★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW 312-50 Exam Dumps (PDF & VCE):
Available on: https://www.certleader.com/312-50-dumps.html


Want to know Exambible 312-50 Exam practice test features? Want to lear more about EC-Council Ethical Hacking and Countermeasures (CEHv6) certification experience? Study Simulation EC-Council 312-50 answers to Renewal 312-50 questions at Exambible. Gat a success with an absolute guarantee to pass EC-Council 312-50 (Ethical Hacking and Countermeasures (CEHv6)) test on your first attempt.

2021 Dec ceh official certified ethical hacker review guide exam 312-50 pdf:

Q441. What is the proper response for a X-MAS scan if the port is closed? 

A. SYN 

B. ACK 

C. FIN 

D. PSH 

E. RST 

F. No response 

Answer:

Explanation: Closed ports respond to a X-MAS scan with a RST. 


Q442. Several of your co-workers are having a discussion over the etc/passwd file. They are at odds over what types of encryption are used to secure Linux passwords.(Choose all that apply. 

A. Linux passwords can be encrypted with MD5 

B. Linux passwords can be encrypted with SHA 

C. Linux passwords can be encrypted with DES 

D. Linux passwords can be encrypted with Blowfish 

E. Linux passwords are encrypted with asymmetric algrothims 

Answer: ACD

Explanation: Linux passwords are enrcypted using MD5, DES, and the NEW addition Blowfish. The default on most linux systems is dependant on the distribution, RedHat uses MD5, while slackware uses DES. The blowfish option is there for those who wish to use it. The encryption algorithm in use can be determined by authconfig on RedHat-based systems, or by reviewing one of two locations, on PAM-based systems (Pluggable Authentication Module) it can be found in /etc/pam.d/, the system-auth file or authconfig files. In other systems it can be found in /etc/security/ directory. 


Q443. Which FTP transfer mode is required for FTP bounce attack? 

A. Active Mode 

B. Passive Mode 

C. User Mode 

D. Anonymous Mode 

Answer: B

Explanation: FTP bounce attack needs the server the support passive connections and the client program needs to use PORT command instead of the PASV command. 


Q444. Ron has configured his network to provide strong perimeter security. As part of his network architecture, he has included a host that is fully exposed to attack. The system is on the public side of the demilitarized zone, unprotected by a firewall or filtering router. What would you call such a host? 

A. Honeypot 

B. DMZ host 

C. DWZ host 

D. Bastion Host 

Answer: D

Explanation: A bastion host is a gateway between an inside network and an outside network. Used as a security measure, the bastion host is designed to defend against attacks aimed at the inside network. Depending on a network's complexity and configuration, a single bastion host may stand guard by itself, or be part of a larger security system with different layers of protection. 


Q445. Sally is a network admin for a small company. She was asked to install wireless accesspoints in the building. In looking at the specifications for the access-points, she sees that all of them offer WEP. Which of these are true about WEP? 

Select the best answer. 

A. Stands for Wireless Encryption Protocol 

B. It makes a WLAN as secure as a LAN 

C. Stands for Wired Equivalent Privacy 

D. It offers end to end security 

Answer:

Explanations: 

WEP is intended to make a WLAN as secure as a LAN but because a WLAN is not constrained by wired, this makes access much easier. Also, WEP has flaws that make it less secure than was once thought.WEP does not offer end-to-end security. It only attempts to protect the wireless portion of the network. 


Up to the minute ceh 312-50 pdf:

Q446. When referring to the Domain Name Service, what is denoted by a ‘zone’? 

A. It is the first domain that belongs to a company. 

B. It is a collection of resource records. 

C. It is the first resource record type in the SOA. 

D. It is a collection of domains. 

Answer: B

Explanation: A reasonable definition of a zone would be a portion of the DNS namespace where responsibility has been delegated. 


Q447. What does ICMP (type 11, code 0) denote? 

A. Unknown Type 

B. Time Exceeded 

C. Source Quench 

D. Destination Unreachable 

Answer: B

Explanation: An ICMP Type 11, Code 0 means Time Exceeded [RFC792], Code 0 = Time to Live exceeded in Transit and Code 1 = Fragment Reassembly Time Exceeded. 


Q448. TCP/IP Session Hijacking is carried out in which OSI layer? 

A. Transport layer 

B. Datalink layer 

C. Physical Layer 

D. Network Layer 

Answer: A


Q449. Bryan notices the error on the web page and asks Liza to enter liza' or '1'='1 in the email field. They are greeted with a message "Your login information has been mailed to 

johndoe@gmail.com". What do you think has occurred? 

A. The web application picked up a record at random 

B. The web application returned the first record it found 

C. The server error has caused the application to malfunction 

D. The web application emailed the administrator about the error 

Answer: B

Explanation: The web application sends a query to an SQL database and by giving it the criteria 1=1, which always will be true, it will return the first value it finds. 


Q450. Exhibit: * Missing* 

Jason's Web server was attacked by a trojan virus. He runs protocol analyzer and notices that the trojan communicates to a remote server on the Internet. Shown below is the standard "hexdump" representation of the network packet, before being decoded. Jason wants to identify the trojan by looking at the destination port number and mapping to a trojan-port number database on the Internet. Identify the remote server's port number by decoding the packet? 

A. Port 1890 (Net-Devil Trojan) 

B. Port 1786 (Net-Devil Trojan) 

C. Port 1909 (Net-Devil Trojan) 

D. Port 6667 (Net-Devil Trojan) 

Answer: D

Explanation: From trace, 0x1A0B is 6667, IRC Relay Chat, which is one port used. Other ports are in the 900's.