Privacy
D. It offers end to end security
Answer: C
Explanations:
WEP is intended to make a WLAN as secure as a LAN but because a WLAN is not constrained by wired, this makes access much easier. Also, WEP has flaws that make it less secure than was once thought.WEP does not offer end-to-end security. It only attempts to protect the wireless portion of the network.
Q416. Exhibit
You receive an e-mail with the message displayed in the exhibit.
From this e-mail you suspect that this message was sent by some hacker since you have using their e-mail services for the last 2 years and they never sent out an e-mail as this. You also observe the URL in the message and confirm your suspicion about 340590649. You immediately enter the following at the Windows 2000 command prompt.
ping 340590649
You get a response with a valid IP address. What is the obstructed IP address in the e-mail URL?
A. 192.34.5.9
B. 10.0.3.4
C. 203.2.4.5
D. 199.23.43.4
Answer: C
Explanation: Convert the number in binary, then start from last 8 bits and convert them to decimal to get the last octet (in this case .5)
Q417. nn would like to perform a reliable scan against a remote target. She is not concerned about being stealth at this point.
Which of the following type of scans would be the most accurate and reliable option?
A. A half-scan
B. A UDP scan
C. A TCP Connect scan
D. A FIN scan
Answer: C
Explanation: A TCP Connect scan, named after the Unix connect() system call is the most accurate scanning method. If a port is open the operating system completes the TCP three-way handshake, and the port scanner immediately closes the connection. Otherwise an error code is returned. Example of a three-way handshake followed by a reset: Source Destination Summary
[192.168.0.8] [192.168.0.10] TCP: D=80 S=49389 SYN SEQ=3362197786 LEN=0 WIN=5840
[192.168.0.10] [192.168.0.8] TCP: D=49389 S=80 SYN ACK=3362197787 SEQ=58695210 LEN=0 WIN=65535
[192.168.0.8]
[192.168.0.10] TCP: D=80 S=49389 ACK=58695211 WIN<<2=5840
[192.168.0.8]
[192.168.0.10] TCP: D=80 S=49389 RST ACK=58695211 WIN<<2=5840
Q418. What is the name of the software tool used to crack a single account on Netware Servers using a dictionary attack?
A. NPWCrack
B. NWPCrack
C. NovCrack
D. CrackNov
E. GetCrack
Answer: B
Explanation: NWPCrack is the software tool used to crack single accounts on Netware servers.
Q419. If an attacker's computer sends an IPID of 31400 to a zombie (Idle Scanning) computer on an open port, what will be the response?
A. 31400
B. 31402
C. The zombie will not send a response
D. 31401
Answer: D
Q420. What is a primary advantage a hacker gains by using encryption or programs such as Loki?
A. It allows an easy way to gain administrator rights
B. It is effective against Windows computers
C. It slows down the effective response of an IDS
D. IDS systems are unable to decrypt it
E. Traffic will not be modified in transit
Answer: D
Explanation: Because the traffic is encrypted, an IDS cannot understand it or evaluate the payload.
