Cause all that matters here is passing the EC-Council 312-50 exam. Cause all that you need is a high score of 312-50 Ethical Hacking and Countermeasures (CEHv6) exam. The only one thing you need to do is downloading Exambible 312-50 exam study guides now. We will not let you down with our money-back guarantee.

2021 Sep 312-50 download

Q91. SNMP is a protocol used to query hosts, servers, and devices about performance or health status data. This protocol has long been used by hackers to gather great amount of information about remote hosts. 

Which of the following features makes this possible? (Choose two) 

A. It used TCP as the underlying protocol. 

B. It uses community string that is transmitted in clear text. 

C. It is susceptible to sniffing. 

D. It is used by all network devices on the market. 

Answer: BC

Explanation: Simple Network Management Protocol (SNMP) is a protocol which can be used by administrators to remotely manage a computer or network device. There are typically 2 modes of remote SNMP monitoring. These modes are roughly 'READ' and 'WRITE' (or PUBLIC and PRIVATE). If an attacker is able to guess a PUBLIC community string, they would be able to read SNMP data (depending on which MIBs are installed) from the remote device. This information might include system time, IP addresses, interfaces, processes running, etc. Version 1 of SNMP has been criticized for its poor security. Authentication of clients is performed only by a "community string", in effect a type of password, which is transmitted in cleartext. 


Q92. John is a keen administrator, and has followed all of the best practices as he could find on securing his Windows Server. He has renamed the Administrator account to a new name that he is sure cannot be easily guessed. However, there are people who already attempt to compromise his newly renamed administrator account. 

How is it possible for a remote attacker to decipher the name of the administrator account if it has been renamed? 

A. The attacker used the user2sid program. 

B. The attacker used the sid2user program. 

C. The attacker used nmap with the –V switch. 

D. The attacker guessed the new name. 

Answer: B

Explanation: User2sid.exe can retrieve a SID from the SAM (Security Accounts Manager) from the local or a remote machine Sid2user.exe can then be used to retrieve the names of all the user accounts and more. These utilities do not exploit a bug but call the functions LookupAccountName and LookupAccountSid respectively. What is more these can be called against a remote machine without providing logon credentials save those needed for a null session connection. 


Q93. What is Hunt used for? 

A. Hunt is used to footprint networks 

B. Hunt is used to sniff traffic 

C. Hunt is used to hack web servers 

D. Hunt is used to intercept traffic i.e. man-in-the-middle traffic 

E. Hunt is used for password cracking 

Answer: D

Explanation: Hunt can be used to intercept traffic. It is useful with telnet, ftp, and others to grab traffic between two computers or to hijack sessions. 


Q94. How do you defend against DHCP Starvation attack? 


A. Enable ARP-Block on the switch 

B. Enable DHCP snooping on the switch 

C. Configure DHCP-BLOCK to 1 on the switch 

D. Install DHCP filters on the switch to block this attack 

Answer: B


Q95. When a malicious hacker identifies a target and wants to eventually compromise this target, what would be among the first steps that he would perform? (Choose the best answer) 

A. Cover his tracks by eradicating the log files and audit trails. 

B. Gain access to the remote computer in order to conceal the venue of attacks. 

C. Perform a reconnaissance of the remote target for identical of venue of attacks. 

D. Always begin with a scan in order to quickly identify venue of attacks. 

Answer: C

Explanation: A hacker always starts with a preparatory phase (Reconnaissance) where he seeks to gather as much information as possible about the target of evaluation prior to launching an attack. The reconnaissance can be either passive or active (or both). 


312-50 real exam

Renewal 312-50 download:

Q96. On wireless networks, SSID is used to identify the network. Why are SSID not considered to be a good security mechanism to protect a wireless networks? 

A. The SSID is only 32 bits in length. 

B. The SSID is transmitted in clear text. 

C. The SSID is the same as the MAC address for all vendors. 

D. The SSID is to identify a station, not a network. 

Answer: B

Explanation: The SSID IS constructed to identify a network, it IS NOT the same as the MAC address and SSID’s consists of a maximum of 32 alphanumeric characters. 


Q97. While footprinting a network, what port/service should you look for to attempt a zone transfer? 

A. 53 UDP 

B. 53 TCP 

C. 25 UDP 

D. 25 TCP 

E. 161 UDP 

F. 22 TCP 

G. 60 TCP 

Answer: B 

Explanation: IF TCP port 53 is detected, the opportunity to attempt a zone transfer is there. 


Q98. Symmetric encryption algorithms are known to be fast but present great challenges on the key management side. Asymmetric encryption algorithms are slow but allow communication with a remote host without having to transfer a key out of band or in person. If we combine the strength of both crypto systems where we use the symmetric algorithm to encrypt the bulk of the data and then use the asymmetric encryption system to encrypt the symmetric key, what would this type of usage be known as? 

A. Symmetric system 

B. Combined system 

C. Hybrid system 

D. Asymmetric system 

Answer: C

Explanation: Because of the complexity of the underlying problems, most public-key algorithms involve operations such as modular multiplication and exponentiation, which are much more computationally expensive than the techniques used in most block ciphers, especially with typical key sizes. As a result, public-key cryptosystems are commonly "hybrid" systems, in which a fast symmetric-key encryption algorithm is used for the message itself, while the relevant symmetric key is sent with the message, but encrypted using a public-key algorithm. Similarly, hybrid signature schemes are often used, in which a cryptographic hash function is computed, and only the resulting hash is digitally signed. 


Q99. What is the IV key size used in WPA2? 

A. 32 

B. 24 

C. 16 

D. 48 

E. 128 

Answer: D


Q100. Exhibit 


Joe Hacker runs the hping2 hacking tool to predict the target host’s sequence numbers in one of the hacking session. 

What does the first and second column mean? Select two. 

A. The first column reports the sequence number 

B. The second column reports the difference between the current and last sequence number 

C. The second column reports the next sequence number 

D. The first column reports the difference between current and last sequence number 

Answer: AB