It is impossible to pass EC-Council 312-50 exam without any help in the short term. Come to Ucertify soon and find the most advanced, correct and guaranteed EC-Council 312-50 practice questions. You will get a surprising result by our Down to date Ethical Hacking and Countermeasures (CEHv6) practice guides.

2021 Sep 312-50 practice test

Q431. What is the proper response for a NULL scan if the port is open? 

A. SYN 

B. ACK 

C. FIN 

D. PSH 

E. RST 

F. No response 

Answer: F 

Explanation: A NULL scan will have no response if the port is open. 


Q432. John wishes to install a new application onto his Windows 2000 server. 

He wants to ensure that any application he uses has not been Trojaned. 

What can he do to help ensure this? 

A. Compare the file's MD5 signature with the one published on the distribution media 

B. Obtain the application via SSL 

C. Compare the file's virus signature with the one published on the distribution media 

D. Obtain the application from a CD-ROM disc 

Answer: A

Explanation: MD5 was developed by Professor Ronald L. Rivest of MIT. What it does, to quote the executive summary of rfc1321, is: 

[The MD5 algorithm] takes as input a message of arbitrary length and produces as output a 128-bit "fingerprint" or "message digest" of the input. It is conjectured that it is computationally infeasible to produce two messages having the same message digest, or to produce any message having a given prespecified target message digest. The MD5 algorithm is intended for digital signature applications, where a large file must be "compressed" in a secure manner before being encrypted with a private (secret) key under a public-key cryptosystem such as RSA. 

In essence, MD5 is a way to verify data integrity, and is much more reliable than checksum and many other commonly used methods. 


Q433. Which of the following Trojans would be considered 'Botnet Command Control Center'? 

A. YouKill DOOM 

B. Damen Rock 

C. Poison Ivy D. Matten Kit 

Answer: C


Q434. You are the security administrator for a large online auction company based out of Los Angeles. After getting your ENSA CERTIFICATION last year, you have steadily been fortifying your network’s security including training OS hardening and network security. One of the last things you just changed for security reasons was to modify all the built-in administrator accounts on the local computers of PCs and in Active Directory. After through testing you found and no services or programs were affected by the name changes. 

Your company undergoes an outside security audit by a consulting company and they said that even through all the administrator account names were changed, the accounts could still be used by a clever hacker to gain unauthorized access. You argue with the auditors and say that is not possible, so they use a tool and show you how easy it is to utilize the administrator account even though its name was changed. 

What tool did the auditors use? 

A. sid2user 

B. User2sid 

C. GetAcct 

D. Fingerprint 

Answer: A

Explanation: User2sid.exe can retrieve a SID from the SAM (Security Accounts Manager) from the local or a remote machine Sid2user.exe can then be used to retrieve the names of all the user accounts and more. 


Q435. What file system vulnerability does the following command take advantage of? 

type c:\anyfile.exe > c:\winnt\system32\calc.exe:anyfile.exe 

A. HFS 

B. ADS 

C. NTFS 

D. Backdoor access 

Answer: B

Explanation: ADS (or Alternate Data Streams) is a “feature” in the NTFS file system that makes it possible to hide information in alternate data streams in existing files. The file can have multiple data streams and the data streams are accessed by filename:stream. 


312-50 free draindumps

Up to the minute 312-50 simulations:

Q436. You want to capture Facebook website traffic in Wireshark. What display filter should you use that shows all TCP packets that contain the word 'facebook'? 

A. display==facebook 

B. traffic.content==facebook 

C. tcp contains facebook 

D. list.display.facebook 

Answer: C


Q437. DRAG DROP 

A Successfully Attack by a malicious hacker can divide into five phases, Match the order: 


Answer: 



Q438. Joseph has just been hired on to a contractor company of the Department of Defense as their Senior Security Analyst. Joseph has been instructed on the company's strict security policies that have been implemented, and the policies that have yet to be put in place. Per the Department of Defense, all DoD users and the users of their contractors must use two-factor authentication to access their networks. Joseph has been delegated the task of researching and implementing the best two-factor authentication method for his company. Joseph's supervisor has told him that they would like to use some type of hardware device in tandem with a security or identifying pin number. Joseph's company has already researched using smart cards and all the resources needed to implement them, but found the smart cards to not be cost effective. What type of device should Joseph use for two-factor authentication? 

A. Biometric device 

B. OTP 

C. Proximity cards 

D. Security token 

Answer: D


Q439. Bob has a good understanding of cryptography, having worked with it for many years. Cryptography is used to secure data from specific threat, but it does not secure the application from coding errors. It can provide data privacy, integrity and enable strong authentication but it cannot mitigate programming errors. 

What is a good example of a programming error that Bob can use to illustrate to the management that encryption will not address all of their security concerns? 

A. Bob can explain that a random generator can be used to derive cryptographic keys but it uses a weak seed value and it is a form of programming error. 

B. Bob can explain that by using passwords to derive cryptographic keys it is a form of a programming error. 

C. Bob can explain that a buffer overflow is an example of programming error and it is a common mistake associated with poor programming technique. 

D. Bob can explain that by using a weak key management technique it is a form of programming error. 

Answer: C

Explanation: A buffer overflow occurs when you write a set of values (usually a string of characters) into a fixed length buffer and write at least one value outside that buffer's boundaries (usually past its end). A buffer overflow can occur when reading input from the user into a buffer, but it can also occur during other kinds of processing in a program. Technically, a buffer overflow is a problem with the program's internal implementation. 


Q440. What is a primary advantage a hacker gains by using encryption or programs such as Loki? 

A. It allows an easy way to gain administrator rights 

B. It is effective against Windows computers 

C. It slows down the effective response of an IDS 

D. IDS systems are unable to decrypt it 

E. Traffic will not be modified in transit 

Answer: D

Explanation: Because the traffic is encrypted, an IDS cannot understand it or evaluate the payload.