Its moment to put the Exambible EC-Council 312-50 practice questions and answers straight into use. You just need to spend a bit money plus a short span of your energy to practise the EC-Council 312-50 exam dumps. Its worthwhile to create great initiatives on the EC-Council 312-50 exam preparation. Exambible 312-50 analyze engine urge the candidates to crack the EC-Council 312-50 exam. We provide you with the most recent and accurate EC-Council 312-50 simulated questions and answers.

2021 Mar 312-50 free exam

Q221. While doing fast scan using –F option, which file is used to list the range of ports to scan by nmap? 

A. services 

B. nmap-services 

C. protocols 

D. ports 

Answer: B

Explanation: Nmap uses the nmap-services file to provide additional port detail for almost every scanning method. Every time a port is referenced, it's compared to an available description in this support file. If the nmap-services file isn't available, nmap reverts to the /etc/services file applicable for the current operating system. 


Q222. Michael is a junior security analyst working for the National Security Agency (NSA) working primarily on breaking terrorist encrypted messages. The NSA has a number of methods they use to decipher encrypted messages including Government Access to Keys (GAK) and inside informants. The NSA holds secret backdoor keys to many of the encryption algorithms used on the Internet. The problem for the NSA, and Michael, is that terrorist organizations are starting to use custom-built algorithms or obscure algorithms purchased from corrupt governments. For this reason, Michael and other security analysts like him have been forced to find different methods of deciphering terrorist messages. One method that Michael thought of using was to hide malicious code inside seemingly harmless programs. Michael first monitors sites and bulletin boards used by known terrorists, and then he is able to glean email addresses to some of these suspected terrorists. Michael then inserts a stealth keylogger into a mapping program file readme.txt and then sends that as an attachment to the terrorist. This keylogger takes screenshots every 2 minutes and also logs all keyboard activity into a hidden file on the terrorist's computer. Then, the keylogger emails those files to Michael twice a day with a built in SMTP server. What technique has Michael used to disguise this keylogging software? 

A. Steganography 

B. Wrapping 

C. ADS 

D. Hidden Channels 

Answer: A


Q223. Bob reads an article about how insecure wireless networks can be. He gets approval from his management to implement a policy of not allowing any wireless devices on the network. What other steps does Bob have to take in order to successfully implement this? (Select 2 answer.) 

A. Train users in the new policy. 

B. Disable all wireless protocols at the firewall. 

C. Disable SNMP on the network so that wireless devices cannot be configured. 

D. Continuously survey the area for wireless devices. 

Answer: AD

Explanation: If someone installs a access point and connect it to the network there is no way to find it unless you are constantly surveying the area for wireless devices. SNMP and firewalls can not prevent the installation of wireless devices on the corporate network. 


Q224. What ports should be blocked on the firewall to prevent NetBIOS traffic from not coming through the firewall if your network is comprised of Windows NT, 2000, and XP?(Choose all that apply. 

A. 110 

B. 135 

C. 139 

D. 161 

E. 445 

F. 1024 

Answer: BCE 

Explanation: NetBIOS traffic can quickly be used to enumerate and attack Windows computers. 

Ports 135, 139, and 445 should be blocked. 


Q225. In order to attack a wireless network, you put up an access point and override the signal of the real access point. As users send authentication data, you are able to capture it. What kind of attack is this? 

A. WEP attack 

B. Drive by hacking 

C. Rogue access point attack 

D. Unauthorized access point attack 

Answer: C

Explanation: The definition of a Rogue access point is:1. A wireless access point (AP) installed by an employee without the consent of the IT department. Without the proper security configuration, users have exposed their company's network to the outside world.2. An access point (AP) set up by an attacker outside a facility with a wireless network. Also called an "evil twin," the rogue AP picks up beacons (signals that advertise its presence) from the company's legitimate AP and transmits identical beacons, which some client machines inside the building associate with. 


Improve 312-50 torrent:

Q226. Scanning for services is an easy job for Bob as there are so many tools available from the Internet. In order for him to check the vulnerability of company, he went through a few scanners that are currently available. Here are the scanners that he uses: 

-Axent’s NetRecon (http://www.axent.com) 

-SARA, by Advanced Research Organization (http://www-arc.com/sara) 

-VLAD the Scanner, by Razor (http://razor.bindview.com/tools/) 

However, there are many other alternative ways to make sure that the services that have been scanned will be more accurate and detailed for Bob. 

What would be the best method to accurately identify the services running on a victim host? 

A. Using Cheops-ng to identify the devices of company. 

B. Using the manual method of telnet to each of the open ports of company. 

C. Using a vulnerability scanner to try to probe each port to verify or figure out which service is running for company. 

D. Using the default port and OS to make a best guess of what services are running on each port for company. 

Answer: B

Explanation: By running a telnet connection to the open ports you will receive banners that tells you what service is answering on that specific port. 


Q227. Dan is conducting a penetration testing and has found a vulnerability in a Web Application which gave him the sessionID token via a cross site scripting vulnerability. Dan wants to replay this token. However, the session ID manager (on the server) checks the originating IP address as well. Dan decides to spoof his IP address in order to replay the sessionID. Why do you think Dan might not be able to get an interactive session? 

A. Dan cannot spoof his IP address over TCP network 

B. The server will send replies back to the spoofed IP address 

C. Dan can establish an interactive session only if he uses a NAT 

D. The scenario is incorrect as Dan can spoof his IP and get responses 

Answer:

Explanation: Spoofing your IP address is only effective when there is no need to establish a two way connection as all traffic meant to go to the attacker will end up at the place of the spoofed address. 


Q228. Fred is the network administrator for his company. Fred is testing an internal switch. From an external IP address, Fred wants to try and trick this switch into thinking it already has established a session with his computer. How can Fred accomplish this? 

A. Fred can accomplish this by sending an IP packet with the RST/SIN bit and the source address of his computer. 

B. He can send an IP packet with the SYN bit and the source address of his computer. 

C. Fred can send an IP packet with the ACK bit set to zero and the source address of the switch. 

D. Fred can send an IP packet to the switch with the ACK bit and the source address of his machine. 

Answer: D


Q229. ou are gathering competitive intelligence on ABC.com. You notice that they have jobs 

listed on a few Internet job-hunting sites. There are two job postings for network and system administrators. How can this help you in footprint the organization? 

A. The IP range used by the target network 

B. An understanding of the number of employees in the company 

C. How strong the corporate security policy is 

D. The types of operating systems and applications being used. 

Answer: D

Explanation: From job posting descriptions one can see which is the set of skills, technical knowledge, system experience required, hence it is possible to argue what kind of operating systems and applications the target organization is using. 


Q230. Look at the following SQL query. SELECT * FROM product WHERE PCategory='computers' or 1=1--' What will it return? Select the best answer. 

A. All computers and all 1's 

B. All computers 

C. All computers and everything else 

D. Everything except computers 

Answer: C

Explanation: The 1=1 tells the SQL database to return everything, a simplified statement would be SELECT * FROM product WHERE 1=1 (which will always be true for all columns). Thus, this query will return all computers and everything else. The or 1=1 is a common test to see if a web application is vulnerable to a SQL attack.