It is impossible to pass EC-Council 312-50 exam without any help in the short term. Come to Actualtests soon and find the most advanced, correct and guaranteed EC-Council 312-50 practice questions. You will get a surprising result by our Improve Ethical Hacking and Countermeasures (CEHv6) practice guides.

2021 Mar 312-50 free practice exam

Q41. What would best be defined as a security test on services against a known vulnerability database using an automated tool? 

A. A penetration test 

B. A privacy review 

C. A server audit 

D. A vulnerability assessment 

Answer: D

Explanation: Vulnerability assessment is the process of identifying and quantifying vulnerabilities in a system. The system being studied could be a physical facility like a nuclear power plant, a computer system, or a larger system (for example the communications infrastructure or water infrastructure of a region). 


Q42. Why is Social Engineering considered attractive by hackers and also adopted by experts in the field? 

A. It is done by well known hackers and in movies as well. 

B. It does not require a computer in order to commit a crime. 

C. It is easy and extremely effective to gain information. 

D. It is not considered illegal. 

Answer: C

Explanation: Social engineering is a collection of techniques used to manipulate people into performing actions or divulging confidential information. While similar to a confidence trick or simple fraud, the term typically applies to trickery for information gathering or computer system access and in most (but not all) cases the attacker never comes face-to-face with the victim. The term has been popularized in recent years by well known (reformed) computer criminal and security consultant Kevin Mitnick who points out that it's much easier to trick someone into giving you his or her password for a system than to spend the effort to hack in. He claims it to be the single most effective method in his arsenal. 


Q43. You are a Administrator of Windows server. You want to find the port number for POP3. What file would you find the information in and where? 

Select the best answer. 

A. %windir%\\etc\\services 

B. system32\\drivers\\etc\\services 

C. %windir%\\system32\\drivers\\etc\\services 

D. /etc/services 

E. %windir%/system32/drivers/etc/services 

Answer: C

Explanation:

Explanations: %windir%\\system32\\drivers\\etc\\services is the correct place to look for this information. 


Q44. Bank of Timbukut is a medium-sized, regional financial institution in Timbuktu. The bank has deployed a new Internet-accessible Web Application recently. Customers can access their account balances, transfer money between accounts, pay bills and conduct online financial business using a web browser. 

John Stevens is in charge of information security at Bank of Timbukut. After one month in production, several customers have complained about the Internet enabled banking application. Strangely, the account balances of many of the bank’s customers had been changed ! However, money hasn’t been removed from the bank, instead money was transferred between accounts. Given this attack profile, John Stevens reviewed the Web Application’s logs and found the following entries. 

What kind of attack did the Hacker attempt to carry out at the Bank? 

A. Brute Force attack in which the Hacker attempted guessing login ID and password from password cracking tools 

B. The Hacker used a generator module to pass results to the Web Server and exploited Web Application CGI vulnerability. 

C. The Hacker first attempted logins with suspected user names, then used SQL injection to gain access to valid login IDs 

D. The Hacker attempted Session Hijacking, in which the hacker opened an account with the bank, then logged in to receive a session ID, guessed the next ID and took over Jason’s session. 

Answer:

Explanation: Typing things like ‘ or 1=1 – in the login field is evidence of a hacker trying out if the system is vulnerable to SQL injection. 

Topic 15, Hacking Wireless Networks 


Q45. A POP3 client contacts the POP3 server: 

A. To send mail 

B. To receive mail 

C. to send and receive mail 

D. to get the address to send mail to 

E. initiate a UDP SMTP connection to read mail 

Answer:

Explanation: POP is used to receive e-mail.SMTP is used to send e-mail. 


Improved 312-50 free practice questions:

Q46. Fred is scanning his network to ensure it is as secure as possible. Fred sends a TCP probe packet to a host with a FIN flag and he receives a RST/ACK response. What does this mean? 

A. This response means the port he is scanning is open. 

B. The RST/ACK response means the port Fred is scanning is disabled. 

C. This means the port he is scanning is half open. 

D. This means that the port he is scanning on the host is closed. 

Answer: D


Q47. There is some dispute between two network administrators at your company. Your boss asks you to come and meet with the administrators to set the record straight. Which of these are true about PKI and encryption? 

Select the best answers. 

A. PKI provides data with encryption, compression, and restorability. 

B. Public-key encryption was invented in 1976 by Whitfield Diffie and Martin Hellman. 

C. When it comes to eCommerce, as long as you have authenticity, and authenticity, you do not need encryption. 

D. RSA is a type of encryption. 

Answer: BD

Explanation: PKI provides confidentiality, integrity, and authenticity of the messages exchanged between these two types of systems. The 3rd party provides the public key and the receiver verifies the message with a combination of the private and public key. Public-key encryption WAS invented in 1976 by Whitfield Diffie and Martin Hellman. The famous hashing algorithm Diffie-Hellman was named after them. The RSA Algorithm is created by the RSA Security company that also has created other widely used encryption algorithms. 


Q48. Charlie is an IT security consultant that owns his own business in Denver. Charlie has recently been hired by Fleishman Robotics, a mechanical engineering company also in Denver. After signing service level agreements and other contract papers, Charlie asks to look over the current company security policies. Based on these policies, Charlie compares the policies against what is actually in place to secure the company's network. From this information, Charlie is able to produce a report to give to company executives showing which areas the company is lacking in. This report then becomes the basis for all of Charlie's remaining tests. 

What type of initial analysis has Charlie performed to show the company which areas it needs improvements in? 

A. Charlie has performed a BREACH analysis; showing the company where its weak points are 

B. This analysis would be considered a vulnerability analysis 

C. This type of analysis is called GAP analysis 

D. This initial analysis performed by Charlie is called an Executive Summary 

Answer: C

Explanation: In business and economics, gap analysis is a tool that helps a company to compare its actual performance with its potential performance. 

At its core are two questions: "Where are we?" and "Where do we want to be?". 

http://en.wikipedia.org/wiki/Gap_analysis 


Q49. 1 172.16.1.254 (172.16.1.254) 0.724 ms 3.285 ms 0.613 ms 2 ip68-98-176-1.nv.nv.cox.net (68.98.176.1) 12.169 ms 14.958 ms 13.416 ms 3 ip68-98-176-1.nv.nv.cox.net (68.98.176.1) 13.948 ms ip68-100-0-1.nv.nv.cox.net 

(68.100.0.1) 16.743 ms 16.207 ms 4 ip68-100-0-137.nv.nv.cox.net (68.100.0.137) 17.324 ms 13.933 ms 

20.938 ms 

5 68.1.1.4 (68.1.1.4) 12.439 ms 220.166 ms 204.170 ms 6 so-6-0-0.gar2.wdc1.Level3.net (67.29.170.1) 16.177 ms 25.943 ms 14.104 ms 7 unknown.Level3.net (209.247.9.173) 14.227 ms 17.553 ms 15.415 ms 8 so-0-1-0.bbr1.NewYork1.level3.net (64.159.1.41) 17.063 ms 20.960 ms 

19.512 ms 9 so-7-0-0.gar1.NewYork1.Level3.net (64.159.1.182) 20.334 ms 19.440 ms 

17.938 ms 10 so-4-0-0.edge1.NewYork1.Level3.net (209.244.17.74) 27.526 ms 18.317 ms 21.202 ms 11 uunet-level3-oc48.NewYork1.Level3.net (209.244.160.12) 21.411 ms 

19.133 ms 18.830 ms 12 0.so-6-0-0.XL1.NYC4.ALTER.NET (152.63.21.78) 21.203 ms 22.670 ms 

20.111 ms 13 0.so-2-0-0.TL1.NYC8.ALTER.NET (152.63.0.153) 30.929 ms 24.858 ms 

23.108 ms 14 0.so-4-1-0.TL1.ATL5.ALTER.NET (152.63.10.129) 37.894 ms 33.244 ms 

33.910 ms 15 0.so-7-0-0.XL1.MIA4.ALTER.NET (152.63.86.189) 51.165 ms 49.935 ms 

49.466 ms 16 0.so-3-0-0.XR1.MIA4.ALTER.NET (152.63.101.41) 50.937 ms 49.005 ms 

51.055 ms 17 117.ATM6-0.GW5.MIA1.ALTER.NET (152.63.82.73) 51.897 ms 50.280 ms 

53.647 ms 18 target-gw1.customer.alter.net (65.195.239.14) 51.921 ms 51.571 ms 

56.855 ms 19 www.target.com <http://www.target.com/> (65.195.239.22) 52.191 ms 

52.571 ms 56.855 ms 20 www.target.com <http://www.target.com/> (65.195.239.22) 53.561 ms 

54.121 ms 58.333 ms 

You perform the above traceroute and notice that hops 19 and 20 both show the same IP address. This probably indicates what? 

A. A host based IDS 

B. A Honeypot 

C. A stateful inspection firewall 

D. An application proxying firewall 

Answer: C


Q50. A very useful resource for passively gathering information about a target company is: 

A. Host scanning 

B. Whois search 

C. Traceroute 

D. Ping sweep 

Answer:

Explanation: A, C & D are "Active" scans, the question says: "Passively"