Our This experts dedicate to developing the EC-Council 312-50 on-line questions and answers. You can download the 312-50 dumps upon our web site. We not merely present the actual EC-Council Pdf exams but furthermore the test engine. Our own EC-Council EC-Council test motor is cutting-edge software which can be built to generate you experience that you tend to be in the real EC-Council 312-50 exam. This will be your enriching and unforgettable experience in your life. You can make your own EC-Council 312-50 preparation at your personal pace and with your own style as a consequence of the flexibility regarding our 2 types of 312-50 questions. You can put the actual various options and facilities, which usually provided from the EC-Council 312-50 exam engines, into use. Whilst doing your own EC-Council 312-50 practice exams on your 312-50 exam motor you will experience that your learning rate is enhanced.

2021 Mar 312-50 free practice test

Q81. Which of the following type of scanning utilizes automated process of proactively identifying vulnerabilities of the computing systems present on a network? 

A. Port Scanning 

B. Single Scanning 

C. External Scanning 

D. Vulnerability Scanning 

Answer: D


Q82. Samuel is the network administrator of DataX communications Inc. He is trying to configure his firewall to block password brute force attempts on his network. He enables blocking the intruder’s IP address for a period of 24 hours time after more than three unsuccessful attempts. He is confident that this rule will secure his network hackers on the Internet. 

But he still receives hundreds of thousands brute-force attempts generated from various IP addresses around the world. After some investigation he realizes that the intruders are using a proxy somewhere else on the Internet which has been scripted to enable the random usage of various proxies on each request so as not to get caught by the firewall use. 

Later he adds another rule to his firewall and enables small sleep on the password attempt so that if the password is incorrect, it would take 45 seconds to return to the user to begin another attempt. Since an intruder may use multiple machines to brute force the password, he also throttles the number of connections that will be prepared to accept from a particular IP address. This action will slow the intruder’s attempts. 

Samuel wants to completely block hackers brute force attempts on his network. 

What are the alternatives to defending against possible brute-force password attacks on his site? 

A. Enforce a password policy and use account lockouts after three wrong logon attempts even through this might lock out legit users 

B. Enable the IDS to monitor the intrusion attempts and alert you by e-mail about the IP address of the intruder so that you can block them at the firewall manually 

C. Enforce complex password policy on your network so that passwords are more difficult to brute force 

D. You can’t completely block the intruders attempt if they constantly switch proxies 

Answer: D

Explanation: Without knowing from where the next attack will come there is no way of proactively block the attack. This is becoming a increasing problem with the growth of large bot nets using ordinary workstations and home computers in large numbers. 


Q83. Which of the following built-in C/C++ functions you should avoid to prevent your program from buffer overflow attacks? 

A. strcpy() 

B. strcat() 

C. streadd() 

D. strscock() 

Answer: ABC

Explanation: When hunting buffer overflows, the first thing to look for is functions which write into arrays without any way to know the amount of space available. If you get to define the function, you can pass a length parameter in, or ensure that every array you ever pass to it is at least as big as the hard-coded maximum amount it will write. If you're using a function someone else (like, say, the compiler vendor) has provided then avoiding functions like gets(), which take some amount of data over which you have no control and stuff it into arrays they can never know the size of, is a good start. Make sure that functions like the str...() family which expect NUL-terminated strings actually get them - store a '' in the last element of each array involved just before you call the function, if necessary. Strscock() is not a valid C/C++ function. 


Q84. Rebecca is a security analyst and knows of a local root exploit that has the ability to enable local users to use available exploits to gain root privileges. This vulnerability exploits a condition in the Linux kernel within the execve() system call. There is no known workaround that exists for this vulnerability. What is the correct action to be taken by Rebecca in this situation as a recommendation to management? 

A. Rebecca should make a recommendation to disable the () system call 

B. Rebecca should make a recommendation to upgrade the Linux kernel promptly 

C. Rebecca should make a recommendation to set all child-process to sleep within the execve() 

D. Rebecca should make a recommendation to hire more system administrators to monitor all child processes to ensure that each child process can't elevate privilege 

Answer: B


Q85. What are two things that are possible when scanning UDP ports? (Choose two. 

A. A reset will be returned 

B. An ICMP message will be returned 

C. The four-way handshake will not be completed 

D. An RFC 1294 message will be returned 

E. Nothing 

Answer: BE

Explanation: Closed UDP ports can return an ICMP type 3 code 3 message. No response can mean the port is open or the packet was silently dropped. 


Down to date 312-50 question:

Q86. When working with Windows systems, what is the RID of the true administrator account? 

A. 500 

B. 501 

C. 1000 

D. 1001 

E. 1024 

F. 512 

Answer: A

Explanation: Because of the way in which Windows functions, the true administrator account always has a RID of 500. 


Q87. The following excerpt is taken from a honeypot log. The log captures activities across three days. There are several intrusion attempts; however, a few are successful. From the options given below choose the one best interprets the following entry: 

Apr 26 06:43:05 [6282] IDS181/nops-x86: 63.226.81.13:1351 -> 172.16.1.107:53 

(Note: The objective of this question is to test whether the student can read basic information from log entries and interpret the nature of attack.) 

Interpret the following entry: 

Apr 26 06:43:05 [6283]: IDS181/nops-x86: 63.226.81.13:1351 -> 172.16.1.107.53 

A. An IDS evasion technique 

B. A buffer overflow attempt 

C. A DNS zone transfer 

D. Data being retrieved from 63.226.81.13. 

Answer: B

Explanation: The IDS log file is depicting numerous attacks, however, most of them are from different attackers, in reference to the attack in question, he is trying to mask his activity by trying to act legitimate, during his session on the honeypot, he changes users two times by using the "su" command, but never triess to attempt anything to severe. 


Q88. Which of the following tools can be used to perform a zone transfer? 

A. NSLookup 

B. Finger 

C. Dig 

D. Sam Spade 

E. Host 

F. Netcat 

G. Neotrace 

Answer: ACDE

Explanation: There are a number of tools that can be used to perform a zone transfer. Some of these include: NSLookup, Host, Dig, and Sam Spade. 


Q89. Barney is looking for a Windows NT/2000/XP command-line tool that can be used to assign display or modify ACLs (Access Control Lists) to files or folders and that could also be used within batch files. Which of the following tools could be used for this purpose? 

A. PERM.EXE 

B. CACLS.EXE 

C. CLACS.EXE 

D. NTPERM.EXE 

Answer:

Explanation: Cacls.exe (Change Access Control Lists) is an executable in Microsoft Windows to change Access Control List (ACL) permissions on a directory, its subcontents, or files. An access control list is a list of permissions for a file or directory that controls who can access it. 

Topic 12, Web Application Vulnerabilities 

356. Which of the following statements best describes the term Vulnerability? 

A. A weakness or error that can lead to a compromise 

B. An agent that has the potential to take advantage of a weakness 

C. An action or event that might prejudice security 

D. The loss potential of a threat. 

Answer:

Explanation: Vulnerabilities are all weaknesses that can be exploited. 


Q90. DRAG DROP 

A Successfully Attack by a malicious hacker can divide into five phases, Match the order: 

Answer: