★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW 312-50 Exam Dumps (PDF & VCE):
Available on:
https://www.certleader.com/312-50-dumps.html
Cause all that matters here is passing the EC-Council 312-50 exam. Cause all that you need is a high score of 312-50 Ethical Hacking and Countermeasures (CEHv6) exam. The only one thing you need to do is downloading Exambible 312-50 exam study guides now. We will not let you down with our money-back guarantee.
2021 Sep ec-council certified ethical hacker exam 312-50 cost:
Q161. To scan a host downstream from a security gateway, Firewalking:
A. Sends a UDP-based packet that it knows will be blocked by the firewall to determine how specifically the firewall responds to such packets
B. Uses the TTL function to send packets with a TTL value set to expire one hop past the identified security gateway
C. Sends an ICMP ''administratively prohibited'' packet to determine if the gateway will drop the packet without comment.
D. Assesses the security rules that relate to the target system before it sends packets to any hops on the route to the gateway
Answer: B
Explanation: Firewalking uses a traceroute-like IP packet analysis to determine whether or not a particular packet can pass from the attacker’s host to a destination host through a packet-filtering device. This technique can be used to map ‘open’ or ‘pass through’ ports on a gateway. More over, it can determine whether packets with various control information can pass through a given gateway.
Q162. What framework architecture is shown in this exhibit?
A. Core Impact
B. Metasploit
C. Immunity Canvas
D. Nessus
Answer: B
Q163. Jake is a network administrator who needs to get reports from all the computer and network devices on his network. Jake wants to use SNMP but is afraid that won't be secure since passwords and messages are in clear text. How can Jake gather network information in a secure manner?
A. He can use SNMPv3
B. Jake can use SNMPrev5
C. He can use SecWMI
D. Jake can use SecSNMP
Answer: A
Q164. If you perform a port scan with a TCP ACK packet, what should an OPEN port return?
A. RST
B. No Reply
C. SYN/ACK
D. FIN
Answer: A
Explanation: Open ports return RST to an ACK scan.
Q165. William has received a Tetris game from someone in his computer programming class through email. William does not really know the person who sent the game very well, but decides to install the game anyway because he really likes Tetris.
After William installs the game, he plays it for a couple of hours. The next day, William plays the Tetris game again and notices that his machines have begun to slow down. He brings up his Task Manager and sees the following programs running (see Screenshot):
What has William just installed?
A. Remote Access Trojan (RAT)
B. Zombie Zapper (ZoZ)
C. Bot IRC Tunnel (BIT)
D. Root Digger (RD)
Answer: A
Explanation: RATs are malicious programs that run invisibly on host PCs and permit an intruder remote access and control. On a basic level, many RATs mimic the functionality of legitimate remote control programs such as Symantec's pcAnywhere but are designed specifically for stealth installation and operation. Intruders usually hide these Trojan horses in games and other small programs that unsuspecting users then execute on their PCs. Typically, exploited users either download and execute the malicious programs or are tricked into clicking rogue email attachments.
Avant-garde 312-50 vce:
Q166. Which Type of scan sends a packets with no flags set ?
Select the Answer
A. Open Scan
B. Null Scan
C. Xmas Scan
D. Half-Open Scan
Answer: B
Explanation:
The types of port connections supported are:
Q167. You want to know whether a packet filter is in front of 192.168.1.10. Pings to 192.168.1.10 don't get answered. A basic nmap scan of 192.168.1.10 seems to hang without returning any information. What should you do next?
A. Use NetScan Tools Pro to conduct the scan
B. Run nmap XMAS scan against 192.168.1.10
C. Run NULL TCP hping2 against 192.168.1.10
D. The firewall is blocking all the scans to 192.168.1.10
Answer: C
Q168. You are scanning into the target network for the first time. You find very few conventional ports open. When you attempt to perform traditional service identification by connecting to the open ports, it yields either unreliable or no results. You are unsure of what protocols are being used. You need to discover as many different protocols as possible. Which kind of scan would you use to do this?
A. Nmap with the –sO (Raw IP packets) switch
B. Nessus scan with TCP based pings
C. Nmap scan with the –sP (Ping scan) switch
D. Netcat scan with the –u –e switches
Answer: A
Explanation: Running Nmap with the –sO switch will do a IP Protocol Scan. The IP protocol scan is a bit different than the other nmap scans. The IP protocol scan is searching for additional IP protocols in use by the remote station, such as ICMP, TCP, and UDP. If a router is scanned, additional IP protocols such as EGP or IGP may be identified.
Q169. Lori has just been tasked by her supervisor conduct vulnerability scan on the corporate network. She has been instructed to perform a very thorough test of the network to ensure that there are no security holes on any of the machines. Lori’s company does not own any commercial scanning products, so she decides to download a free one off the Internet. Lori has never done a vulnerability scan before, so she is unsure of some of the settings available in the software she downloaded. One of the option is to choose which ports that can be scanned. Lori wants to do exactly what her boos has told her, but she does not know ports should be scanned.
If Lori is supposed to scan all known TCP ports, how many ports should she select in the software?
A. 65536
B. 1024
C. 1025
D. Lori should not scan TCP ports, only UDP ports
Answer: A
Explanation: In both TCP and UDP, each packet header will specify a source port and a destination port, each of which is a 16-bit unsigned integer (i.e. ranging from 0 to 65535).
Q170. As a securing consultant, what are some of the things you would recommend to a company to ensure DNS security?
Select the best answers.
A. Use the same machines for DNS and other applications
B. Harden DNS servers
C. Use split-horizon operation for DNS servers
D. Restrict Zone transfers
E. Have subnet diversity between DNS servers
Answer: BCDE
Explanations:
A is not a correct answer as it is never recommended to use a DNS server for any other application. Hardening of the DNS servers makes them less vulnerable to attack. It is recommended to split internal and external DNS servers (called split-horizon operation). Zone transfers should only be accepted from authorized DNS servers. By having DNS servers on different subnets, you may prevent both from going down, even if one of your networks goes down.