Finding Renewal 312-50 testing bible
It is more faster and easier to pass the EC-Council 312-50 exam by using Realistic EC-Council Ethical Hacking and Countermeasures (CEHv6) questuins and answers. Immediate access to the Regenerate 312-50 Exam and find the same core area 312-50 questions with professionally verified answers, then PASS your exam with a high score now.
2021 Mar 312-50 actual exam
Q161. How would you describe a simple yet very effective mechanism for sending and receiving unauthorized information or data between machines without alerting any firewalls and IDS's on a network?
A. Covert Channel
B. Crafted Channel
C. Bounce Channel
D. Deceptive Channel
Explanation: A covert channel is described as: "any communication channel that can be exploited by a process to transfer information in a manner that violates the systems security policy."
Essentially, it is a method of communication that is not part of an actual computer system design, but can be used to transfer information to users or system processes that normally would not be allowed access to the information.
Q162. What command would you type to OS fingerprint a server using the command line?
A. Option A
B. Option B
C. Option C
D. Option D
Q163. Melissa is a virus that attacks Microsoft Windows platforms.
To which category does this virus belong?
B. Boot Sector infector
Explanation: The Melissa macro virus propagates in the form of an email message containing an infected Word document as an attachment.
Q164. Within the context of Computer Security, which of the following statements best describe Social Engineering?
A. Social Engineering is the act of publicly disclosing information.
B. Social Engineering is the act of getting needed information from a person rather than breaking into a system.
C. Social Engineering is the means put in place by human resource to perform time accounting.
D. Social Engineering is a training program within sociology studies.
Explanation: Social engineering is a collection of techniques used to manipulate people into performing actions or divulging confidential information.
Q165. Neil is an IT security consultant working on contract for Davidson Avionics. Neil has been hired to audit the network of Davidson Avionics. He has been given permission to perform any tests necessary. Neil has created a fake company ID badge and uniform. Neil waits by one of the company's entrance doors and follows an employee into the office after they use their valid access card to gain entrance. What type of social engineering attack has Neil employed here?
A. Neil has used a tailgating social engineering attack to gain access to the offices
B. He has used a piggybacking technique to gain unauthorized access
C. This type of social engineering attack is called man trapping
D. Neil is using the technique of reverse social engineering to gain access to the offices of Davidson Avionics
Updated 312-50 latest exam:
Q166. One of your team members has asked you to analyze the following SOA record. What is the version?
Rutgers.edu.SOA NS1.Rutgers.edu ipad.college.edu (200302028 3600 3600 604800 2400.
Explanation: The SOA starts with the format of YYYYMMDDVV where VV is the version.
Q167. How does traceroute map the route a packet travels from point A to point B?
A. Uses a TCP timestamp packet that will elicit a time exceeded in transit message
B. Manipulates the value of the time to live (TTL) within packet to elicit a time exceeded in transit message
C. Uses a protocol that will be rejected by gateways on its way to the destination
D. Manipulates the flags within packets to force gateways into generating error messages
Q168. Liza has forgotten her password to an online bookstore. The web application asks her to key in her email so that they can send her the password. Liza enters her email email@example.com'. The application displays server error. What is wrong with the web application?
A. The email is not valid
B. User input is not sanitized
C. The web server may be down
D. The ISP connection is not reliable
Explanation: All input from web browsers, such as user data from HTML forms and cookies, must be stripped of special characters and HTML tags as described in the following CERT advisories: http://www.cert.org/advisories/CA-1997-25.html http://www.cert.org/advisories/CA-2000-02.html
Q169. An Employee wants to bypass detection by a network-based IDS application and does not want to attack the system containing the IDS application. Which of the following strategies can the employee use to evade detection by the network based IDS application?
A. Create a ping flood
B. Create a SYN flood
C. Create a covert network tunnel
D. Create multiple false positives
Explanation: HTTP Tunneling is a technique by which communications performed using various network protocols are encapsulated using the HTTP protocol, the network protocols in question usually belonging to the TCP/IP family of protocols. The HTTP protocol therefore acts as a wrapper for a covert channel that the network protocol being tunneled uses to communicate. The HTTP stream with its covert channel is termed a HTTP Tunnel. Very few firewalls blocks outgoing HTTP traffic.
Q170. When Jason moves a file via NFS over the company's network, you want to grab a copy of it by sniffing. Which of the following tool accomplishes this?
Explanation: Filesnarf - sniff files from NFS traffic
Specify the interface to listen on.
-v "Versus" mode. Invert the sense of matching, to
select non-matching files.
Specify regular expression for filename matching.
Specify a tcpdump(8) filter expression to select
traffic to sniff.
see more http://www.2passeasy.com/exam/312-50/