High quality of 312-50 simulations materials and dump for EC-Council certification for IT candidates, Real Success Guaranteed with Updated 312-50 pdf dumps vce Materials. 100% PASS Ethical Hacking and Countermeasures (CEHv6) exam Today!

2021 Apr 312-50 practice test

Q281. A majority of attacks come from insiders, people who have direct access to a company's computer system as part of their job function or a business relationship. Who is considered an insider? 

A. The CEO of the company because he has access to all of the computer systems 

B. A government agency since they know the company computer system strengths and weaknesses 

C. Disgruntled employee, customers, suppliers, vendors, business partners, contractors, temps, and consultants 

D. A competitor to the company because they can directly benefit from the publicity generated by making such an attack 

Answer:

Explanation: An insider is anyone who already has an foot inside one way or another. 


Q282. An Employee wants to bypass detection by a network-based IDS application and does not want to attack the system containing the IDS application. Which of the following strategies can the employee use to evade detection by the network based IDS application? 

A. Create a ping flood 

B. Create a SYN flood 

C. Create a covert network tunnel 

D. Create multiple false positives 

Answer: C

Explanation: HTTP Tunneling is a technique by which communications performed using various network protocols are encapsulated using the HTTP protocol, the network protocols in question usually belonging to the TCP/IP family of protocols. The HTTP protocol therefore acts as a wrapper for a covert channel that the network protocol being tunneled uses to communicate. The HTTP stream with its covert channel is termed a HTTP Tunnel. Very few firewalls blocks outgoing HTTP traffic. 


Q283. How does traceroute map the route a packet travels from point A to point B? 

A. Uses a TCP timestamp packet that will elicit a time exceeded in transit message 

B. Manipulates the value of the time to live (TTL) within packet to elicit a time exceeded in transit message 

C. Uses a protocol that will be rejected by gateways on its way to the destination 

D. Manipulates the flags within packets to force gateways into generating error messages 

Answer: B


Q284. You are sniffing as unprotected WiFi network located in a JonDonalds Cybercafe with Ethereal to capture hotmail e-mail traffic. You see lots of people using their laptops browsing the web while snipping brewed coffee from JonDonalds. You want to sniff their email message traversing the unprotected WiFi network. 

Which of the following ethereal filters will you configure to display only the packets with the hotmail messages? 

A. (http contains “hotmail”) && ( http contains “Reply-To”) 

B. (http contains “e-mail” ) && (http contains “hotmail”) 

C. (http = “login.passport.com” ) && (http contains “SMTP”) 

D. (http = “login.passport.com” ) && (http contains “POP3”) 

Answer: A

Explanation: Each Hotmail message contains the tag Reply-To:<sender address> and “xxxx-xxx-xxx.xxxx.hotmail.com” in the received tag. 


Q285. How would you permanently wipe the data in the hard disk? 

A. wipe -fik /dev/hda1 

B. erase -fik /dev/hda1 

C. delete -fik /dev/hda1 

D. secdel -fik /dev/hda1 

Answer: A


Regenerate 312-50 exam fees:

Q286. Jonathan being a keen administrator has followed all of the best practices he could find on securing his Windows Server. He renamed the Administrator account to a new name that can’t be easily guessed but there remain people who attempt to compromise his newly renamed administrator account. How can a remote attacker decipher the name of the administrator account if it has been renamed? 

A. The attacker guessed the new name 

B. The attacker used the user2sid program 

C. The attacker used to sid2user program 

D. The attacker used NMAP with the V option 

Answer: C

Explanation: User2sid.exe can retrieve a SID from the SAM (Security Accounts Manager) from the local or a remote machine Sid2user.exe can then be used to retrieve the names of all the user accounts and more. These utilities do not exploit a bug but call the functions LookupAccountName and LookupAccountSid respectively. What is more these can be called against a remote machine without providing logon credentials save those needed for a null session connection. 


Q287. What are the four steps is used by nmap scanning? 

A. DNS Lookup 

B. ICMP Message 

C. Ping 

D. Reverse DNS lookup 

E. TCP three way handshake 

F. The Actual nmap scan 

Answer: ACDF

Explanation: Nmap performs four steps during a normal device scan. Some of these steps can be modified or disabled using options on the nmap command line. 


Q288. Say that "abigcompany.com" had a security vulnerability in the javascript on their website in the past. They recently fixed the security vulnerability, but it had been there for many months. Is there some way to 4go back and see the code for that error? 

Select the best answer. 

A. archive.org 

B. There is no way to get the changed webpage unless you contact someone at the company 

C. Usenet 

D. Javascript would not be in their html so a service like usenet or archive wouldn't help you 

Answer:

Explanations: 

Archive.org is a website that periodically archives internet content. They have archives of websites over many years. It could be used to go back and look at the javascript as javascript would be in the HTML code. 


Q289. John wants to try a new hacking tool on his Linux System. As the application comes from a site in his untrusted zone, John wants to ensure that the downloaded tool has not been Trojaned. Which of the following options would indicate the best course of action for John? 

A. Obtain the application via SSL 

B. Obtain the application from a CD-ROM disc 

C. Compare the files’ MD5 signature with the one published on the distribution media 

D. Compare the file’s virus signature with the one published on the distribution media 

Answer: C

Explanation: In essence, MD5 is a way to verify data integrity, and is much more reliable than checksum and many other commonly used methods. 


Q290. An attacker runs netcat tool to transfer a secret file between two hosts. 

Machine A: netcat -l -p 1234 < secretfile 

Machine B: netcat 192.168.3.4 > 1234 

He is worried about information being sniffed on the network. How would the attacker use netcat to encrypt the information before transmitting onto the wire? 

A. Machine A: netcat -l -p -s password 1234 < testfileMachine B: netcat <machine A IP> 1234 

B. Machine A: netcat -l -e magickey -p 1234 < testfileMachine B: netcat <machine A IP> 1234 

C. Machine A: netcat -l -p 1234 < testfile -pw passwordMachine B: netcat <machine A IP> 1234 -pw password 

D. Use cryptcat instead of netcat 

Answer: D

Explanation: Netcat cannot encrypt the file transfer itself but would need to use a third party application to encrypt/decrypt like openssl. Cryptcat is the standard netcat enhanced with twofish encryption.