Master the 312-50 Ethical Hacking and Countermeasures (CEHv6) content and be ready for exam day success quickly with this Testking 312-50 test preparation. We guarantee it!We make it a reality and give you real 312-50 questions in our EC-Council 312-50 braindumps.Latest 100% VALID EC-Council 312-50 Exam Questions Dumps at below page. You can use our EC-Council 312-50 braindumps and pass your exam.
♥♥ 2021 NEW RECOMMEND ♥♥
Free VCE & PDF File for EC-Council 312-50 Real Exam (Full Version!)
★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW 312-50 Exam Dumps (PDF & VCE):
Available on:
http://www.surepassexam.com/312-50-exam-dumps.html
Q1. An attacker has been successfully modifying the purchase price of items purchased at a web site. The security administrators verify the web server and Oracle database have not been compromised directly. They have also verified the IDS logs and found no attacks that could have caused this. What is the mostly likely way the attacker has been able to modify the price?
A. By using SQL injection
B. By using cross site scripting
C. By changing hidden form values in a local copy of the web page
D. There is no way the attacker could do this without directly compromising either the web server or the database
Answer: C
Explanation: Changing hidden form values is possible when a web site is poorly built and is trusting the visitors computer to submit vital data, like the price of a product, to the database.
Q2. What are the six types of social engineering?(Choose six).
A. Spoofing
B. Reciprocation
C. Social Validation
D. Commitment
E. Friendship
F. Scarcity
G. Authority
H. Accountability
Answer: BCDEFG
Explanation: All social engineering is performed by taking advantage of human nature. For in-depth information on the subject review, read Robert Cialdini's book, Influence: Science and Practice.
Q3. BankerFox is a Trojan that is designed to steal users' banking data related to certain banking entities.
When they access any website of the affected banks through the vulnerable Firefox 3.5 browser, the Trojan is activated and logs the information entered by the user. All the information entered in that website will be logged by the Trojan and transmitted to the attacker's machine using covert channel.
BankerFox does not spread automatically using its own means. It needs an attacking user's intervention in order to reach the affected computer.
What is the most efficient way an attacker located in remote location to infect this banking Trojan on a victim's machine?
A. Physical access - the attacker can simply copy a Trojan horse to a victim's hard disk infecting the machine via Firefox add-on extensions
B. Custom packaging - the attacker can create a custom Trojan horse that mimics the appearance of a program that is unique to that particular computer
C. Custom packaging - the attacker can create a custom Trojan horse that mimics the appearance of a program that is unique to that particular computer
D. Custom packaging - the attacker can create a custom Trojan horse that mimics the appearance of a program that is unique to that particular computer
E. Downloading software from a website? An attacker can offer free software, such as shareware programs and pirated mp3 files
Answer: E
Q4. Michael is the security administrator for the for ABC company. Michael has been charged with strengthening the company’s security policies, including its password policies. Due to certain legacy applications. Michael was only able to enforce a password group policy in Active Directory with a minimum of 10 characters. He has informed the company’s employes, however that the new password policy requires that everyone must have complex passwords with at least 14 characters. Michael wants to ensure that everyone is using complex passwords that meet the new security policy requirements. Michael has just logged on to one of the network’s domain controllers and is about to run the following command:
What will this command accomplish?
A. Dumps SAM password hashes to pwd.txt
B. Password history file is piped to pwd.txt
C. Dumps Active Directory password hashes to pwd.txt
D. Internet cache file is piped to pwd.txt
Answer: A
Explanation: Pwdump is a hack tool that is used to grab Windows password hashes from a remote Windows computer. Pwdump > pwd.txt will redirect the output from pwdump to a text file named pwd.txt
Q5. What are the four steps is used by nmap scanning?
A. DNS Lookup
B. ICMP Message
C. Ping
D. Reverse DNS lookup
E. TCP three way handshake
F. The Actual nmap scan
Answer: ACDF
Explanation: Nmap performs four steps during a normal device scan. Some of these steps can be modified or disabled using options on the nmap command line.
Q6. Which of the following wireless technologies can be detected by NetStumbler? (Select all that apply)
A. 802.11b
B. 802.11e
C. 802.11a
D. 802.11g
E. 802.11
Answer: ACD
Explanation: If you check the website, cards for all three (A, B, G) are supported. See: http://www.stumbler.net/
Q7. An SNMP scanner is a program that sends SNMP requests to multiple IP addresses, trying different community strings and waiting for a reply. Unfortunately SNMP servers don't respond to requests with invalid community strings and the underlying protocol does not reliably report closed ports. This means that 'no response' from the probed IP address can mean which of the following:
(Select up to 3)
A. Invalid community string
B. S-AUTH protocol is running on the SNMP server
C. Machine unreachable
D. SNMP server not running
Answer: ACD
Explanation: http://en.wikipedia.org/wiki/Simple_Network_Management_Protocol
Q8. Bill has successfully executed a buffer overflow against a Windows IIS web server. He has been able to spawn an interactive shell and plans to deface the main web page. He first attempts to use the "echo" command to simply overwrite index.html and remains unsuccessful. He then attempts to delete the page and achieves no progress. Finally, he tries to overwrite it with another page in which also he remains unsuccessful. What is the probable cause of Bill's problem?
A. You cannot use a buffer overflow to deface a web page
B. There is a problem with the shell and he needs to run the attack again
C. The HTML file has permissions of read only
D. The system is a honeypot
Answer: C
Q9. Lyle is a systems security analyst for Gusteffson & Sons, a large law firm in Beverly Hills. Lyle's responsibilities include network vulnerability scans, Antivirus monitoring, and IDS monitoring. Lyle receives a help desk call from a user in the Accounting department. This user reports that his computer is running very slow all day long and it sometimes gives him an error message that the hard drive is almost full. Lyle runs a scan on the computer with the company antivirus software and finds nothing. Lyle downloads another free antivirus application and scans the computer again. This time a virus is found on the computer. The infected files appear to be Microsoft Office files since they are in the same directory as that software. Lyle does some research and finds that this virus disguises itself as a genuine application on a computer to hide from antivirus software. What type of virus has Lyle found on this computer?
A. This type of virus that Lyle has found is called a cavity virus.
B. Lyle has discovered a camouflage virus on the computer.
C. By using the free antivirus software, Lyle has found a tunneling virus on the computer.
D. Lyle has found a polymorphic virus on this computer
Answer: C
Q10. Bob reads an article about how insecure wireless networks can be. He gets approval from his management to implement a policy of not allowing any wireless devices on the network. What other steps does Bob have to take in order to successfully implement this? (Select 2 answer.)
A. Train users in the new policy.
B. Disable all wireless protocols at the firewall.
C. Disable SNMP on the network so that wireless devices cannot be configured.
D. Continuously survey the area for wireless devices.
Answer: AD
Explanation: If someone installs a access point and connect it to the network there is no way to find it unless you are constantly surveying the area for wireless devices. SNMP and firewalls can not prevent the installation of wireless devices on the corporate network.