Top Realistic 312-50 samples Tips!

It is impossible to pass EC-Council 312-50 exam without any help in the short term. Come to Examcollection soon and find the most advanced, correct and guaranteed EC-Council 312-50 practice questions. You will get a surprising result by our Most recent Ethical Hacking and Countermeasures (CEHv6) practice guides.

The article at going over is very comprehensive.

2021 Apr 312-50 torrent

Q271. A specific site received 91 ICMP_ECHO packets within 90 minutes from 47 different sites. 77 of the ICMP_ECHO packets had an ICMP ID:39612 and Seq:57072. 13 of the ICMP_ECHO packets had an ICMP ID:0 and Seq:0. What can you infer from this information? 

A. The packets were sent by a worm spoofing the IP addresses of 47 infected sites B. ICMP ID and Seq numbers were most likely set by a tool and not by the operating system 

C. All 77 packets came from the same LAN segment and hence had the same ICMP ID and Seq number 

D. 13 packets were from an external network and probably behind a NAT, as they had an ICMP ID 0 and Seq 0 

Answer: B

Q272. Sara is making use of Digest Authentication for her Web site. Why is this considered to be more secure than Basic authentication? 

A. Basic authentication is broken 

B. The password is never sent in clear text over the network 

C. The password sent in clear text over the network is never reused. 

D. It is based on Kerberos authentication protocol 

Answer: B

Explanation: Digest access authentication is one of the agreed methods a web page can use to negotiate credentials with a web user (using the HTTP protocol). This method builds upon (and obsoletes) the basic authentication scheme, allowing user identity to be established without having to send a password in plaintext over the network. 

Q273. John has performed a scan of the web server with NMAP but did not gather enough information to accurately identify which operating system is running on the remote host. How could you use a web server to help in identifying the OS that is being used? 

A. Telnet to an Open port and grab the banner 

B. Connect to the web server with an FTP client 

C. Connect to the web server with a browser and look at the web page 

D. Telnet to port 8080 on the web server and look at the default page code 


Explanation: Most Web servers politely identify themselves and the OS to anyone who asks. 

Q274. What is the correct command to run Netcat on a server using port 56 that spawns command shell when connected? 

A. nc -port 56 -s cmd.exe 

B. nc -p 56 -p -e shell.exe 

C. nc -r 56 -c cmd.exe 

D. nc -L 56 -t -e cmd.exe 

Answer: D

Q275. Michael is the security administrator for the for ABC company. Michael has been charged with strengthening the company’s security policies, including its password policies. Due to certain legacy applications. Michael was only able to enforce a password group policy in Active Directory with a minimum of 10 characters. He has informed the company’s employes, however that the new password policy requires that everyone must have complex passwords with at least 14 characters. Michael wants to ensure that everyone is using complex passwords that meet the new security policy requirements. Michael has just logged on to one of the network’s domain controllers and is about to run the following command: 

What will this command accomplish? 

A. Dumps SAM password hashes to pwd.txt 

B. Password history file is piped to pwd.txt 

C. Dumps Active Directory password hashes to pwd.txt 

D. Internet cache file is piped to pwd.txt 

Answer: A

Explanation: Pwdump is a hack tool that is used to grab Windows password hashes from a remote Windows computer. Pwdump > pwd.txt will redirect the output from pwdump to a text file named pwd.txt 

Rebirth 312-50 test preparation:

Q276. In the context of Trojans, what is the definition of a Wrapper? 

A. An encryption tool to protect the Trojan. 

B. A tool used to bind the Trojan with legitimate file. 

C. A tool used to encapsulated packets within a new header and footer. 

D. A tool used to calculate bandwidth and CPU cycles wasted by the Trojan. 

Answer: B

Explanation: These wrappers allow an attacker to take any executable back-door program and combine it with any legitimate executable, creating a Trojan horse without writing a single line of new code. 

Q277. Attacking well-known system defaults is one of the most common hacker attacks. Most software is shipped with a default configuration that makes it easy to install and setup the application. You should change the default settings to secure the system. 

Which of the following is NOT an example of default installation? 

A. Many systems come with default user accounts with well-known passwords that administrators forget to change 

B. Often, the default location of installation files can be exploited which allows a hacker to retrieve a file from the system 

C. Many software packages come with "samples" that can be exploited, such as the sample programs on IIS web services 

D. Enabling firewall and anti-virus software on the local system 

Answer: D

Q278. Jackson discovers that the wireless AP transmits 128 bytes of plaintext, and the station responds by encrypting the plaintext. It then transmits the resulting ciphertext using the same key and cipher that are used by WEP to encrypt subsequent network traffic. What authentication mechanism is being followed here? 

A. no authentication 

B. single key authentication 

C. shared key authentication 

D. open system authentication 


Explantion: The following picture shows how the WEP authentication procedure: 

Q279. An Nmap scan shows the following open ports, and nmap also reports that the OS guessing results to match too many signatures hence it cannot reliably be identified: 

21 ftp 23 telnet 80 http 443 https 

What does this suggest ? 

A. This is a Windows Domain Controller 

B. The host is not firewalled 

C. The host is not a Linux or Solaris system 

D. The host is not properly patched 

Answer: D

Explanation: If the answer was A nmap would guess it, it holds the MS signature database, the host not being firewalled makes no difference. The host is not linux or solaris, well it very well could be. The host is not properly patched? That is the closest; nmaps OS detection architecture is based solely off the TCP ISN issued by the operating systems TCP/IP stack, if the stack is modified to show output from randomized ISN's or if your using a program to change the ISN then OS detection will fail. If the TCP/IP IP ID's are modified then os detection could also fail, because the machine would most likely come back as being down. 

Q280. Which Type of scan sends a packets with no flags set ? 

Select the Answer 

A. Open Scan 

B. Null Scan 

C. Xmas Scan 

D. Half-Open Scan 



The types of port connections supported are: