we provide Breathing EC-Council 312-50 practice exam which are the best for clearing 312-50 test, and to get certified by EC-Council Ethical Hacking and Countermeasures (CEHv6). The 312-50 Questions & Answers covers all the knowledge points of the real 312-50 exam. Crack your EC-Council 312-50 Exam with latest dumps, guaranteed!
2018 NEW RECOMMEND
Free VCE & PDF File for EC-Council 312-50 Real Exam
Pass on Your First TRY 100% Money Back Guarantee Realistic Practice Exam Questions
Q221. DRAG DROP
Drag the term to match with itâs description
Q222. What is GINA?
A. Gateway Interface Network Application
B. GUI Installed Network Application CLASS
C. Global Internet National Authority (G-USA)
D. Graphical Identification and Authentication DLL
Explanation: In computing, GINA refers to the graphical identification and authentication library, a component of some Microsoft Windows operating systems that provides secure authentication and interactive logon services.
Q223. Jane wishes to forward X-Windows traffic to a remote host as well as POP3 traffic. She is worried that adversaries might be monitoring the communication link and could inspect captured traffic. She would line to tunnel the information to the remote end but does not have VPN capabilities to do so.
Which of the following tools can she use to protect the link?
Explanation: Port forwarding, or tunneling, is a way to forward otherwise insecure TCP traffic through SSH Secure Shell. You can secure for example POP3, SMTP and HTTP connections that would otherwise be insecure.
Q224. Which type of scan does not open a full TCP connection?
A. Stealth Scan
B. XMAS Scan
C. Null Scan
D. FIN Scan
Explanation: Stealth Scan: Instead of completing the full TCP three-way-handshake a full connection is not made. A SYN packet is sent to the system and if a SYN/ACK packet is received it is assumed that the port on the system is active. In that case a RST/ACK will be sent which will determined the listening state the system is in. If a RST/ACK packet is received, it is assumed that the port on the system is not active.
Q225. 802.11b is considered a ____________ protocol.
D. Token ring based
Explanation: 802.11b is an insecure protocol. It has many weaknesses that can be used by a hacker.
Q226. What does black box testing mean?
A. You have full knowledge of the environment
B. You have no knowledge of the environment
C. You have partial knowledge of the environment
Explanation: Black box testing is conducted when you have no knowledge of the environment. It is more time consuming and expensive.
Q227. What type of attack changes its signature and/or payload to avoid detection by antivirus programs?
B. Rootkit C. Boot sector
D. File infecting
Explanation: In computer terminology, polymorphic code is code that mutates while keeping the original algorithm intact. This technique is sometimes used by computer viruses, shellcodes and computer worms to hide their presence.
Q228. Several of your co-workers are having a discussion over the etc/passwd file. They are at odds over what types of encryption are used to secure Linux passwords.(Choose all that apply.
A. Linux passwords can be encrypted with MD5
B. Linux passwords can be encrypted with SHA
C. Linux passwords can be encrypted with DES
D. Linux passwords can be encrypted with Blowfish
E. Linux passwords are encrypted with asymmetric algrothims
Explanation: Linux passwords are enrcypted using MD5, DES, and the NEW addition Blowfish. The default on most linux systems is dependant on the distribution, RedHat uses MD5, while slackware uses DES. The blowfish option is there for those who wish to use it. The encryption algorithm in use can be determined by authconfig on RedHat-based systems, or by reviewing one of two locations, on PAM-based systems (Pluggable Authentication Module) it can be found in /etc/pam.d/, the system-auth file or authconfig files. In other systems it can be found in /etc/security/ directory.
Q229. Which of the following LM hashes represent a password of less than 8 characters? (Select 2)
Explanation: Notice the last 8 characters are the same
Q230. The follows is an email header. What address is that of the true originator of the message?
Received: from smtp.com (fw.emumail.com [188.8.131.52].
by raq-221-181.ev1.net (8.10.2/8.10.2. with ESMTP id h78NIn404807
for <email@example.com>; Sat, 9 Aug 2003 18:18:50 -0500
Received: (qmail 12685 invoked from network.; 8 Aug 2003 23:25:25 -0000
Received: from ([184.108.40.206].
by smtp.com with SMTP
Received: from unknown (HELO CHRISLAPTOP. (220.127.116.11.
by localhost with SMTP; 8 Aug 2003 23:25:01 -0000
From: "Bill Gates" <firstname.lastname@example.org>
To: "mikeg" <email@example.com>
Subject: We need your help!
Date: Fri, 8 Aug 2003 19:12:28 -0400
X-Priority: 3 (Normal.
X-Mailer: Microsoft Outlook, Build 10.0.2627
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
Explanation: Spoofing can be easily achieved by manipulating the "from" name field, however, it is much more difficult to hide the true source address. The "received from" IP address
18.104.22.168 is the true source of the