We provide real 312-50 exam questions and answers braindumps in two formats. Download PDF & Practice Tests. Pass EC-Council 312-50 Exam quickly & easily. The 312-50 PDF type is available for reading and printing. You can print more and practice many times. With the help of our EC-Council 312-50 dumps pdf and vce product and material, you can easily pass the 312-50 exam.
Q241. What does the following command in netcat do?
nc -l -u -p 55555 < /etc/passwd
A. logs the incoming connections to /etc/passwd file
B. loads the /etc/passwd file to the UDP port 55555
C. grabs the /etc/passwd file when connected to UDP port 55555
D. deletes the /etc/passwd file when connected to the UDP port 55555
Answer: C
Explanation: -l forces netcat to listen for incoming connections.
-u tells netcat to use UDP instead of TCP
-p 5555 tells netcat to use port 5555
< /etc/passwd tells netcat to grab the /etc/passwd file when connected to.
Q242. Barney is looking for a Windows NT/2000/XP command-line tool that can be used to assign display or modify ACLs (Access Control Lists) to files or folders and that could also be used within batch files. Which of the following tools could be used for this purpose?
A. PERM.EXE
B. CACLS.EXE
C. CLACS.EXE
D. NTPERM.EXE
Answer: B
Explanation: Cacls.exe (Change Access Control Lists) is an executable in Microsoft Windows to change Access Control List (ACL) permissions on a directory, its subcontents, or files. An access control list is a list of permissions for a file or directory that controls who can access it.
Topic 12, Web Application Vulnerabilities
356. Which of the following statements best describes the term Vulnerability?
A. A weakness or error that can lead to a compromise
B. An agent that has the potential to take advantage of a weakness
C. An action or event that might prejudice security
D. The loss potential of a threat.
Answer: A
Explanation: Vulnerabilities are all weaknesses that can be exploited.
Q243. Which of the following is the best way an attacker can passively learn about technologies used in an organization?
A. By sending web bugs to key personnel
B. By webcrawling the organization web site
C. By searching regional newspapers and job databases for skill sets technology hires need to possess in the organization
D. By performing a port scan on the organization's web site
Answer: C
Explanation: Note: Sending web bugs, webcrawling their site and port scanning are considered "active" attacks, the question asks "passive"
Q244. Neil monitors his firewall rules and log files closely on a regular basis. Some of the users have complained to Neil that there are a few employees who are visiting offensive web sites during work hours, without consideration for others. Neil knows that he has an updated content filtering system and that such access should not be authorized.
What type of technique might be used by these offenders to access the Internet without restriction?
A. They are using UDP which is always authorized at the firewall.
B. They are using tunneling software which allows them to communicate with protocols in a way it was not intended.
C. They have been able to compromise the firewall, modify the rules, and give themselves proper access.
D. They are using an older version of Internet Explorer that allows them to bypass the proxy server.
Answer: B
Explanation: This can be accomplished by, for example, tunneling the http traffic over SSH if you have a SSH server answering to your connection, you enable dynamic forwarding in the ssh client and configure Internet Explorer to use a SOCKS Proxy for network traffic.
Q245. What type of port scan is represented here.
A. Stealth Scan
B. Full Scan
C. XMAS Scan
D. FIN Scan
Answer: A
Q246. Name two software tools used for OS guessing.(Choose two.
A. Nmap
B. Snadboy
C. Queso
D. UserInfo
E. NetBus
Answer: AC
Explanation: Nmap and Queso are the two best-known OS guessing programs. OS guessing software has the ability to look at peculiarities in the way that each vendor implements the RFC's. These differences are compared with its database of known OS fingerprints. Then a best guess of the OS is provided to the user.
Q247. Which Steganography technique uses Whitespace to hide secret messages?
A. snow
B. beetle
C. magnet
D. cat
Answer: A
Q248. Because UDP is a connectionless protocol: (Select 2)
A. UDP recvfrom() and write() scanning will yield reliable results
B. It can only be used for Connect scans
C. It can only be used for SYN scans
D. There is no guarantee that the UDP packets will arrive at their destination
E. ICMP port unreachable messages may not be returned successfully
Answer: DE
Explanation: Neither UDP packets, nor the ICMP errors are guaranteed to arrive, so UDP scanners must also implement retransmission of packets that appear to be lost (or you will get a bunch of false positives).
Q249. Which of the following attacks takes best advantage of an existing authenticated connection
A. Spoofing
B. Session Hijacking
C. Password Sniffing
D. Password Guessing
Answer: B
Explanation: Session hijacking is the act of taking control of a user session after successfully obtaining or generating an authentication session ID. Session hijacking involves an attacker using captured, brute forced or reverse-engineered session IDs to seize control of a legitimate user's Web application session while that session is still in progress.
Q250. _____ is a type of symmetric-key encryption algorithm that transforms a fixed-length block of plaintext (unencrypted text) data into a block of ciphertext (encrypted text) data of the same length.
A. Bit Cipher
B. Hash Cipher
C. Block Cipher
D. Stream Cipher
Answer: C
Explanation: A block cipher is a symmetric key cipher which operates on fixed-length groups of bits, termed blocks, with an unvarying transformation. When encrypting, a block cipher might take a (for example) 128-bit block of plaintext as input, and output a corresponding 128-bit block of ciphertext.