★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW 312-50 Exam Dumps (PDF & VCE):
Available on: https://www.certleader.com/312-50-dumps.html


Having a EC-Council EC-Council certification within hand will increase your employment possibilities and increase up your confidence in the career market. EC-Council EC-Council certificate can be one of people most desired certifications. Due to the fierce competitors in the The idea field, the actual certificate of EC-Council 312-50 can be an advantage in your case to have any place in the world associated with Internet Technological innovation. That is why most of the The idea aspirants want to get the EC-Council 312-50 certification. Your expertise will be enhanced by preparing the actual EC-Council 312-50 exam questions. Tired of many advertisements about EC-Council EC-Council exam preparation on the internet, you should quit at Pass4sure. Pass4sure will provide with all the high-quality and important EC-Council 312-50 studying materials that are beneficial in the course of your function.

2021 Mar 312-50 rapidshare

Q261. Barney is looking for a Windows NT/2000/XP command-line tool that can be used to assign display or modify ACLs (Access Control Lists) to files or folders and that could also be used within batch files. Which of the following tools could be used for this purpose? 

A. PERM.EXE 

B. CACLS.EXE 

C. CLACS.EXE 

D. NTPERM.EXE 

Answer:

Explanation: Cacls.exe (Change Access Control Lists) is an executable in Microsoft Windows to change Access Control List (ACL) permissions on a directory, its subcontents, or files. An access control list is a list of permissions for a file or directory that controls who can access it. 

Topic 12, Web Application Vulnerabilities 

356. Which of the following statements best describes the term Vulnerability? 

A. A weakness or error that can lead to a compromise 

B. An agent that has the potential to take advantage of a weakness 

C. An action or event that might prejudice security 

D. The loss potential of a threat. 

Answer:

Explanation: Vulnerabilities are all weaknesses that can be exploited. 


Q262. You have installed antivirus software and you want to be sure that your AV signatures are working correctly. You don't want to risk the deliberate introduction of a live virus to test the AV software. You would like to write a harmless test virus, which is based on the European Institute for Computer Antivirus Research format that can be detected by the AV software. 

How should you proceed? 

A. Type the following code in notepad and save the file as SAMPLEVIRUS.COM. Your antivirus program springs into action whenever you attempt to open, run or copy it. X5O!P%@AP[4\PZX54(P^)7CC)7}$SAMPLEVIRUS-STANDARD-ANTIVIRUS-TEST-FILE!$H+H* 

B. Type the following code in notepad and save the file as AVFILE.COM. Your antivirus program springs into action whenever you attempt to open, run or copy it. X5O!P%@AP[4\PZX54(P^)7CC)7}$AVFILE-STANDARD-ANTIVIRUS-TEST-FILE!$H+H* 

C. Type the following code in notepad and save the file as TESTAV.COM. Your antivirus program springs into action whenever you attempt to open, run or copy it. X5O!P%@AP[4\PZX54(P^)7CC)7}$TESTAV-STANDARD-ANTIVIRUS-TEST-FILE!$H+H* 

D. Type the following code in notepad and save the file as EICAR.COM. Your antivirus program springs into action whenever you attempt to open, run or copy it. X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H* 

Answer: D

Explanation: The EICAR test file (official name: EICAR Standard Anti-Virus Test File) is a file, developed by the European Institute for Computer Antivirus Research, to test the response of computer antivirus (AV) programs. The rationale behind it is to allow people, companies, and AV programmers to test their software without having to use a real computer virus that could cause actual damage should the AV not respond correctly. EICAR likens the use of a live virus to test AV software to setting a fire in a trashcan to test a fire alarm, and promotes the EICAR test file as a safe alternative. 


Q263. Which type of attack is port scanning? 

A. Web server attack 

B. Information gathering 

C. Unauthorized access 

D. Denial of service attack 

Answer: B


Q264. What is GINA? 

A. Gateway Interface Network Application 

B. GUI Installed Network Application CLASS 

C. Global Internet National Authority (G-USA) 

D. Graphical Identification and Authentication DLL 

Answer: D

Explanation: In computing, GINA refers to the graphical identification and authentication library, a component of some Microsoft Windows operating systems that provides secure authentication and interactive logon services. 


Q265. Clive has been monitoring his IDS and sees that there are a huge number of ICMP Echo Reply packets that are being received on the external gateway interface. Further inspection reveals that they are not responses from the internal hosts’ requests but simply responses coming from the Internet. 

What could be the most likely cause? 

A. Someone has spoofed Clive’s IP address while doing a smurf attack. 

B. Someone has spoofed Clive’s IP address while doing a land attack. 

C. Someone has spoofed Clive’s IP address while doing a fraggle attack. 

D. Someone has spoofed Clive’s IP address while doing a DoS attack. 

Answer: A

Explanation: The smurf attack, named after its exploit program, is a denial-of-service attack that uses spoofed broadcast ping messages to flood a target system. In such an attack, a perpetrator sends a large amount of ICMP echo (ping) traffic to IP broadcast addresses, all of it having a spoofed source address of the intended victim. If the routing device delivering traffic to those broadcast addresses performs the IP broadcast to layer 2 broadcast function, most hosts on that IP network will take the ICMP echo request and reply to it with an echo reply, multiplying the traffic by the number of hosts responding. On a multi-access broadcast network, hundreds of machines might reply to each packet. 


Avant-garde 312-50 vce:

Q266. _____ is found in all versions of NTFS and is described as the ability to fork file data into existing files without affecting their functionality, size, or display to traditional file browsing utilities like dir or Windows Explorer 

A. Steganography 

B. Merge Streams 

C. NetBIOS vulnerability 

D. Alternate Data Streams 

Answer:

Explanation: ADS (or Alternate Data Streams) is a “feature” in the NTFS file system that makes it possible to hide information in alternate data streams in existing files. The file can have multiple data streams and the data streams are accessed by filename:stream. 


Q267. An employee wants to defeat detection by a network-based IDS application. He does not want to attack the system containing the IDS application. 

Which of the following strategies can be used to defeat detection by a network-based IDS application? (Choose the best answer) 

A. Create a network tunnel. 

B. Create a multiple false positives. 

C. Create a SYN flood. 

D. Create a ping flood. 

Answer: A

Explanation: Certain types of encryption presents challenges to network-based intrusion detection and may leave the IDS blind to certain attacks, where a host-based IDS analyzes the data after it has been decrypted. 


Q268. Bill has started to notice some slowness on his network when trying to update his company’s website while trying to access the website from the Internet. Bill asks the help desk manager if he has received any calls about slowness from the end users, but the help desk manager says that he has not. Bill receives a number of calls from customers that can’t access the company website and can’t purchase anything online. Bill logs on to a couple of this routers and notices that the logs shows network traffic is at all time high. He also notices that almost all the traffic is originating from a specific address. 

Bill decides to use Geotrace to find out where the suspect IP is originates from. The Geotrace utility runs a traceroute and finds that IP is coming from Panama. Bill knows that none of his customers are in Panama so he immediately thinks that his company is under a Denial of Service attack. Now Bill needs to find out more about the originating IP Address. 

What Internet registry should Bill look in to find the IP Address? 

A. LACNIC 

B. ARIN 

C. RIPELACNIC 

D. APNIC 

Answer: A

Explanation: LACNIC is the Latin American and Caribbean Internet Addresses Registry that administers IP addresses, autonomous system numbers, reverse DNS, and other network resources for that region. 


Q269. While examining a log report you find out that an intrusion has been attempted by a machine whose IP address is displayed as 0xde.0xad.0xbe.0xef. It looks to you like a hexadecimal number. You perform a ping 0xde.0xad.0xbe.0xef. Which of the following IP addresses will respond to the ping and hence will likely be responsible for the the intrusion ? 

A. 192.10.25.9 

B. 10.0.3.4 

C. 203.20.4.5 

D. 222.273.290.239 

E. 222.173.290.239 

Answer: E

Explanation: Convert the hex number to binary and then to decimal. 

0xde.0xad.0xbe.0xef translates to 222.173.190.239 and not 222.273.290.239 

0xef = 

15*1 = 15 

14*16 = 224 

= 239 

0xbe = 14*1 = 14 11*16 = 176 

= 190 

0xad = 13*1 = 13 10*16 = 160 

= 173 

0xde = 14*1 = 14 13*16 = 208 

= 222 


Q270. NSLookup is a good tool to use to gain additional information about a target network. What does the following command accomplish? 

nslookup 

> server <ipaddress> 

> set type =any 

> ls -d <target.com> 

A. Enables DNS spoofing 

B. Loads bogus entries into the DNS table 

C. Verifies zone security 

D. Performs a zone transfer 

E. Resets the DNS cache 

Answer: D

Explanation: If DNS has not been properly secured, the command sequence displayed above will perform a zone transfer.