Actualtests 312-50 Questions are updated and all 312-50 answers are verified by experts. Once you have completely prepared with our 312-50 exam prep kits you will be ready for the real 312-50 exam without a problem. We have Rebirth EC-Council 312-50 dumps study guide. PASSED 312-50 First attempt! Here What I Did.

Q371. You are scanning the target network for the first time. You are able to detect few convention open ports. While attempting to perform conventional service identification by connecting to the open ports, the scan yields either bad or no result. As you are unsure of the protocols in use, you want to discover as many different protocols as possible. Which of the following scan options can help you achieve this? 

A. Nessus sacn with TCP based pings 

B. Netcat scan with the switches 

C. Nmap scan with the P (ping scan) switch 

D. Nmap with the O (Raw IP Packets switch 

Answer: D

Explanation: -sO IP protocol scans: This method is used to determine which IP protocols are supported on a host. The technique is to send raw IP packets without any further protocol header to each specified protocol on the target machine. If we receive an ICMP protocol unreachable message, then the protocol is not in use. Otherwise we assume it is open. Note that some hosts (AIX, HP-UX, Digital UNIX) and firewalls may not send protocol unreachable messages. 


Q372. You have performed the traceroute below and notice that hops 19 and 20 both show the same IP address. 

What can be inferred from this output? 

1 172.16.1.254 (172.16.1.254) 0.724 ms 3.285 ms 0.613 ms 2 ip68-98-176-1.nv.nv.cox.net (68.98.176.1) 12.169 ms 14.958 ms 13.416 ms 3 ip68-98-176-1.nv.nv.cox.net (68.98.176.1) 13.948 ms ip68-100-0-1.nv.nv.cox.net 

(68.100.0.1) 16.743 ms 16.207 ms 4 ip68-100-0-137.nv.nv.cox.net (68.100.0.137) 17.324 ms 12.933 ms 20.938 ms 

5 68.1.1.4 (68.1.1.4) 12.439 ms 220.166 ms 204.170 ms 6 so-6-0-0.gar2.wdc1.Level3.net (67.29.170.1) 16.177 ms 25.943 ms 14.104 ms 7 unknown.Level3.net (209.247.9.173) 14.227 ms 17.553 ms 15.415 ms 8 so-0-1-0.bbr1.NewYork1.level3.net (64.159.1.41) 17.063 ms 20.960 ms 19.512 ms 9 so-7-0-0-gar1.NewYork1.Level3.net (64.159.1.182) 20.334 ms 19.440 ms 17.938 ms 10 so-4-0-0.edge1.NewYork1.Level3.net (209.244.17.74) 27.526 ms 18.317 ms 21.202 ms 11 uunet-level3-oc48.NewYork1.Level3.net (209.244.160.12) 21.411 ms 19.133 ms 18.830 ms 12 0.so-6-0-0.XL1.NYC4.ALTER.NET (152.63.21.78) 21.203 ms 22.670 ms 20.11 ms 13 0.so-2-0-0.TL1.NYC8.ALTER.NET (152.63.0.153) 30.929 ms 24.858 ms 23.108 ms 14 0.so-4-1-0.TL1.ATL5.ALTER.NET (152.63.10.129) 38.894 ms 33.244 33.910 ms 15 0.so-7-0-0.XL1.MIA4.ALTER.NET (152.63.86.189) 51.165 ms 49.935 ms 49.466 ms 16 0.so-3-0-0.XR1.MIA4.ALTER.NET (152.63.101.41) 50.937 ms 49.005 ms 51.055 ms 17 117.ATM6-0.GW5.MIA1.ALTER.NET (152.63.82.73) 51.897 ms 50.280 ms 53.647 ms 18 example-gwl.customer.alter.net (65.195.239.14) 51.921 ms 51.571 ms 56.855 ms 19 www.ABC.com (65.195.239.22) 52.191 ms 52.571 ms 56.855 ms 20 www.ABC.com (65.195.239.22) 53.561 ms 54.121 ms 58.333 ms 

A. An application proxy firewall 

B. A stateful inspection firewall 

C. A host based IDS 

D. A Honeypot 

Answer: B


Q373. Neil is a network administrator working in Istanbul. Neil wants to setup a protocol analyzer on his network that will receive a copy of every packet that passes through the main office switch. What type of port will Neil need to setup in order to accomplish this? 

A. Neil will have to configure a Bridged port that will copy all packets to the protocol analyzer. 

B. Neil will need to setup SPAN port that will copy all network traffic to the protocol analyzer. 

C. He will have to setup an Ether channel port to get a copy of all network traffic to the analyzer. 

D. He should setup a MODS port which will copy all network traffic. 

Answer: B


Q374. Bob is a Junior Administrator at ABC Company. He is installing the RedHat Enterprise Linux on his machine. At installation time, he removed the “Use MD5” options. What will be the hashing standard? 

A. MD2 

B. DES 

C. 3DES 

D. RSA 

Answer: B

Explanation: crypt() will return an encrypted string using the standard Unix DES-based encryption algorithm or alternative algorithms that may be available on the system. By removing the “Use MD5” option Bob forces crypt() to revert to DES encryption. 


Q375. Your company has blocked all the ports via external firewall and only allows port 80/443 to connect to the Internet. You want to use FTP to connect to some remote server on the Internet. How would you accomplish this? 

A. Use HTTP Tunneling 

B. Use Proxy Chaining 

C. Use TOR Network 

D. Use Reverse Chaining 

Answer: A


Q376. Sandra is the security administrator of ABC.com. One day she notices that the ABC.com Oracle database server has been compromised and customer information along with financial data has been stolen. The financial loss will be estimated in millions of dollars if the database gets into the hands of competitors. Sandra wants to report this crime to the law enforcement agencies immediately. 

Which organization coordinates computer crime investigations throughout the United States? 

A. NDCA 

B. NICP 

C. CIRP 

D. NPC 

E. CIA 

Answer: D


Q377. Study the following e-mail message. When the link in the message is clicked, it will take you to an address like: http://hacker.xsecurity.com/in.htm. Note that hacker.xsecurity.com is not an official SuperShopper site! 

What attack is depicted in the below e-mail? 

Dear SuperShopper valued member, 

Due to concerns, for the safety and integrity of the SuperShopper community we have issued this warning message. It has come to our attention that your account information needs to be updated due to inactive members, frauds and spoof reports. 

If you could please take 5-10 minutes out of your online experience and renew your records you will not run into any future problems with the online service. However, failure to update your records will result to your account cancellation. This notification expires within 24 hours. 

Once you have updated your account records your SuperShopper will not be interrupted and will continue as normal. 

Please follow the link below and renew your account information. 

https://www.supershopper.com/cgi-bin/webscr?cmd=update-run 

SuperShopper Technical Support http://www.supershopper.com 

A. Phishing attack 

B. E-mail spoofing 

C. social engineering 

D. Man in the middle attack 

Answer: A

Explanation: Phishing is a criminal activity using social engineering techniques. Phishers attempt to fraudulently acquire sensitive information, such as passwords and credit card details, by masquerading as a trustworthy person or business in an electronic communication. Phishing is typically carried out using email or an instant message, although phone contact has been used as well. 


Q378. Which of the following encryption is not based on Block Cipher? 

A. DES 

B. Blowfish 

C. AES 

D. RC4 

Answer: D

Explanation: RC4 (also known as ARC4 or ARCFOUR) is the most widely-used software stream cipher and is used in popular protocols such as Secure Sockets Layer (SSL) (to protect Internet traffic) and WEP (to secure wireless networks). 

Topic 22, Penetration Testing Methodologies 

556. Joel and her team have been going through tons of garbage, recycled paper, and other rubbish in order to find some information about the target they are attempting to penetrate. 

What would you call this kind of activity? 

A. CI Gathering 

B. Scanning 

C. Dumpster Diving 

D. Garbage Scooping 

Answer: C


Q379. On wireless networks, SSID is used to identify the network. Why are SSID not considered to be a good security mechanism to protect a wireless networks? 

A. The SSID is only 32 bits in length. 

B. The SSID is transmitted in clear text. 

C. The SSID is the same as the MAC address for all vendors. 

D. The SSID is to identify a station, not a network. 

Answer: B

Explanation: The SSID IS constructed to identify a network, it IS NOT the same as the MAC address and SSID’s consists of a maximum of 32 alphanumeric characters. 


Q380. Basically, there are two approaches to network intrusion detection: signature detection, and anomaly detection. The signature detection approach utilizes well-known signatures for network traffic to identify potentially malicious traffic. The anomaly detection approach utilizes a previous history of network traffic to search for patterns that are abnormal, which would indicate an intrusion. How can an attacker disguise his buffer overflow attack signature such that there is a greater probability of his attack going undetected by the IDS? 

A. He can use a shellcode that will perform a reverse telnet back to his machine 

B. He can use a dynamic return address to overwrite the correct value in the target machine computer memory 

C. He can chain NOOP instructions into a NOOP "sled" that advances the processor's instruction pointer to a random place of choice 

D. He can use polymorphic shell code-with a tool such as ADMmutate - to change the signature of his exploit as seen by a network IDS 

Answer: D

Explanation: ADMmutate is using a polymorphic technique designed to circumvent certain forms of signature based intrusion detection. All network based remote buffer overflow exploits have similarities in how they function. ADMmutate has the ability to emulate the protocol of the service the attacker is attempting to exploit. The data payload (sometimes referred to as an egg) contains the instructions the attacker wants to execute on the target machine. These eggs are generally interchangeable and can be utilized in many different buffer overflow exploits. ADMmutate uses several techniques to randomize the contents of the egg in any given buffer overflow exploit. This randomization effectively changes the content or 'signature' of the exploit without changing the functionality of the exploit.