★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW 312-50 Exam Dumps (PDF & VCE):
Available on: https://www.certleader.com/312-50-dumps.html


Testking provides you the EC-Council certification exam questions and answers in Pdf platforms and Examination Engine platforms. After downloading and installing all of them on your PC, you are able to practise EC-Council 312-50 test questions; evaluate your questions & answers and check your score. If you knowledge some issues, seek the EC-Council 312-50 research guide for help. The particular distinctive feature is that the EC-Council EC-Council 312-50 on-line test motor creates a nearly genuine exam environment. Using EC-Council EC-Council online instruction is a fast and productive way to put together the EC-Council certification exam. It is possible to through absent the long EC-Council 312-50 books or do not need to take other 312-50 courses. Studying the particular EC-Council 312-50 practice materials for your own tempo and with your own style because the EC-Council test motor is flexible.The particular price with the EC-Council EC-Council certification exam dumps is sensible. We promise you that will what you possess got from Testking is more than valuable. The EC-Council 312-50 exam Pdf files is extremely convenient for you personally in that they are a shortcut for the preparation with the 312-50 certification exam. Our objective is to help the particular customers have the EC-Council certification and help to make them satisfied.

2021 Dec intitle index of 312-50 pdf:

Q311. What is the proper response for a FIN scan if the port is closed? 

A. SYN 

B. ACK 

C. FIN 

D. PSH 

E. RST 

Answer:

Explanation: Closed ports respond to a FIN scan with a RST. 


Q312. What type of port scan is shown below? 

A. Idle Scan 

B. Windows Scan 

C. XMAS Scan 

D. SYN Stealth Scan 

Answer: C

Explanation: An Xmas port scan is variant of TCP port scan. This type of scan tries to obtain information about the state of a target port by sending a packet which has multiple TCP flags set to 1 - "lit as an Xmas tree". The flags set for Xmas scan are FIN, URG and PSH. The purpose is to confuse and bypass simple firewalls. Some stateless firewalls only check against security policy those packets which have the SYN flag set (that is, packets that initiate connection according to the standards). Since Xmas scan packets are different, they can pass through these simple systems and reach the target host. 


Q313. An Attacker creates a zuckerjournals.com website by copying and mirroring HACKERJOURNALS.COM site to spread the news that Hollywood actor Jason Jenkins died in a car accident. The attacker then submits his fake site for indexing in major search engines. When users search for "Jason Jenkins", attacker's fake site shows up and dupes victims by the fake news. 

This is another great example that some people do not know what URL's are. Real website: Fake website: http://www.zuckerjournals.com 

The website is clearly not WWW.HACKERJOURNALS.COM. It is obvious for many, but unfortunately some people still do not know what an URL is. It's the address that you enter into the address bar at the top your browser and this is clearly not legit site, its www.zuckerjournals.com 

How would you verify if a website is authentic or not? 

A. Visit the site using secure HTTPS protocol and check the SSL certificate for authenticity 

B. Navigate to the site by visiting various blogs and forums for authentic links 

C. Enable Cache on your browser and lookout for error message warning on the screen 

D. Visit the site by clicking on a link from Google search engine 

Answer: D


Q314. Bank of Timbukut is a medium-sized, regional financial institution in Timbuktu. The bank has deployed a new Internet-accessible Web Application recently. Customers can access their account balances, transfer money between accounts, pay bills and conduct online financial business using a web browser. 

John Stevens is in charge of information security at Bank of Timbukut. After one month in production, several customers have complained about the Internet enabled banking application. Strangely, the account balances of many of the bank’s customers had been changed ! However, money hasn’t been removed from the bank, instead money was transferred between accounts. Given this attack profile, John Stevens reviewed the Web Application’s logs and found the following entries. 

What kind of attack did the Hacker attempt to carry out at the Bank? 

A. Brute Force attack in which the Hacker attempted guessing login ID and password from password cracking tools 

B. The Hacker used a generator module to pass results to the Web Server and exploited Web Application CGI vulnerability. 

C. The Hacker first attempted logins with suspected user names, then used SQL injection to gain access to valid login IDs 

D. The Hacker attempted Session Hijacking, in which the hacker opened an account with the bank, then logged in to receive a session ID, guessed the next ID and took over Jason’s session. 

Answer:

Explanation: Typing things like ‘ or 1=1 – in the login field is evidence of a hacker trying out if the system is vulnerable to SQL injection. 

Topic 15, Hacking Wireless Networks 


Q315. What makes web application vulnerabilities so aggravating? (Choose two) 

A. They can be launched through an authorized port. 

B. A firewall will not stop them. 

C. They exist only on the Linux platform. 

D. They are detectable by most leading antivirus software. 

Answer: AB

Explanation: As the vulnerabilities exists on a web server, incoming traffic on port 80 will probably be allowed and no firewall rules will stop the attack. 


Improved certified ethical hacker exam 312-50 pdf:

Q316. Steven the hacker realizes the network administrator of Acme Corporation is using syskey in Windows 2008 Server to protect his resources in the organization. Syskey independently encrypts the hashes so that physical access to the server, tapes, or ERDs is only first step to cracking the passwords. Steven must break through the encryption used by syskey before he can attempt to use brute force dictionary attacks on the hashes. Steven runs a program called "SysCracker" targeting the Windows 2008 Server machine in attempting to crack the hash used by Syskey. He needs to configure the encryption level before he can launch the attack. How many bits does Syskey use for encryption? 

A. 40-bit encryption 

B. 128-bit encryption 

C. 256-bit encryption 

D. 64-bit encryption 

Answer: B


Q317. Which of the following act in the united states specifically criminalizes the transmission of unsolicited commercial e-mail(SPAM) without an existing business relationship. 

A. 2004 CANSPAM Act 

B. 2003 SPAM Preventing Act 

C. 2005 US-SPAM 1030 Act 

D. 1990 Computer Misuse Act 

Answer: A

Explanation: The CAN-SPAM Act of 2003 (Controlling the Assault of Non-Solicited Pornography and Marketing Act) establishes requirements for those who send commercial email, spells out penalties for spammers and companies whose products are advertised in spam if they violate the law, and gives consumers the right to ask emailers to stop spamming them. The law, which became effective January 1, 2004, covers email whose primary purpose is advertising or promoting a commercial product or service, including content on a Web site. A "transactional or relationship message" – email that facilitates an agreed-upon transaction or updates a customer in an existing business relationship – may not contain false or misleading routing information, but otherwise is exempt from most provisions of the CAN-SPAM Act. 


Q318. Which of the following Exclusive OR transforms bits is NOT correct? 

A. 0 xor 0 = 0 

B. 1 xor 0 = 1 

C. 1 xor 1 = 1 

D. 0 xor 1 = 1 

Answer: C


Q319. An SNMP scanner is a program that sends SNMP requests to multiple IP addresses, trying different community strings and waiting for a reply. Unfortunately SNMP servers don't respond to requests with invalid community strings and the underlying protocol does not reliably report closed ports. This means that 'no response' from the probed IP address can mean which of the following: 

(Select up to 3) 

A. Invalid community string 

B. S-AUTH protocol is running on the SNMP server 

C. Machine unreachable 

D. SNMP server not running 

Answer: ACD

Explanation: http://en.wikipedia.org/wiki/Simple_Network_Management_Protocol 


Q320. ________ is an automated vulnerability assessment tool. 

A. Whack a Mole 

B. Nmap 

C. Nessus 

D. Kismet 

E. Jill32 

Answer:

Explanation: Nessus is a vulnerability assessment tool.