★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW 312-50 Exam Dumps (PDF & VCE):
Available on: https://www.certleader.com/312-50-dumps.html


Exam Code: 312-50 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: Ethical Hacking and Countermeasures (CEHv6)
Certification Provider: EC-Council
Free Today! Guaranteed Training- Pass 312-50 Exam.

2021 Dec certified ethical hacker exam 312-50 pdf:

Q141. What is a sheepdip? 

A. It is another name for Honeynet 

B. It is a machine used to coordinate honeynets 

C. It is the process of checking physical media for virus before they are used in a computer 

D. None of the above 

Answer: C

Explanation: Also known as a footbath, a sheepdip is the process of checking physical media, such as floppy disks or CD-ROMs, for viruses before they are used in a computer. Typically, a computer that sheepdips is used only for that process and nothing else and is isolated from the other computers, meaning it is not connected to the network. Most sheepdips use at least two different antivirus programs in order to increase effectiveness. 


Q142. One of the effective DoS/DDoS countermeasures is 'Throttling'. Which statement correctly defines this term? 

A. Set up routers that access a server with logic to adjust incoming traffic to levels that will be safe for the server to process 

B. Providers can increase the bandwidth on critical connections to prevent them from going down in the event of an attack 

C. Replicating servers that can provide additional failsafe protection 

D. Load balance each server in a multiple-server architecture 

Answer: A


Q143. Bill is attempting a series of SQL queries in order to map out the tables within the database that he is trying to exploit. 

Choose the attack type from the choices given below. 

A. Database Fingerprinting 

B. Database Enumeration 

C. SQL Fingerprinting 

D. SQL Enumeration 

Answer: A

Explanation: He is trying to create a view of the characteristics of the target database, he is taking it’s fingerprints. 


Q144. Which of the following is the primary objective of a rootkit? 

A. It opens a port to provide an unauthorized service 

B. It creates a buffer overflow 

C. It replaces legitimate programs 

D. It provides an undocumented opening in a program 

Answer: C

Explanation: Actually the objective of the rootkit is more to hide the fact that a system has been compromised and the normal way to do this is by exchanging, for example, ls to a version that doesn’t show the files and process implanted by the attacker. 


Q145. Charlie is an IT security consultant that owns his own business in Denver. Charlie has recently been hired by Fleishman Robotics, a mechanical engineering company also in Denver. After signing service level agreements and other contract papers, Charlie asks to look over the current company security policies. Based on these policies, Charlie compares the policies against what is actually in place to secure the company's network. From this information, Charlie is able to produce a report to give to company executives showing which areas the company is lacking in. This report then becomes the basis for all of Charlie's remaining tests. 

What type of initial analysis has Charlie performed to show the company which areas it needs improvements in? 

A. Charlie has performed a BREACH analysis; showing the company where its weak points are 

B. This analysis would be considered a vulnerability analysis 

C. This type of analysis is called GAP analysis 

D. This initial analysis performed by Charlie is called an Executive Summary 

Answer: C

Explanation: In business and economics, gap analysis is a tool that helps a company to compare its actual performance with its potential performance. 

At its core are two questions: "Where are we?" and "Where do we want to be?". 

http://en.wikipedia.org/wiki/Gap_analysis 


Abreast of the times 312-50 vce:

Q146. Giles is the network administrator for his company, a graphics design company based in Dallas. Most of the network is comprised of Windows servers and workstations, except for some designers that prefer to use MACs. These MAC users are running on the MAC OS X operating system. These MAC users also utilize iChat to talk between each other. Tommy, one of these MAC users, calls Giles and says that his computer is running very slow. Giles then gets more calls from the other MAC users saying they are receiving instant messages from Tommy even when he says he is not on his computer. Giles immediately unplugs Tommy's computer from the network to take a closer look. He opens iChat on Tommy's computer and it says that it sent a file called latestpics.tgz to all the other MAC users. Tommy says he never sent those files. Giles also sees that many of the computer's applications appear to be altered. The path where the files should be has an altered file and the original application is stored in the file's resource fork. 

What has Giles discovered on Tommy's computer? 

A. He has discovered OSX/Chat-burner virus on Tommy's computer 

B. Giles has found the OSX/Leap-A virus on Tommy's computer 

C. This behavior is indicative of the OSX/Inqtana.A virus 

D. On Tommy's computer, Giles has discovered an apparent infection of the OSX/Transmitter.B virus 

Answer: B

Explanation: OSX.Leap.A is a worm that targets installs of Macintosh OS X and spreads via iChat Instant Messenger program. http://www.symantec.com/security_response/writeup.jsp?docid=2006-021614-4006-99 


Q147. According to the CEH methodology, what is the next step to be performed after footprinting? 

A. Enumeration 

B. Scanning 

C. System Hacking 

D. Social Engineering 

E. Expanding Influence 

Answer:

Explanation: Once footprinting has been completed, scanning should be attempted next. 

Scanning should take place on two distinct levels: network and host. 


Q148. What is the proper response for a FIN scan if the port is open? 

A. SYN 

B. ACK 

C. FIN 

D. PSH 

E. RST 

F. No response 

Answer:

Explanation: Open ports respond to a FIN scan by ignoring the packet in question. 


Q149. Which type of password cracking technique works like dictionary attack but adds some numbers and symbols to the words from the dictionary and tries to crack the password? 

A. Dictionary attack 

B. Brute forcing attack 

C. Hybrid attack 

D. Syllable attack 

E. Rule-based attack 

Answer: C


Q150. Jake works as a system administrator at Acme Corp. Jason, an accountant of the firm befriends him at the canteen and tags along with him on the pretext of appraising him about potential tax benefits. Jason waits for Jake to swipe his access card and follows him through the open door into the secure systems area. How would you describe Jason's behavior within a security context? 

A. Trailing 

B. Tailgating 

C. Swipe Gating 

D. Smooth Talking 

Answer: B

Explanation: Tailgating, in which an unauthorized person follows someone with a pass into an office, is a very simple social engineering attack. The intruder opens the door, which the authorized user walks through, and then engages them in conversation about the weather or weekend sport while they walk past the reception area together.