Finding Updated 312-50 bootcamp

312-50 exam is also called 312-50 which is a new EC-Council certification exam. Candidates can grow to be a EC-Council EC-Council certified expert by utilizing 312-50 training materials on Exambible site. EC-Council EC-Council is a world-widely regarded certification which is a great essential passport in the direction of IT market. Succeeding in EC-Council 312-50 exam may boost up your confidence and also increase your occupation value. Each of our IT professionals design and style EC-Council 312-50 exam dumps containing various logical questions and also verified answers in the approach that could help you throughout cracking the EC-Council 312-50 exam with out any tiresome books or review materials. Exambible EC-Council EC-Council exam demos may become a new beacon in your occupation because they comprise every thing required to EC-Council 312-50 true exam.


The article at Testaimer.com going over http://www.testaimer.com/312-50-test is very comprehensive.

2021 Mar 312-50 practice test

Q301. One of your team members has asked you to analyze the following SOA record. What is the TTL? 

Rutgers.edu.SOA NS1.Rutgers.edu ipad.college.edu (200302028 3600 3600 604800 2400. 

A. 200303028 

B. 3600 

C. 604800 

D. 2400 

E. 60 

F. 4800 

Answer: D

Explanation: The SOA includes a timeout value. This value can tell an attacker how long any DNS "poisoning" would last. It is the last set of numbers in the record. 


Q302. MX record priority increases as the number increases.(True/False. 

A. True 

B. False 

Answer:

Explanation: The highest priority MX record has the lowest number. 


Q303. Which is the right sequence of packets sent during the initial TCP three way handshake? 

A. FIN, FIN-ACK, ACK 

B. SYN, URG, ACK 

C. SYN, ACK, SYN-ACK 

D. SYN, SYN-ACK, ACK 

Answer: D

Explanation: A TCP connection always starts with a request for synchronization, a SYN, the reply to that would be another SYN together with a ACK to acknowledge that the last package was delivered successfully and the last part of the three way handshake should be only an ACK to acknowledge that the SYN reply was recived. 


Q304. How do you defend against MAC attacks on a switch? 

A. Disable SPAN port on the switch 

B. Enable SNMP Trap on the switch 

C. Configure IP security on the switch 

D. Enable Port Security on the switch 

Answer: D


Q305. Bob has set up three web servers on Windows Server 2003 IIS 6.0. Bob has followed all the recommendations for securing the operating system and IIS. These servers are going to run numerous e-commerce websites that are projected to bring in thousands of dollars a day. Bob is still concerned about the security of this server because of the potential for financial loss. Bob has asked his company’s firewall administrator to set the firewall to inspect all incoming traffic on ports 80 and 443 to ensure that no malicious data is getting into the network. 

Why will this not be possible? 

A. Firewalls can’t inspect traffic coming through port 443 

B. Firewalls can only inspect outbound traffic 

C. Firewalls can’t inspect traffic coming through port 80 

D. Firewalls can’t inspect traffic at all, they can only block or allow certain ports 

Answer:

Explanation: In order to really inspect traffic and traffic patterns you need an IDS. 


Abreast of the times 312-50 test questions:

Q306. In an attempt to secure his 802.11b wireless network, Ulf decides to use a strategic antenna positioning. He places the antenna for the access points near the center of the building. For those access points near the outer edge of the building he uses semi-directional antennas that face towards the building’s center. There is a large parking lot and outlying filed surrounding the building that extends out half a mile around the building. Ulf figures that with this and his placement of antennas, his wireless network will be safe from attack. 

Which of the following statements is true? 

A. With the 300 feet limit of a wireless signal, Ulf’s network is safe. 

B. Wireless signals can be detected from miles away, Ulf’s network is not safe. 

C. Ulf’s network will be safe but only of he doesn’t switch to 802.11a. 

D. Ulf’s network will not be safe until he also enables WEP. 

Answer: D


Q307. SNMP is a protocol used to query hosts, servers, and devices about performance or health status data. This protocol has long been used by hackers to gather great amount of information about remote hosts. 

Which of the following features makes this possible? (Choose two) 

A. It used TCP as the underlying protocol. 

B. It uses community string that is transmitted in clear text. 

C. It is susceptible to sniffing. 

D. It is used by all network devices on the market. 

Answer: BC

Explanation: Simple Network Management Protocol (SNMP) is a protocol which can be used by administrators to remotely manage a computer or network device. There are typically 2 modes of remote SNMP monitoring. These modes are roughly 'READ' and 'WRITE' (or PUBLIC and PRIVATE). If an attacker is able to guess a PUBLIC community string, they would be able to read SNMP data (depending on which MIBs are installed) from the remote device. This information might include system time, IP addresses, interfaces, processes running, etc. Version 1 of SNMP has been criticized for its poor security. Authentication of clients is performed only by a "community string", in effect a type of password, which is transmitted in cleartext. 


Q308. One of the ways to map a targeted network for live hosts is by sending an ICMP ECHO request to the broadcast or the network address. The request would be broadcasted to all hosts on the targeted network. The live hosts will send an ICMP ECHO Reply to the attacker source IP address. 

You send a ping request to the broadcast address 192.168.5.255. 

[root@ceh/root]# ping -b 192.168.5.255 WARNING: pinging broadcast address PING 192.168.5.255 (192.168.5.255) from 192.168.5.1 : 56(84) bytes of data. 64 bytes from 192.168.5.1: icmp_seq=0 ttl=255 time=4.1 ms 64 bytes from 192.168.5.5: icmp_seq=0 ttl=255 time=5.7 ms 

There are 40 computers up and running on the target network. Only 13 hosts send a reply while others do not. Why? 

A. You cannot ping a broadcast address. The above scenario is wrong. 

B. You should send a ping request with this command ping 192.168.5.0-255 

C. Linux machines will not generate an answer (ICMP ECHO Reply) to an ICMP ECHO request aimed at the broadcast address or at the network address. 

D. Windows machines will not generate an answer (ICMP ECHO Reply) to an ICMP ECHO request aimed at the broadcast address or at the network address. 

Answer: D

Explanation: As stated in the correct option, Microsoft Windows does not handle pings to a broadcast address correctly and therefore ignores them. 


Q309. One of the ways to map a targeted network for live hosts is by sending an ICMP ECHO request to the broadcast or the network address. The request would be broadcasted to all hosts on the targeted network. The live hosts will send an ICMP ECHO Reply to the attacker's source IP address. 

You send a ping request to the broadcast address 192.168.5.255. 

There are 40 computers up and running on the target network. Only 13 hosts send a reply while others do not. Why? 

A. Windows machines will not generate an answer (ICMP ECHO Reply) to an ICMP ECHO request aimed at the broadcast address or at the network address. 

B. Linux machines will not generate an answer (ICMP ECHO Reply) to an ICMP ECHO request aimed at the broadcast address or at the network address. 

C. You should send a ping request with this command ping ? 192.168.5.0-255 

D. You cannot ping a broadcast address. The above scenario is wrong. 

Answer: A


Q310. Which programming language is NOT vulnerable to buffer overflow attacks? 

A. Java 

B. ActiveX 

C. C++ 

D. Assembly Language 

Answer: A

Explanation: Perl and Java has boundary checking, hence buffer overflows don't occur. On the other hand, Perl and Java don't offer access to the system that is as deep as some programs need. 

Topic 21, Cryptography