It is impossible to pass EC-Council 312-50 exam without any help in the short term. Come to Pass4sure soon and find the most advanced, correct and guaranteed EC-Council 312-50 practice questions. You will get a surprising result by our Down to date Ethical Hacking and Countermeasures (CEHv6) practice guides.
2021 Mar 312-50 practice
Q311. Jack Hacker wants to break into company’s computers and obtain their secret double fudge cookie recipe. Jacks calls Jane, an accountant at company pretending to be an administrator from company. Jack tells Jane that there has been a problem with some accounts and asks her to verify her password with him “just to double check our records”. Jane does not suspect anything amiss, and parts with her password. Jack can now access company’s computers with a valid user name and password, to steal the cookie recipe.
What kind of attack is being illustrated here? (Choose the best answer)
A. Reverse Psychology
B. Reverse Engineering
C. Social Engineering
D. Spoofing Identity
E. Faking Identity
Answer: C
Explanation: This is a typical case of pretexting. Pretexting is the act of creating and using an invented scenario (the pretext) to persuade a target to release information or perform an action and is usually done over the telephone.
Q312. Bob is a Junior Administrator at ABC Company. He is installing the RedHat Enterprise Linux on his machine. At installation time, he removed the “Use MD5” options. What will be the hashing standard?
A. MD2
B. DES
C. 3DES
D. RSA
Answer: B
Explanation: crypt() will return an encrypted string using the standard Unix DES-based encryption algorithm or alternative algorithms that may be available on the system. By removing the “Use MD5” option Bob forces crypt() to revert to DES encryption.
Q313. Bob has set up three web servers on Windows Server 2008 IIS 7.0. Bob has followed all the recommendations for securing the operating system and IIS. These servers are going to run numerous e-commerce websites that are projected to bring in thousands of dollars a day. Bob is still concerned about the security of these servers because of the potential for financial loss. Bob has asked his company's firewall administrator to set the firewall to inspect all incoming traffic on ports 80 and 443 to ensure that no malicious data is getting into the network.
Why will this not be possible?
A. Firewalls cannot inspect traffic coming through port 443
B. Firewalls can only inspect outbound traffic
C. Firewalls cannot inspect traffic at all, they can only block or allow certain ports
D. Firewalls cannot inspect traffic coming through port 80
Answer: C
Q314. Jack Hackers wants to break into Brown’s Computers and obtain their secret double fudge cookie recipe. Jack calls Jane, an accountant at Brown Co. pretending to be an administrator from Brown Co. Jack tell Jane that there has been a problem with some accounts and asks her to verify her password with him “just to double check our records”. Jane does not suspect anything amiss and parts her password. Jack can now access Brown Co.’s computer with a valid username and password to steal the cookie recipe. What kind of attack is being illustrated here?
A. Faking Identity
B. Spoofing Identity
C. Social Engineering
D. Reverse Psychology
E. Reverse Engineering
Answer: C
Explanation: Social engineering is a collection of techniques used to manipulate people into performing actions or divulging confidential information. While similar to a confidence trick or simple fraud, the term typically applies to trickery for information gathering or computer system access and in most cases the attacker never comes face-to-face with the victim.
Q315. Which of the following nmap command in Linux procedures the above output?
A. sudo nmap –sP 192.168.0.1/24
B. root nmap –sA 192.168.0.1/24
C. run nmap –TX 192.168.0.1/24
D. launch nmap –PP 192.168.0.1/24
Answer: A
Explanation: This is an output from a ping scan. The option –sP will give you a ping scan of the 192.168.0.1/24 network.
Topic 4, Enumeration
129. Sandra has been actively scanning the client network on which she is doing a vulnerability assessment test. While conducting a port scan she notices open ports in the range of 135 to 139. What protocol is most likely to be listening on those ports?
A. Finger
B. FTP
C. Samba
D. SMB
Answer: D
Explanation: The SMB (Server Message Block) protocol is used among other things for file sharing in Windows NT / 2000. In Windows NT it ran on top of NBT (NetBIOS over TCP/IP), which used the famous ports 137, 138 (UDP) and 139 (TCP). In Windows 2000, Microsoft added the possibility to run SMB directly over TCP/IP, without the extra layer of NBT. For this they use TCP port 445.
Improved 312-50 exam cost:
Q316. On wireless networks, SSID is used to identify the network. Why are SSID not considered to be a good security mechanism to protect a wireless networks?
A. The SSID is only 32 bits in length.
B. The SSID is transmitted in clear text.
C. The SSID is the same as the MAC address for all vendors.
D. The SSID is to identify a station, not a network.
Answer: B
Explanation: The SSID IS constructed to identify a network, it IS NOT the same as the MAC address and SSID’s consists of a maximum of 32 alphanumeric characters.
Q317. Ethernet switches can be adversely affected by rapidly bombarding them with spoofed ARP responses. He port to MAC Address table (CAM Table) overflows on the switch and rather than failing completely, moves into broadcast mode, then the hacker can sniff all of the packets on the network.
Which of the following tool achieves this?
A. ./macof
B. ./sniffof
C. ./dnsiff
D. ./switchsnarf
Answer: A
Explanation: macof floods the local network with random MAC addresses (causing some switches to fail open in repeating mode, facilitating sniffing).
Q318. John is the network administrator of XSECURITY systems. His network was recently compromised. He analyzes the logfiles to investigate the attack.
Take a look at the following Linux logfile snippet. The hacker compromised and "owned" a Linux machine. What is the hacker trying to accomplish here?
[root@apollo /]# rm rootkit.c
[root@apollo /]# [root@apollo /]# ps -aux | grep inetd ; ps -aux | grep portmap ;
rm /sbin/portmap ; rm /tmp/h ; rm /usr/sbin/rpc.portmap ; rm -rf .bash* ; rm -rf /root/.bash_history ; rm - rf /usr/sbin/namedps -aux | grep inetd ; ps -aux | grep portmap ;
rm /sbin/por359 ? 00:00:00 inetd 359 ? 00:00:00 inetd
rm: cannot remove `/tmp/h': No such file or directory
rm: cannot remove `/usr/sbin/rpc.portmap': No such file or directory
[root@apollo /]# ps -aux | grep portmap
[root@apollo /]# [root@apollo /]# ps -aux | grep inetd ; ps -aux | grep portmap ; rm
/sbin/portmap ;
rm /tmp/h ; rm /usr/sbin/rpc.portmap ; rm -rf .bash* ; rm -rf /root/.bash_history ; rm - rf
/usr/sbin/namedps -aux | grep inetd ; ps -aux | grep portmap ; rm /sbin/por359 ? 00:00:00
inetd
rm: cannot remove `/sbin/portmap': No such file or directory
rm: cannot remove `/tmp/h': No such file or directory
>rm: cannot remove `/usr/sbin/rpc.portmap': No such file or directory
[root@apollo /]# rm: cannot remove `/sbin/portmap': No such file or directory
A. The hacker is planting a rootkit
B. The hacker is trying to cover his tracks
C. The hacker is running a buffer overflow exploit to lock down the system
D. The hacker is attempting to compromise more machines on the network
Answer: B
Explanation: By deleting temporary directories and emptying like bash_history that contains the last commands used with the bash shell he is trying to cover his tracks.
Q319. Why would an attacker want to perform a scan on port 137?
A. To discover proxy servers on a network
B. To disrupt the NetBIOS SMB service on the target host
C. To check for file and print sharing on Windows systems
D. To discover information about a target host using NBTSTAT
Answer: D
Explanation: Microsoft encapsulates netbios information within TCP/Ip using ports 135-139. It is trivial for an attacker to issue the following command:
nbtstat -A (your Ip address) from their windows machine and collect information about your windows machine (if you are not blocking traffic to port 137 at your borders).
Q320. You have just received an assignment for an assessment at a company site. Company's management is concerned about external threat and wants to take appropriate steps to insure security is in place. Anyway the management is also worried about possible threats coming from inside the site, specifically from employees belonging to different Departments. What kind of assessment will you be performing ?
A. Black box testing
B. Black hat testing
C. Gray box testing
D. Gray hat testing
E. White box testing
F. White hat testing
Answer: C
Explanation: Internal Testing is also referred to as Gray-box testing.