Exam Code: 312-50 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: Ethical Hacking and Countermeasures (CEHv6)
Certification Provider: EC-Council
Free Today! Guaranteed Training- Pass 312-50 Exam.


♥♥ 2021 NEW RECOMMEND ♥♥

Free VCE & PDF File for EC-Council 312-50 Real Exam (Full Version!)

★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW 312-50 Exam Dumps (PDF & VCE):
Available on: http://www.surepassexam.com/312-50-exam-dumps.html

Q121. Steve scans the network for SNMP enabled devices. Which port number Steve should scan? 

A. 69 

B. 150 

C. 161 

D. 169 

Answer: C

Explanation: The SNMP default port is 161. Port 69 is used for tftp, 150 is for SQL-NET and 169 is for SEND. 


Q122. Which of the following Registry location does a Trojan add entries to make it persistent on Windows 7? (Select 2 answers) 

A. HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun 

B. HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsSystem32CurrentVersion Run 

C. HKEY_CURRENT_USERSoftwareMicrosoftWindowsSystem32CurrentVersionRun 

D. HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun 

Answer: AD


Q123. 000 00 00 BA 5E BA 11 00 A0 C9 B0 5E BD 08 00 45 00 ...^......^...E. 010 05 DC 1D E4 40 00 7F 06 C2 6D 0A 00 00 02 0A 00 ....@....m...... 020 01 C9 00 50 07 75 05 D0 00 C0 04 AE 7D F5 50 10 ...P.u......}.P. 030 70 79 8F 27 00 00 48 54 54 50 2F 31 2E 31 20 32 py.'..HTTP/1.1.2 040 30 30 20 4F 4B 0D 0A 56 69 61 3A 20 31 2E 30 20 00.OK..Via:.1.0. 050 53 54 52 49 44 45 52 0D 0A 50 72 6F 78 79 2D 43 STRIDER..Proxy-C 060 6F 6E 6E 65 63 74 69 6F 6E 3A 20 4B 65 65 70 2D onnection:.Keep-070 41 6C 69 76 65 0D 0A 43 6F 6E 74 65 6E 74 2D 4C Alive..Content-L 080 65 6E 67 74 68 3A 20 32 39 36 37 34 0D 0A 43 6F ength:.29674..Co 090 6E 74 65 6E 74 2D 54 79 70 65 3A 20 74 65 78 74 ntent-Type:.text 0A0 2F 68 74 6D 6C 0D 0A 53 65 72 76 65 72 3A 20 4D /html..Server:. 0B0 69 63 72 6F 73 6F 66 74 2D 49 49 53 2F 34 2E 30 ..Microsoft 0C0 0D 0A 44 61 74 65 3A 20 53 75 6E 2C 20 32 35 20 ..Date:.Sun,.25. 0D0 4A 75 6C 20 31 39 39 39 20 32 31 3A 34 35 3A 35 Jul.1999.21:45:5 0E0 31 20 47 4D 54 0D 0A 41 63 63 65 70 74 2D 52 61 1.GMT..Accept-Ra 0F0 6E 67 65 73 3A 20 62 79 74 65 73 0D 0A 4C 61 73 nges:.bytes..Las 100 74 2D 4D 6F 64 69 66 69 65 64 3A 20 4D 6F 6E 2C t-Modified:.Mon, 

110 20 31 39 20 4A 75 6C 20 31 39 39 39 20 30 37 3A .19.Jul.1999.07: 120 33 39 3A 32 36 20 47 4D 54 0D 0A 45 54 61 67 3A 39:26.GMT..ETag: 130 20 22 30 38 62 37 38 64 33 62 39 64 31 62 65 31 ."08b78d3b9d1be1 140 3A 61 34 61 22 0D 0A 0D 0A 3C 74 69 74 6C 65 3E :a4a"....<title> 150 53 6E 69 66 66 69 6E 67 20 28 6E 65 74 77 6F 72 Sniffing.(networ 160 6B 20 77 69 72 65 74 61 70 2C 20 73 6E 69 66 66 k.wiretap,.sniff 170 65 72 29 20 46 41 51 3C 2F 74 69 74 6C 65 3E 0D er).FAQ</title>. 180 0A 0D 0A 3C 68 31 3E 53 6E 69 66 66 69 6E 67 20 ...<h1>Sniffing. 190 28 6E 65 74 77 6F 72 6B 20 77 69 72 65 74 61 70 (network.wiretap 1A0 2C 20 73 6E 69 66 66 65 72 29 20 46 41 51 3C 2F ,.sniffer).FAQ</ 1B0 68 31 3E 0D 0A 0D 0A 54 68 69 73 20 64 6F 63 75 h1>....This.docu 1C0 6D 65 6E 74 20 61 6E 73 77 65 72 73 20 71 75 65 ment.answers.que 1D0 73 74 69 6F 6E 73 20 61 62 6F 75 74 20 74 61 70 stions.about.tap 1E0 70 69 6E 67 20 69 6E 74 6F 20 0D 0A 63 6F 6D 70 ping.into...comp 1F0 75 74 65 72 20 6E 65 74 77 6F 72 6B 73 20 61 6E uter.networks.an 

This packet was taken from a packet sniffer that monitors a Web server. 

This packet was originally 1514 bytes long, but only the first 512 bytes are shown here. This is the standard hexdump representation of a network packet, before being decoded. A hexdump has three columns: the offset of each line, the hexadecimal data, and the ASCII equivalent. This packet contains a 14-byte Ethernet header, a 20-byte IP header, a 20-byte TCP header, an HTTP header ending in two line-feeds (0D 0A 0D 0A) and then the data. By examining the packet identify the name and version of the Web server? 

A. Apache 1.2 

B. IIS 4.0 

C. IIS 5.0 

D. Linux WServer 2.3 

Answer: B

Explanation: We see that the server is Microsoft, but the exam designer didn’t want to make it easy for you. So what they did is blank out the IIS 4.0. The key is in line “0B0” as you see: 0B0 69 63 72 6F 73 6F 66 74 2D 49 49 53 2F 34 2E 30 ..Microsoft 

49 is I, so we get II 53 is S, so we get IIS 2F is a space 34 is 4 2E is . 30 is 0 So we get IIS 4.0 

The answer is B 

If you don’t remember the ASCII hex to Character, there are enough characters and numbers already converted. For example, line “050” has STRIDER which is 53 54 52 49 44 45 52 and gives you the conversion for the “I:” and “S” characters (which is “49” and “53”). 


Q124. You want to use netcat to generate huge amount of useless network data continuously for various performance testing between 2 hosts. 

Which of the following commands accomplish this? 

A. Machine A #yes AAAAAAAAAAAAAAAAAAAAAA | nc –v –v –l –p 2222 > /dev/null Machine B #yes BBBBBBBBBBBBBBBBBBBBBB | nc machinea 2222 > /dev/null 

B. Machine A cat somefile | nc –v –v –l –p 2222 Machine B cat somefile | nc othermachine 2222 C. Machine A nc –l –p 1234 | uncompress –c | tar xvfp Machine B tar cfp - /some/dir | compress –c | nc –w 3 machinea 1234 

D. Machine A while true : do nc –v –l –s –p 6000 machineb 2 Machine B while true ; do nc –v –l –s –p 6000 machinea 2 done 

Answer: A

Explanation: Machine A is setting up a listener on port 2222 using the nc command and then having the letter A sent an infinite amount of times, when yes is used to send data yes NEVER stops until it recieves a break signal from the terminal (Control+C), on the client end (machine B), nc is being used as a client to connect to machine A, sending the letter B and infinite amount of times, while both clients have established a TCP connection each client is infinitely sending data to each other, this process will run FOREVER until it has been stopped by an administrator or the attacker. 


Q125. You are having problems while retrieving results after performing port scanning during internal testing. You verify that there are no security devices between you and the target system. When both stealth and connect scanning do not work, you decide to perform a NULL scan with NMAP. The first few systems scanned shows all ports open. 

Which one of the following statements is probably true? 

A. The systems have all ports open. 

B. The systems are running a host based IDS. 

C. The systems are web servers. 

D. The systems are running Windows. 

Answer: D

Explanation: The null scan turns off all flags, creating a lack of TCP flags that should never occur in the real world. If the port is closed, a RST frame should be returned and a null scan to an open port results in no response. Unfortunately Microsoft (like usual) decided to completely ignore the standard and do things their own way. Thus this scan type will not work against systems running Windows as they choose not to response at all. This is a good way to distinguish that the system being scanned is running Microsoft Windows. 


Q126. Which of the following Trojans would be considered 'Botnet Command Control Center'? 

A. YouKill DOOM 

B. Damen Rock 

C. Poison Ivy D. Matten Kit 

Answer: C


Q127. Why would an attacker want to perform a scan on port 137? 

A. To discover proxy servers on a network 

B. To disrupt the NetBIOS SMB service on the target host 

C. To check for file and print sharing on Windows systems 

D. To discover information about a target host using NBTSTAT 

Answer: D

Explanation: Microsoft encapsulates netbios information within TCP/Ip using ports 135-139. It is trivial for an attacker to issue the following command: 

nbtstat -A (your Ip address) from their windows machine and collect information about your windows machine (if you are not blocking traffic to port 137 at your borders). 


Q128. One of the ways to map a targeted network for live hosts is by sending an ICMP ECHO request to the broadcast or the network address. The request would be broadcasted to all hosts on the targeted network. The live hosts will send an ICMP ECHO Reply to the attacker's source IP address. 

You send a ping request to the broadcast address 192.168.5.255. 

There are 40 computers up and running on the target network. Only 13 hosts send a reply while others do not. Why? 

A. Windows machines will not generate an answer (ICMP ECHO Reply) to an ICMP ECHO request aimed at the broadcast address or at the network address. 

B. Linux machines will not generate an answer (ICMP ECHO Reply) to an ICMP ECHO request aimed at the broadcast address or at the network address. 

C. You should send a ping request with this command ping ? 192.168.5.0-255 

D. You cannot ping a broadcast address. The above scenario is wrong. 

Answer: A


Q129. Liza has forgotten her password to an online bookstore. The web application asks her to key in her email so that they can send her the password. Liza enters her email liza@yahoo.com'. The application displays server error. What is wrong with the web application? 

A. The email is not valid 

B. User input is not sanitized 

C. The web server may be down 

D. The ISP connection is not reliable 

Answer: B

Explanation: All input from web browsers, such as user data from HTML forms and cookies, must be stripped of special characters and HTML tags as described in the following CERT advisories: http://www.cert.org/advisories/CA-1997-25.html http://www.cert.org/advisories/CA-2000-02.html 


Q130. Statistics from cert.org and other leading security organizations has clearly showed a steady rise in the number of hacking incidents perpetrated against companies. 

What do you think is the main reason behind the significant increase in hacking attempts over the past years? 

A. It is getting more challenging and harder to hack for non technical people. 

B. There is a phenomenal increase in processing power. 

C. New TCP/IP stack features are constantly being added. 

D. The ease with which hacker tools are available on the Internet. 

Answer:

Explanation: Today you don’t need to be a good hacker in order to break in to various systems, all you need is the knowledge to use search engines on the internet.