312-50 | A Review Of Breathing 312-50 Vce

Master the 312-50 Ethical Hacking and Countermeasures (CEHv6) content and be ready for exam day success quickly with this Examcollection 312-50 braindumps. We guarantee it!We make it a reality and give you real 312-50 questions in our EC-Council 312-50 braindumps.Latest 100% VALID EC-Council 312-50 Exam Questions Dumps at below page. You can use our EC-Council 312-50 braindumps and pass your exam.

EC-Council 312-50 Free Dumps Questions Online, Read and Test Now.


Which type of sniffing technique is generally referred as MiTM attack?
312-50 dumps exhibit

  • A. Password Sniffing
  • B. ARP Poisoning
  • C. Mac Flooding
  • D. DHCP Sniffing

Answer: C


Jack Hacker wants to break into Brown Co.'s computers and obtain their secret double fudge cookie recipe. Jack calls Jane, an accountant at Brown Co., pretending to be an administrator from Brown Co. Jack tells Jane that there has been a problem with some accounts and asks her to tell him her password 'just to double check our records'. Jane believes that Jack is really an administrator, and tells him her password. Jack now has a user name and password, and can access Brown Co.'s computers, to find the cookie recipe. This is an example of what kind of attack?

  • A. Reverse Psychology
  • B. Social Engineering
  • C. Reverse Engineering
  • D. Spoofing Identity
  • E. Faking Identity

Answer: B

This is a typical case of pretexting. Pretexting is the act of creating and using an invented scenario (the pretext) to persuade a target to release information or perform an action and is usually done over the telephone.


You have installed antivirus software and you want to be sure that your AV signatures are working correctly. You don't want to risk the deliberate introduction of a live virus to test the AV software. You would like to write a harmless test virus, which is based on the European Institute for Computer Antivirus Research format that can be detected by the AV software.
How should you proceed?

  • A. Type the following code in notepad and save the file as SAMPLEVIRUS.CO
  • B. Your antivirus program springs into action whenever you attempt to open, run or copy i
  • D. Type the following code in notepad and save the file as AVFILE.CO
  • E. Your antivirus program springs into action whenever you attempt to open, run or copy it.X5O!P%@AP[4\PZX54(P^)7CC)7}$AVFILE-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
  • F. Type the following code in notepad and save the file as TESTAV.CO
  • G. Your antivirus program springs into action whenever you attempt to open, run or copy i
  • I. Type the following code in notepad and save the file as EICAR.CO
  • J. Your antivirus program springs into action whenever you attempt to open, run or copy i

Answer: D

The EICAR test file (official name: EICAR Standard Anti-Virus Test File) is a file, developed by the European Institute for Computer
Antivirus Research, to test the response of computer antivirus (AV) programs. The rationale behind it is to allow people, companies, and AV programmers
to test their software without having to use a real computer virus that could cause actual damage should the AV not respond correctly. EICAR likens
the use of a live virus to test AV software to setting a fire in a trashcan to test a fire alarm, and promotes the EICAR test file as a safe alternative.


Joel and her team have been going through tons of garbage, recycled paper, and other rubbish in order to find some information about the target they are attempting to penetrate.
What would you call this kind of activity?

  • A. CI Gathering
  • B. Scanning
  • C. Dumpster Diving
  • D. Garbage Scooping

Answer: C


When Nmap performs a ping sweep, which of the following sets of requests does it send to the target device?


Answer: B

The default behavior of NMAP is to do both an ICMP ping sweep (the usual kind of ping) and a TCP port 80 ACK ping sweep. If an admin is logging these this will be fairly characteristic of NMAP.


Harold is the senior security analyst for a small state agency in New York. He has no other security professionals that work under him, so he has to do all the security- related tasks for the agency. Coming from a computer hardware background, Harold does not have a lot of experience with security methodologies and technologies, but he was the only one who applied for the position.
Harold is currently trying to run a Sniffer on the agency’s network to get an idea of what kind of traffic is being passed around but the program he is using does not seem to be capturing anything. He pours through the sniffer’s manual but can’t find anything that directly relates to his problem. Harold decides to ask the network administrator if the has any thoughts on the problem. Harold is told that the sniffer was not working because the agency’s network is a switched network, which can’t be sniffed by some programs without some tweaking.
What technique could Harold use to sniff agency’s switched network?

  • A. ARP spoof the default gateway
  • B. Conduct MiTM against the switch
  • C. Launch smurf attack against the switch
  • D. Flood switch with ICMP packets

Answer: A

ARP spoofing, also known as ARP poisoning, is a technique used to attack an Ethernet network which may allow an attacker to sniff data frames on a local area network (LAN) or stop the traffic altogether (known as a denial of service attack). The principle of ARP spoofing is to send fake, or 'spoofed', ARP messages to an Ethernet LAN. These frames contain false MAC addresses, confusing network devices, such as network switches. As a result frames intended for one machine can be mistakenly sent to another (allowing the packets to be sniffed) or an unreachable host (a denial of service attack).


A Trojan horse is a destructive program that masquerades as a benign application. The software initially appears to perform a desirable function for the user prior to installation and/or execution, but in addition to the expected function steals information or harms the system.
312-50 dumps exhibit
The challenge for an attacker is to send a convincing file attachment to the victim, which gets easily executed on the victim machine without raising any suspicion. Today's end
users are quite knowledgeable about malwares and viruses. Instead of sending games and fun executables, Hackers today are quite successful in spreading the Trojans using Rogue security software.
What is Rogue security software?

  • A. A flash file extension to Firefox that gets automatically installed when a victim visits rogue software disabling websites
  • B. A Fake AV program that claims to rid a computer of malware, but instead installs spyware or other malware onto the compute
  • C. This kind of software is known as rogue security software.
  • D. A Fake AV program that claims to rid a computer of malware, but instead installs spyware or other malware onto the compute
  • E. This kind of software is known as rogue security software.
  • F. A Fake AV program that claims to rid a computer of malware, but instead installs spyware or other malware onto the compute
  • G. This kind of software is known as rogue security software.
  • H. Rogue security software is based on social engineering technique in which the attackers lures victim to visit spear phishing websites
  • I. This software disables firewalls and establishes reverse connecting tunnel between the victim's machine and that of the attacker

Answer: BCD


Why is Social Engineering considered attractive by hackers and also adopted by experts in the field?

  • A. It is done by well known hackers and in movies as well.
  • B. It does not require a computer in order to commit a crime.
  • C. It is easy and extremely effective to gain information.
  • D. It is not considered illegal.

Answer: C

Social engineering is a collection of techniques used to manipulate people into performing actions or divulging confidential information. While similar to a confidence trick or simple fraud, the term typically applies to trickery for information gathering or computer system access and in most (but not all) cases the attacker never comes face-to- face with the victim. The term has been popularized in recent years by well known (reformed) computer criminal and security consultant Kevin Mitnick who points out that it's much easier to trick someone into giving you his or her password for a system than to spend the effort to hack in. He claims it to be the single most effective method in his arsenal.


Which of the following buffer overflow exploits are related to Microsoft IIS web server? (Choose three)

  • A. Internet Printing Protocol (IPP) buffer overflow
  • B. Code Red Worm
  • C. Indexing services ISAPI extension buffer overflow
  • D. NeXT buffer overflow

Answer: ABC

Both the buffer overflow in the Internet Printing Protocol and the ISAPI extension buffer overflow is explained in Microsoft Security Bulletin MS01-023. The Code Red worm was a computer worm released on the Internet on July 13, 2001. It attacked computers running Microsoft's IIS web server.


Peter extracts the SID list from Windows 2008 Server machine using the hacking tool "SIDExtracter". Here is the output of the SIDs:
312-50 dumps exhibit
From the above list identify the user account with System Administrator privileges?

  • A. John
  • B. Rebecca
  • C. Sheela
  • D. Shawn
  • E. Somia
  • F. Chang
  • G. Micah

Answer: F


Bob has a good understanding of cryptography, having worked with it for many years. Cryptography is used to secure data from specific threat, but it does not secure the application from coding errors. It can provide data privacy, integrity and enable strong authentication but it cannot mitigate programming errors.
What is a good example of a programming error that Bob can use to illustrate to the management that encryption will not address all of their security concerns?

  • A. Bob can explain that a random generator can be used to derive cryptographic keys but it uses a weak seed value and it is a form of programming error.
  • B. Bob can explain that by using passwords to derive cryptographic keys it is a form of a programming error.
  • C. Bob can explain that a buffer overflow is an example of programming error and it is a common mistake associated with poor programming technique.
  • D. Bob can explain that by using a weak key management technique it is a form of programming error.

Answer: C

A buffer overflow occurs when you write a set of values (usually a string of characters) into a fixed length buffer and write at least one value outside that buffer's boundaries (usually past its end). A buffer overflow can occur when reading input from the user into a buffer, but it can also occur during other kinds of processing in a program. Technically, a buffer overflow is a problem with the program's internal implementation.


Consider the following code:
312-50 dumps exhibit
If an attacker can trick a victim user to click a link like this and the web application does not validate input, then the victim’s browser will pop up an alert showing the users current set of cookies. An attacker can do much more damage, including stealing passwords, resetting your home page or redirecting the user to another web site.
What is the countermeasure against XSS scripting?

  • A. Create an IP access list and restrict connections based on port number
  • B. Replace “<” and “>” characters with ?lt; and ?gt; using server scripts
  • C. Disable Javascript in IE and Firefox browsers
  • D. Connect to the server using HTTPS protocol instead of HTTP

Answer: B

The correct answer contains a string which is an HTML-quoted version of the original script. The quoted versions of these characters will appear as literals in a browser, rather than with their special meaning as HTML tags. This prevents any script from being injected into HTML output, but it also prevents any user-supplied input from being formatted with benign HTML.


When a malicious hacker identifies a target and wants to eventually compromise this target, what would be among the first steps that he would perform? (Choose the best answer)

  • A. Cover his tracks by eradicating the log files and audit trails.
  • B. Gain access to the remote computer in order to conceal the venue of attacks.
  • C. Perform a reconnaissance of the remote target for identical of venue of attacks.
  • D. Always begin with a scan in order to quickly identify venue of attacks.

Answer: C

A hacker always starts with a preparatory phase (Reconnaissance) where he seeks to gather as much information as possible about the target of evaluation prior to launching an attack. The reconnaissance can be either passive or active (or both).


Kevin is an IT security analyst working for Emerson Time Makers, a watch manufacturing company in Miami. Kevin and his girlfriend Katy recently broke up after a big fight. Kevin believes that she was seeing another person. Kevin, who has an online email account that he uses for most of his mail, knows that Katy has an account with that same company. Kevin logs into his email account online and gets the following URL after successfully logged in: http://www.youremailhere.com/mail.asp?mailbox=Kevin&Smith=121%22 Kevin changes the URL to: http://www.youremailhere.com/mail.asp?mailbox=Katy&Sanchez=121%22 Kevin is trying to access her email account to see if he can find out any information. What is Kevin attempting here to gain access to Katy's mailbox?

  • A. This type of attempt is called URL obfuscation when someone manually changes a URL to try and gain unauthorized access
  • B. By changing the mailbox's name in the URL, Kevin is attempting directory transversal
  • C. Kevin is trying to utilize query string manipulation to gain access to her email account
  • D. He is attempting a path-string attack to gain access to her mailbox

Answer: C


Under what conditions does a secondary name server request a zone transfer from a primary name server?

  • A. When a primary SOA is higher that a secondary SOA
  • B. When a secondary SOA is higher that a primary SOA
  • C. When a primary name server has had its service restarted
  • D. When a secondary name server has had its service restarted
  • E. When the TTL falls to zero

Answer: A

Understanding DNS is critical to meeting the requirements of the CEH. When the serial number that is within the SOA record of the primary server is higher than the Serial number within the SOA record of the secondary DNS server, a zone transfer will take place.


This kind of password cracking method uses word lists in combination with numbers and special characters:

  • A. Hybrid
  • B. Linear
  • C. Symmetric
  • D. Brute Force

Answer: A

A Hybrid (or Hybrid Dictionary) Attack uses a word list that it modifies slightly to find passwords that are almost from a dictionary (like St0pid)


Johnny is a member of the hacking group orpheus1. He is currently working on breaking into the Department of Defense’s front end exchange server. He was able to get into the server, located in a DMZ, by using an unused service account that had a very weak password that he was able to guess. Johnny wants to crack the administrator password, but does not have a lot of time to crack it. He wants to use a tool that already has the LM hashes computed for all possible permutations of the administrator password.
What tool would be best used to accomplish this?

  • A. RainbowCrack
  • B. SMBCrack
  • C. SmurfCrack
  • D. PSCrack

Answer: A

RainbowCrack is a general propose implementation of Philippe Oechslin's faster time-memory trade-off technique. In short, the RainbowCrack tool is a hash cracker. A traditional brute force cracker try all possible plaintexts one by one in cracking time. It is time consuming to break complex password in this way. The idea of time-memory trade-off is to do all cracking time computation in advance and store the result in files so called "rainbow table". It does take a long time to precompute the tables. But once the one time precomputation is finished, a time-memory trade-off cracker can be hundreds of times faster than a brute force cracker, with the help of precomputed tables.


Let's imagine three companies (A, B and C), all competing in a challenging global environment. Company A and B are working together in developing a product that will generate a major competitive advantage for them. Company A has a secure DNS server while company B has a DNS server vulnerable to spoofing. With a spoofing attack on the DNS server of company B, company C gains access to outgoing e- mails from company B. How do you prevent DNS spoofing? (Select the Best Answer.)

  • A. Install DNS logger and track vulnerable packets
  • B. Disable DNS timeouts
  • C. Install DNS Anti-spoofing
  • D. Disable DNS Zone Transfer

Answer: C

Explantion: Implement DNS Anit-Spoofing measures to prevent DNS Cache Pollution to occur.


A user on your Windows 2000 network has discovered that he can use L0phtcrack to sniff the SMB exchanges which carry user logons. The user is plugged into a hub with 23 other systems. However, he is unable to capture any logons though he knows that other users are logging in.
What do you think is the most likely reason behind this?

  • A. There is a NIDS present on that segment.
  • B. Kerberos is preventing it.
  • C. Windows logons cannot be sniffed.
  • D. L0phtcrack only sniffs logons to web servers.

Answer: B

In a Windows 2000 network using Kerberos you normally use pre- authentication and the user password never leaves the local machine so it is never exposed to the network so it should not be able to be sniffed.


Which of the following is NOT part of CEH Scanning Methodology?

  • A. Check for Live systems
  • B. Check for Open Ports
  • C. Banner Grabbing
  • D. Prepare Proxies
  • E. Social Engineering attacks
  • F. Scan for Vulnerabilities
  • G. Draw Network Diagrams

Answer: E


You have successfully brute forced basic authentication configured on a Web Server using Brutus hacking tool. The username/password is “Admin” and “Bettlemani@”. You logon to the system using the brute forced password and plant backdoors and rootkits.
After downloading various sensitive documents from the compromised machine, you proceed to clear the log files to hide your trace..
Which event log located at C:\Windows\system32\config contains the trace of your brute force attempts?

  • A. AppEvent.Evt
  • B. SecEvent.Evt
  • C. SysEvent.Evt
  • D. WinEvent.Evt

Answer: B

The Security Event log (SecEvent.Evt) will contain all the failed logins against the system.


Which of the following represents the initial two commands that an IRC client sends to join an IRC network?


Answer: A

A "PASS" command is not required for either client or server connection to be registered, but it must precede the server message or the latter of the NICK/USER combination. (RFC 1459)


What is the proper response for a X-MAS scan if the port is open?

  • A. SYN
  • B. ACK
  • C. FIN
  • D. PSH
  • E. RST
  • F. No response

Answer: F

Closed ports respond to a X-MAS scan by ignoring the packet.


Jane has just accessed her preferred e-commerce web site and she has seen an item she would like to buy. Jane considers the price a bit too steep; she looks at the page source code and decides to save the page locally to modify some of the page variables. In the context of web application security, what do you think Jane has changed?

  • A. An integer variable
  • B. A 'hidden' price value
  • C. A 'hidden' form field value
  • D. A page cannot be changed locally; it can only be served by a web server

Answer: C

Changing hidden form values is possible when a web site is poorly built and is trusting the visitors computer to submit vital data, like the price of a product, to the database.


Kevin has been asked to write a short program to gather user input for a web application. He likes to keep his code neat and simple. He chooses to use printf(str) where he should have ideally used printf(?s? str). What attack will his program expose the web application to?

  • A. Cross Site Scripting
  • B. SQL injection Attack
  • C. Format String Attack
  • D. Unicode Traversal Attack

Answer: C

Format string attacks are a new class of software vulnerability discovered around 1999, previously thought harmless. Format string attacks can be used to crash a program or to execute harmful code. The problem stems from the use of unfiltered user input as the format string parameter in certain C functions that perform formatting, such as printf(). A malicious user may use the %s and %x format tokens, among others, to print data from the stack or possibly other locations in memory. One may also write arbitrary data to arbitrary locations using the %n format token, which commands printf() and similar functions to write back the number of bytes formatted to the same argument to printf(), assuming that the corresponding argument exists, and is of type int * .


P.S. Easily pass 312-50 Exam with 765 Q&As Downloadfreepdf.net Dumps & pdf Version, Welcome to Download the Newest Downloadfreepdf.net 312-50 Dumps: https://www.downloadfreepdf.net/312-50-pdf-download.html (765 New Questions)