EC-Council 312-50 exam whose whole brand is EC-Council EC-Council 312-50 exam will be an exam regarding EC-Council EC-Council certification. Holding a EC-Council 312-50 certificate is the dream involving most This enthusiasts. Prepare your 312-50 exam is a difficult job regarding those who are usually busy on working. Take part in the EC-Council 312-50 online instruction course can be a quick as well as efficient approach for the 312-50 true exam preparation. Examcollection.com will be an authorized web site with a great deal of high-quality and valuable study resources. The variety of examinees who have got certified will be numerous and most of them get bought Examcollection EC-Council EC-Council merchandise.

2021 Mar 312-50 download

Q251. Peter extracts the SID list from Windows 2008 Server machine using the hacking tool "SIDExtracter". Here is the output of the SIDs: 

From the above list identify the user account with System Administrator privileges? 

A. John 

B. Rebecca 

C. Sheela 

D. Shawn 

E. Somia 

F. Chang 

G. Micah 

Answer: F


Q252. Which of the following nmap command in Linux procedures the above output? 

A. sudo nmap –sP 192.168.0.1/24 

B. root nmap –sA 192.168.0.1/24 

C. run nmap –TX 192.168.0.1/24 

D. launch nmap –PP 192.168.0.1/24 

Answer: A

Explanation: This is an output from a ping scan. The option –sP will give you a ping scan of the 192.168.0.1/24 network. 

Topic 4, Enumeration 

129. Sandra has been actively scanning the client network on which she is doing a vulnerability assessment test. While conducting a port scan she notices open ports in the range of 135 to 139. What protocol is most likely to be listening on those ports? 

A. Finger 

B. FTP 

C. Samba 

D. SMB 

Answer: D

Explanation: The SMB (Server Message Block) protocol is used among other things for file sharing in Windows NT / 2000. In Windows NT it ran on top of NBT (NetBIOS over TCP/IP), which used the famous ports 137, 138 (UDP) and 139 (TCP). In Windows 2000, Microsoft added the possibility to run SMB directly over TCP/IP, without the extra layer of NBT. For this they use TCP port 445. 


Q253. Ethereal works best on ____________. 

A. Switched networks 

B. Linux platforms 

C. Networks using hubs 

D. Windows platforms 

E. LAN's 

Answer: C

Explanation: Ethereal is used for sniffing traffic. It will return the best results when used on an unswitched (i.e. hub. network. 


Q254. The SYN Flood attack sends TCP connections requests faster than a machine can process them. 

Attacker creates a random source address for each packet. SYN flag set in each packet is a request to open a new connection to the server from the spoofed IP Address Victim responds to spoofed IP Address then waits for confirmation that never arrives (timeout wait is about 3 minutes) Victim’s connection table fills up waiting for replies and ignores new connection legitimate users are ignored and will not be able to access the server 

How do you protect your network against SYN Flood attacks? 

A. SYN cookies. Instead of allocating a record, send a SYN-ACK with a carefully constructed sequence number generated as a hash of the clients IP Address port number and other information. When the client responds with a normal ACK, that special sequence number will be included, which the server then verifies. Thus the server first allocates memory on the third packet of the handshake, not the first. 

B. RST cookies – The server sends a wrong SYN|ACK back to the client. The client should then generate a RST packet telling the server that something is wrong. At this point, the server knows the client is valid and will now accept incoming connections from that client normally. 

C. Micro Blocks. Instead of allocating a complete connection, simply allocate a micro-record of 16-bytes for the incoming SYN object. 

D. Stack Tweaking. TCP can be tweaked in order to reduce the effect of SYN floods. Reduce the timeout before a stack frees up the memory allocated for a connection. 

Answer: ABCD

Explanation: All above helps protecting against SYN flood attacks. Most TCP/IP stacks today are already tweaked to make it harder to perform a SYN flood DOS attack against a target. 


Q255. System Administrators sometimes post questions to newsgroups when they run into technical challenges. As an ethical hacker, you could use the information in newsgroup posting to glean insight into the makeup of a target network. How would you search for these posting using Google search? 

A. Search in Google using the key strings “the target company” and “newsgroups” 

B. Search for the target company name at http://groups.google.com 

C. Use NNTP websites to search for these postings 

D. Search in Google using the key search strings “the target company” and “forums” 

Answer: B

Explanation: Using http://groups.google.com is the easiest way to access various newsgroups today. Before http://groups.google.com you had to use special NNTP clients or subscribe to some nntp to web services. 


Renewal 312-50 free exam:

Q256. You are the Security Administrator of Xtrinity, Inc. You write security policies and conduct assesments to protect the company's network. During one of your periodic checks to see how well policy is being observed by the employees, you discover an employee has attached a modem to his telephone line and workstation. He has used this modem to dial in to his workstation, thereby bypassing your firewall. A security breach has occurred as a direct result of this activity. The employee explains that he used the modem because he had to download software for a department project. How would you resolve this situation? 

A. Reconfigure the firewall 

B. Conduct a needs analysis 

C. Install a network-based IDS 

D. Enforce the corporate security policy 

Answer: D

Explanation: The security policy is meant to always be followed until changed. If a need rises to perform actions that might violate the security policy you’ll have to find another way to accomplish the task or wait until the policy has been changed. 


Q257. To see how some of the hosts on your network react, Winston sends out SYN packets to an IP range. A number of IPs respond with a SYN/ACK response. Before the connection is established he sends RST packets to those hosts to stop the session. Winston has done this to see how his intrusion detection system will log the traffic. What type of scan is Winston attempting here? 

A. Winston is attempting to find live hosts on your company's network by using an XMAS scan. 

B. He is utilizing a SYN scan to find live hosts that are listening on your network. 

C. This type of scan he is using is called a NULL scan. 

D. He is using a half-open scan to find live hosts on your network. 

Answer: D


Q258. Jane wishes to forward X-Windows traffic to a remote host as well as POP3 traffic. She is worried that adversaries might be monitoring the communication link and could inspect captured traffic. She would line to tunnel the information to the remote end but does not have VPN capabilities to do so. 

Which of the following tools can she use to protect the link? 

A. MD5 

B. SSH 

C. RSA 

D. PGP 

Answer: B

Explanation: Port forwarding, or tunneling, is a way to forward otherwise insecure TCP traffic through SSH Secure Shell. You can secure for example POP3, SMTP and HTTP connections that would otherwise be insecure. 


Q259. John the hacker is sniffing the network to inject ARP packets. He injects broadcast frames onto the wire to conduct MiTM attack. What is the destination MAC address of a broadcast frame? 

A. 0xFFFFFFFFFFFF 

B. 0xAAAAAAAAAAAA 

C. 0xBBBBBBBBBBBB 

D. 0xDDDDDDDDDDDD 

Answer:

Explanation: 0xFFFFFFFFFFFF is the destination MAC address of the broadcast frame. 


Q260. Which of the following best describes Vulnerability? 

A. The loss potential of a threat 

B. An action or event that might prejudice security 

C. An agent that could take advantage of a weakness 

D. A weakness or error that can lead to compromise 

Answer: D

Explanation: A vulnerability is a flaw or weakness in system security procedures, design or implementation that could be exercised (accidentally triggered or intentionally exploited) and result in a harm to an IT system or activity.