The actual EC-Council 312-50v8 questions are usually up to date through our technicians instantly. Youre going to get the newest simulated examination questions which can be in keeping with the present EC-Council examination. Much more significantly, the particular revise date lengthy to One hundred and eighty days, exhibiting you will probably have half the years time and energy to research 312-50v8 puts.
2021 Sep 312-50v8 practice test
Q201. Harold works for Jacobson Unlimited in the IT department as the security manager. Harold has created a security policy requiring all employees to use complex 14 character passwords. Unfortunately, the members of management do not want to have to use such long complicated passwords so they tell Harold's boss this new password policy should not apply to them. To comply with the management's wishes, the IT department creates another Windows domain and moves all the management users to that domain. This new domain has a password policy only requiring 8 characters.
Harold is concerned about having to accommodate the managers, but cannot do anything about it. Harold is also concerned about using LanManager security on his network instead of NTLM or NTLMv2, but the many legacy applications on the network prevent using the more secure NTLM and NTLMv2. Harold pulls the SAM files from the DC's on the original domain and the new domain using Pwdump6.
Harold uses the password cracking software John the Ripper to crack users' passwords to make sure they are strong enough. Harold expects that the users' passwords in the original domain will take much longer to crack than the management's passwords in the new domain. After running the software, Harold discovers that the 14 character passwords only took a short time longer to crack than the 8 character passwords.
Why did the 14 character passwords not take much longer to crack than the 8 character passwords?
A. Harold should have used Dumpsec instead of Pwdump6
B. Harold's dictionary file was not large enough
C. Harold should use LC4 instead of John the Ripper
D. LanManger hashes are broken up into two 7 character fields
Answer: D
Q202. Study the following exploit code taken from a Linux machine and answer the questions below:
echo “ingreslock stream tcp nowait root /bin/sh sh –I" > /tmp/x;
/usr/sbin/inetd –s /tmp/x;
sleep 10;
/bin/ rm –f /tmp/x AAAA…AAA
In the above exploit code, the command “/bin/sh sh –I" is given.
What is the purpose, and why is ‘sh’ shown twice?
A. The command /bin/sh sh –i appearing in the exploit code is actually part of an inetd configuration file.
B. The length of such a buffer overflow exploit makes it prohibitive for user to enter manually.
The second ‘sh’ automates this function.
C. It checks for the presence of a codeword (setting the environment variable) among the environment variables.
D. It is a giveaway by the attacker that he is a script kiddy.
Answer: A
Q203. What type of port scan is shown below?
A. Idle Scan
B. FIN Scan
C. XMAS Scan
D. Windows Scan
Answer: B
Q204. _____ is the process of converting something from one representation to the simplest form. It deals with the way in which systems convert data from one form to another.
A. Canonicalization
B. Character Mapping
C. Character Encoding
D. UCS transformation formats
Answer: A
Q205. Which of the following wireless technologies can be detected by NetStumbler? (Select all
that apply)
A. 802.11b
B. 802.11e
C. 802.11a
D. 802.11g
E. 802.11
Answer: ACD
Update 312-50v8 exam cram:
Q206. What is the main difference between a “Normal” SQL Injection and a “Blind” SQL Injection vulnerability?
A. The request to the web server is not visible to the administrator of the vulnerable application.
B. The attack is called “Blind” because,although the application properly filters user input,it is still vulnerable to code injection.
C. The successful attack does not show an error message to the administrator of the affected application.
D. The vulnerable application does not display errors with information about the injection results to the attacker.
Answer: D
Q207. You ping a target IP to check if the host is up. You do not get a response. You suspect ICMP is blocked at the firewall. Next you use hping2 tool to ping the target host and you get a response. Why does the host respond to hping2 and not ping packet?
A. Ping packets cannot bypass firewalls
B. You must use ping 10.2.3.4 switch
C. Hping2 uses stealth TCP packets to connect
D. Hping2 uses TCP instead of ICMP by default
Answer: D
Q208. Fingerprinting.VPN firewalls is possible with which of the following tools?
A. Angry IP
B. Nikto
C. Ike-scan
D. Arp-scan
Answer: C
Q209. ____________ will let you assume a users identity at a dynamically generated web page or site.
A. SQL attack
B. Injection attack
C. Cross site scripting
D. The shell attack
E. Winzapper
Answer: C
Q210. You perform the above traceroute and notice that hops 19 and 20 both show the same IP address.
This probably indicates what?
A. A host based IDS
B. A Honeypot
C. A stateful inspection firewall
D. An application proxying firewall
Answer: C