Top Latest 312-50 free draindumps Reviews!

Pinpoint of 312-50 answers materials and dumps for EC-Council certification for IT engineers, Real Success Guaranteed with Updated 312-50 pdf dumps vce Materials. 100% PASS Ethical Hacking and Countermeasures (CEHv6) exam Today!

The article at going over is very comprehensive.

2021 Apr 312-50 free practice questions

Q61. Yancey is a network security administrator for a large electric company. This company provides power for over 100,000 people in Las Vegas. Yancey has worked for his company for over 15 years and has become very successful. One day, Yancey comes in to work and finds out that the company will be downsizing and he will be out of a job in two weeks. Yancey is very angry and decides to place logic bombs, viruses, Trojans, and backdoors all over the network to take down the company once he has left. Yancey does not care if his actions land him in jail for 30 or more years, he just wants the company to pay for what they are doing to him. What would Yancey be considered? 

A. Yancey would be considered a Suicide Hacker 

B. Since he does not care about going to jail, he would be considered a Black Hat 

C. Because Yancey works for the company currently; he would be a White Hat 

D. Yancey is a Hacktivist Hacker since he is standing up to a company that is downsizing 

Answer: A

Q62. You establish a new Web browser connection to Google. Since a 3-way handshake is required for any TCP connection, the following actions will take place. 

-DNS query is sent to the DNS server to resolve 

-DNS server replies with the IP address for Google? 

-SYN packet is sent to Google. 

-Google sends back a SYN/ACK packet 

-Your computer completes the handshake by sending an ACK 

-The connection is established and the transfer of data commences 

Which of the following packets represent completion of the 3-way handshake? 

A. 4th packet 

B. 3rdpacket 

C. 6th packet 

D. 5th packet 

Answer: D

Q63. You have installed antivirus software and you want to be sure that your AV signatures are working correctly. You don't want to risk the deliberate introduction of a live virus to test the AV software. You would like to write a harmless test virus, which is based on the European Institute for Computer Antivirus Research format that can be detected by the AV software. 

How should you proceed? 

A. Type the following code in notepad and save the file as SAMPLEVIRUS.COM. Your antivirus program springs into action whenever you attempt to open, run or copy it. X5O!P%@AP[4PZX54(P^)7CC)7}$SAMPLEVIRUS-STANDARD-ANTIVIRUS-TEST-FILE!$H+H* 

B. Type the following code in notepad and save the file as AVFILE.COM. Your antivirus program springs into action whenever you attempt to open, run or copy it. X5O!P%@AP[4PZX54(P^)7CC)7}$AVFILE-STANDARD-ANTIVIRUS-TEST-FILE!$H+H* 

C. Type the following code in notepad and save the file as TESTAV.COM. Your antivirus program springs into action whenever you attempt to open, run or copy it. X5O!P%@AP[4PZX54(P^)7CC)7}$TESTAV-STANDARD-ANTIVIRUS-TEST-FILE!$H+H* 

D. Type the following code in notepad and save the file as EICAR.COM. Your antivirus program springs into action whenever you attempt to open, run or copy it. X5O!P%@AP[4PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H* 

Answer: D

Explanation: The EICAR test file (official name: EICAR Standard Anti-Virus Test File) is a file, developed by the European Institute for Computer Antivirus Research, to test the response of computer antivirus (AV) programs. The rationale behind it is to allow people, companies, and AV programmers to test their software without having to use a real computer virus that could cause actual damage should the AV not respond correctly. EICAR likens the use of a live virus to test AV software to setting a fire in a trashcan to test a fire alarm, and promotes the EICAR test file as a safe alternative. 

Q64. One of the effective DoS/DDoS countermeasures is 'Throttling'. Which statement correctly defines this term? 

A. Set up routers that access a server with logic to adjust incoming traffic to levels that will be safe for the server to process 

B. Providers can increase the bandwidth on critical connections to prevent them from going down in the event of an attack 

C. Replicating servers that can provide additional failsafe protection 

D. Load balance each server in a multiple-server architecture 

Answer: A

Q65. Fred is scanning his network to ensure it is as secure as possible. Fred sends a TCP probe packet to a host with a FIN flag and he receives a RST/ACK response. What does this mean? 

A. This response means the port he is scanning is open. 

B. The RST/ACK response means the port Fred is scanning is disabled. 

C. This means the port he is scanning is half open. 

D. This means that the port he is scanning on the host is closed. 

Answer: D

Most up-to-date 312-50 test questions:

Q66. What are the different between SSL and S-HTTP? 

A. SSL operates at the network layer and S-HTTP operates at the application layer 

B. SSL operates at the application layer and S-HTTP operates at the network layer 

C. SSL operates at transport layer and S-HTTP operates at the application layer 

D. SSL operates at the application layer and S-HTTP operates at the transport layer 

Answer: C

Explanation: Whereas SSL is designed to establish a secure connection between two computers, S-HTTP is designed to send individual messages securely. S-HTTP is defined in RFC 2660 

Q67. An attacker is attempting to telnet into a corporation’s system in the DMZ. The attacker doesn’t want to get caught and is spoofing his IP address. After numerous tries he remains unsuccessful in connecting to the system. The attacker rechecks that the target system is actually listening on Port 23 and he verifies it with both nmap and hping2. He is still unable to connect to the target system. 

What is the most probable reason? 

A. The firewall is blocking port 23 to that system. 

B. He cannot spoof his IP and successfully use TCP. 

C. He needs to use an automated tool to telnet in. 

D. He is attacking an operating system that does not reply to telnet even when open. 


Explanation: Spoofing your IP will only work if you don’t need to get an answer from the target system. In this case the answer (login prompt) from the telnet session will be sent to the “real” location of the IP address that you are showing as the connection initiator. 

Q68. The programmers on your team are analyzing the free, open source software being used to run FTP services on a server in your organization. They notice that there is excessive number of functions in the source code that might lead to buffer overflow. These C++ functions do not check bounds. Identify the line the source code that might lead to buffer overflow. 

A. Line number 31. 

B. Line number 15 

C. Line number 8 

D. Line number 14 

Answer: B

Q69. Fake Anti-Virus, is one of the most frequently encountered and persistent threats on the web. This malware uses social engineering to lure users into infected websites with a technique called Search Engine Optimization. 

Once the Fake AV is downloaded into the user's computer, the software will scare them into believing their system is infected with threats that do not really exist, and then push users to purchase services to clean up the non-existent threats. 

The Fake AntiVirus will continue to send these annoying and intrusive alerts until a payment is made. 

What is the risk of installing Fake AntiVirus? 

A. Victim's Operating System versions, services running and applications installed will be published on Blogs and Forums 

B. Victim's personally identifiable information such as billing address and credit card details, may be extracted and exploited by the attacker 

C. Once infected, the computer will be unable to boot and the Trojan will attempt to format the hard disk 

D. Denial of Service attack will be launched against the infected computer crashing other machines on the connected network 

Answer: B

Q70. Which definition below best describes a covert channel? 

A. Making use of a Protocol in a way it was not intended to be used 

B. It is the multiplexing taking place on communication link 

C. It is one of the weak channels used by WEP that makes it insecure 

D. A Server Program using a port that is not well known 

Answer: A

Explanation: A covert channel is a hidden communication channel not intended for information transfer at all. Redundancy can often be used to communicate in a covert way. There are several ways that hidden communication can be set up.