Act now and download your EC-Council 312-50 test today! Do not waste time for the worthless EC-Council 312-50 tutorials. Download Renewal EC-Council Ethical Hacking and Countermeasures (CEHv6) exam with real questions and answers and begin to learn EC-Council 312-50 with a classic professional.

2021 Sep 312-50 exam price

Q321. One of your junior administrator is concerned with Windows LM hashes and password cracking. In your discussion with them, which of the following are true statements that you would point out? 

Select the best answers. 

A. John the Ripper can be used to crack a variety of passwords, but one limitation is that the output doesn't show if the password is upper or lower case. 

B. BY using NTLMV1, you have implemented an effective countermeasure to password cracking. 

C. SYSKEY is an effective countermeasure. 

D. If a Windows LM password is 7 characters or less, the hash will be passed with the following characters, in HEX- 00112233445566778899. 

E. Enforcing Windows complex passwords is an effective countermeasure. 

Answer: ACE

Explanations: 

John the Ripper can be used to crack a variety of passwords, but one limitation is that the output doesn't show if the password is upper or lower case. John the Ripper is a very effective password cracker. It can crack passwords for many different types of operating systems. However, one limitation is that the output doesn't show if the password is upper or lower case. BY using NTLMV1, you have implemented an effective countermeasure to password cracking. NTLM Version 2 (NTLMV2) is a good countermeasure to LM password cracking (and therefore a correct answer). To do this, set Windows 9x and NT systems to "send NTLMv2 responses only". SYSKEY is an effective countermeasure. It uses 128 bit encryption on the local copy of the Windows SAM. If a Windows LM password is 7 characters or less, the has will be passed with the following characters: 0xAAD3B435B51404EE Enforcing Windows complex passwords is an effective countermeasure to password cracking. Complex passwords are- greater than 6 characters and have any 3 of the following 4 items: upper case, lower case, special characters, and numbers. 


Q322. Why would an attacker want to perform a scan on port 137? 

A. To discover proxy servers on a network 

B. To disrupt the NetBIOS SMB service on the target host 

C. To check for file and print sharing on Windows systems 

D. To discover information about a target host using NBTSTAT 

Answer: D

Explanation: Microsoft encapsulates netbios information within TCP/Ip using ports 135-139. It is trivial for an attacker to issue the following command: 

nbtstat -A (your Ip address) from their windows machine and collect information about your windows machine (if you are not blocking traffic to port 137 at your borders). 


Q323. What does the following command in "Ettercap" do? 

ettercap –NCLzs –quiet 

A. This command will provide you the entire list of hosts in the LAN 

B. This command will check if someone is poisoning you and will report its IP 

C. This command will detach ettercap from console and log all the sniffed passwords to a file 

D. This command broadcasts ping to scan the LAN instead of ARP request all the subset IPs 

Answer: C

Explanation: -L specifies that logging will be done to a binary file and –s tells us it is running in script mode. 


Q324. This attack uses social engineering techniques to trick users into accessing a fake Web site and divulging personal information. Attackers send a legitimate-looking e-mail asking users to update their information on the company's Web site, but the URLs in the e-mail actually point to a false Web site. 

A. Wiresharp attack 

B. Switch and bait attack 

C. Phishing attack 

D. Man-in-the-Middle attack 

Answer: C


Q325. Statistics from cert.org and other leading security organizations has clearly showed a steady rise in the number of hacking incidents perpetrated against companies. 

What do you think is the main reason behind the significant increase in hacking attempts over the past years? 

A. It is getting more challenging and harder to hack for non technical people. 

B. There is a phenomenal increase in processing power. 

C. New TCP/IP stack features are constantly being added. 

D. The ease with which hacker tools are available on the Internet. 

Answer: D 

Explanation: Today you don’t need to be a good hacker in order to break in to various systems, all you need is the knowledge to use search engines on the internet. 


312-50 real exam

Most recent 312-50 question:

Q326. Jonathan being a keen administrator has followed all of the best practices he could find on securing his Windows Server. He renamed the Administrator account to a new name that can’t be easily guessed but there remain people who attempt to compromise his newly renamed administrator account. How can a remote attacker decipher the name of the administrator account if it has been renamed? 

A. The attacker guessed the new name 

B. The attacker used the user2sid program 

C. The attacker used to sid2user program 

D. The attacker used NMAP with the V option 

Answer: C

Explanation: User2sid.exe can retrieve a SID from the SAM (Security Accounts Manager) from the local or a remote machine Sid2user.exe can then be used to retrieve the names of all the user accounts and more. These utilities do not exploit a bug but call the functions LookupAccountName and LookupAccountSid respectively. What is more these can be called against a remote machine without providing logon credentials save those needed for a null session connection. 


Q327. Dan is conducting a penetration testing and has found a vulnerability in a Web Application which gave him the sessionID token via a cross site scripting vulnerability. Dan wants to replay this token. However, the session ID manager (on the server) checks the originating IP address as well. Dan decides to spoof his IP address in order to replay the sessionID. Why do you think Dan might not be able to get an interactive session? 

A. Dan cannot spoof his IP address over TCP network 

B. The server will send replies back to the spoofed IP address 

C. Dan can establish an interactive session only if he uses a NAT 

D. The scenario is incorrect as Dan can spoof his IP and get responses 

Answer: B 

Explanation: Spoofing your IP address is only effective when there is no need to establish a two way connection as all traffic meant to go to the attacker will end up at the place of the spoofed address. 


Q328. Anonymizer sites access the Internet on your behalf, protecting your personal information from disclosure. An anonymizer protects all of your computer's identifying information while it surfs for you, enabling you to remain at least one step removed from the sites you visit. 

You can visit Web sites without allowing anyone to gather information on sites visited by you. Services that provide anonymity disable pop-up windows and cookies, and conceal visitor's IP address. 

These services typically use a proxy server to process each HTTP request. When the user requests a Web page by clicking a hyperlink or typing a URL into their browser, the service retrieves and displays the information using its own server. The remote server (where the requested Web page resides) receives information on the anonymous Web surfing service in place of your information. 

In which situations would you want to use anonymizer? (Select 3 answers) 

A. Increase your Web browsing bandwidth speed by using Anonymizer 

B. To protect your privacy and Identity on the Internet 

C. To bypass blocking applications that would prevent access to Web sites or parts of sites that you want to visit. 

D. Post negative entries in blogs without revealing your IP identity 

Answer: BCD


Q329. You work for Acme Corporation as Sales Manager. The company has tight network security restrictions. You are trying to steal data from the company's Sales database (Sales.xls) and transfer them to your home computer. Your company filters and monitors traffic that leaves from the internal network to the Internet. How will you achieve this without raising suspicion? 

A. Encrypt the Sales.xls using PGP and e-mail it to your personal gmail account 

B. Package the Sales.xls using Trojan wrappers and telnet them back your home computer 

C. You can conceal the Sales.xls database in another file like photo.jpg or other files and send it out in an innocent looking email or file transfer using Steganography techniques 

D. Change the extension of Sales.xls to sales.txt and upload them as attachment to your hotmail account 

Answer: C


Q330. You have been called to investigate a sudden increase in network traffic at company. It seems that the traffic generated was too heavy that normal business functions could no longer be rendered to external employees and clients. After a quick investigation, you find that the computer has services running attached to TFN2k and Trinoo software. What do you think was the most likely cause behind this sudden increase in traffic? 

A. A distributed denial of service attack. 

B. A network card that was jabbering. 

C. A bad route on the firewall. 

D. Invalid rules entry at the gateway. 

Answer: A

Explanation: In computer security, a denial-of-service attack (DoS attack) is an attempt to make a computer resource unavailable to its intended users. Typically the targets are high-profile web servers, and the attack attempts to make the hosted web pages unavailable on the Internet. It is a computer crime that violates the Internet proper use policy as indicated by the Internet Architecture Board (IAB). TFN2K and Trinoo are tools used for conducting DDos attacks.