Proper study guides for Up to the immediate present EC-Council Ethical Hacking and Countermeasures (CEHv6) certified begins with EC-Council 312-50 preparation products which designed to deliver the Practical 312-50 questions by making you pass the 312-50 test at your first time. Try the free 312-50 demo right now.

2021 Apr 312-50 free practice test

Q171. Which type of attack is port scanning? 

A. Web server attack 

B. Information gathering 

C. Unauthorized access 

D. Denial of service attack 

Answer: B


Q172. One of the most common and the best way of cracking RSA encryption is to being to derive the two prime numbers, which are used in the RSA PKI mathematical process. If the two numbers p and q are discovered through a _________________ process, then the private key can be derived. 

A. Factorization 

B. Prime Detection 

C. Hashing 

D. Brute-forcing 

Answer: A

Explanation: In April 1994, an international cooperative group of mathematicians and computer scientists solved a 17-year-old challenge problem, the factoring of a 129-digit number, called RSA-129, into two primes. That is, RSA-129 = 1143816257578888676692357799761466120102182 9672124236256256184293570693524573389783059 7123563958705058989075147599290026879543541 = 34905295108476509491478496199038 98133417764638493387843990820577 times 32769132993266709549961988190834 461413177642967992942539798288533. Se more at http://en.wikipedia.org/wiki/RSA_Factoring_Challenge 


Q173. How would you prevent session hijacking attacks? 

A. Using biometrics access tokens secures sessions against hijacking 

B. Using non-Internet protocols like http secures sessions against hijacking 

C. Using hardware-based authentication secures sessions against hijacking 

D. Using unpredictable sequence numbers secures sessions against hijacking 

Answer: D

Explanation: Protection of a session needs to focus on the unique session identifier because it is the only thing that distinguishes users. If the session ID is compromised, attackers can impersonate other users on the system. The first thing is to ensure that the sequence of identification numbers issued by the session management system is unpredictable; otherwise, it's trivial to hijack another user's session. Having a large number of possible session IDs (meaning that they should be very long) means that there are a lot more permutations for an attacker to try. 


Q174. Ursula is a college student at a University in Amsterdam. Ursula originally went to college to study engineering but later changed to marine biology after spending a month at sea with her friends. These friends frequently go out to sea to follow and harass fishing fleets that illegally fish in foreign waters. Ursula eventually wants to put companies practicing illegal fishing out of business. Ursula decides to hack into the parent company's computers and destroy critical data knowing fully well that, if caught, she probably would be sent to jail for a very long time. What would Ursula be considered? 

A. Ursula would be considered a gray hat since she is performing an act against illegal activities. 

B. She would be considered a suicide hacker. 

C. She would be called a cracker. 

D. Ursula would be considered a black hat. 

Answer: B


Q175. This attack technique is used when a Web application is vulnerable to an SQL Injection but the results of the Injection are not visible to the attacker. 

A. Unique SQL Injection 

B. Blind SQL Injection 

C. Generic SQL Injection 

D. Double SQL Injection 

Answer: B


Up to the minute 312-50 free practice questions:

Q176. You want to know whether a packet filter is in front of 192.168.1.10. Pings to 192.168.1.10 don't get answered. A basic nmap scan of 192.168.1.10 seems to hang without returning any information. What should you do next? 

A. Use NetScan Tools Pro to conduct the scan 

B. Run nmap XMAS scan against 192.168.1.10 

C. Run NULL TCP hping2 against 192.168.1.10 

D. The firewall is blocking all the scans to 192.168.1.10 

Answer: C


Q177. Which of the following Netcat commands would be used to perform a UDP scan of the lower 1024 ports? 

A. Netcat -h -U 

B. Netcat -hU <host(s.> 

C. Netcat -sU -p 1-1024 <host(s.> 

D. Netcat -u -v -w2 <host> 1-1024 

E. Netcat -sS -O target/1024 

Answer:

Explanation: The proper syntax for a UDP scan using Netcat is "Netcat -u -v -w2 <host> 1-1024". 

Netcat is considered the Swiss-army knife of hacking tools because it is so versatile. 


Q178. Attackers target HINFO record types stored on a DNS server to enumerate information. These are information records and potential source for reconnaissance. A network administrator has the option of entering host information specifically the CPU type and operating system when creating a new DNS record. An attacker can extract this type of information easily from a DNS server. 

Which of the following commands extracts the HINFO record? 

A. Option A 

B. Option B 

C. Option C 

D. Option D 

Answer: A


Q179. How would you describe an attack where an attacker attempts to deliver the payload over multiple packets over long periods of time with the purpose of defeating simple pattern matching in IDS systems without session reconstruction? A characteristic of this attack would be a continuous stream of small packets. 

A. Session Splicing 

B. Session Stealing 

C. Session Hijacking 

D. Session Fragmentation 

Answer: A


Q180. Which of the following statements would not be a proper definition for a Trojan Horse? 

A. An unauthorized program contained within a legitimate program. 

This unauthorized program performs functions unknown (and probably unwanted) by the user. 

B. A legitimate program that has been altered by the placement of unauthorized code within it; this code perform functions unknown (and probably unwanted) by the user. 

C. An authorized program that has been designed to capture keyboard keystrokes while the user remains unaware of such an activity being performed. 

D. Any program that appears to perform a desirable and necessary function but that (because of unauthorized code within it that is unknown to the user) performs functions unknown (and definitely unwanted) by the user. 

Answer: C

Explanation: A Trojan is all about running unauthorized code on the users computer without the user knowing of it.