Virtual 312-50 discount pack Reviews & Tips

we provide Download EC-Council 312-50 practice test which are the best for clearing 312-50 test, and to get certified by EC-Council Ethical Hacking and Countermeasures (CEHv6). The 312-50 Questions & Answers covers all the knowledge points of the real 312-50 exam. Crack your EC-Council 312-50 Exam with latest dumps, guaranteed!

The article at going over is very comprehensive.

Q381. #define MAKE_STR_FROM_RET(x) ((x)&0xff), (((x)&0xff00)8), 

(((x)&0xff0000)16), (((x)&0xff000000)24) 

char infin_loop[]= 

/* for testing purposes */ 


char bsdcode[] = 

/* Lam3rZ chroot() code rewritten for FreeBSD by venglin */ 













"x67x6cx69x6e";static int magic[MAX_MAGIC],magic_d[MAX_MAGIC]; 

static char *magic_str=NULL; 

int before_len=0; 

char *target=NULL, *username="user", *password=NULL; 

struct targets getit; 

The following exploit code is extracted from what kind of attack? 

A. Remote password cracking attack 

B. SQL Injection 

C. Distributed Denial of Service 

D. Cross Site Scripting 

E. Buffer Overflow 


Explanation: This is a buffer overflow with it’s payload in hex format. 

Q382. Which of the following Exclusive OR transforms bits is NOT correct? 

A. 0 xor 0 = 0 

B. 1 xor 0 = 1 

C. 1 xor 1 = 1 

D. 0 xor 1 = 1 

Answer: C

Q383. What is the most common vehicle for social engineering attacks? 

A. Phone 

B. Email 

C. In person 

D. P2P Networks 

Answer: A

Explanation: Pretexting is the act of creating and using an invented scenario (the pretext) to persuade a target to release information or perform an action and is usually done over the telephone. 

Q384. What are twp types of ICMP code used when using the ping command? 

A. It uses types 0 and 8. 

B. It uses types 13 and 14. 

C. It uses types 15 and 17. 

D. The ping command does not use ICMP but uses UDP. 

Answer: A

Explanation: ICMP Type 0 = Echo Reply, ICMP Type 8 = Echo 

Q385. In which part of OSI layer, ARP Poisoning occurs? 

A. Transport Layer 

B. Datalink Layer 

C. Physical Layer 

D. Application layer 

Answer: B

Q386. Which of the following encryption is not based on Block Cipher? 


B. Blowfish 


D. RC4 

Answer: D

Explanation: RC4 (also known as ARC4 or ARCFOUR) is the most widely-used software stream cipher and is used in popular protocols such as Secure Sockets Layer (SSL) (to protect Internet traffic) and WEP (to secure wireless networks). 

Topic 22, Penetration Testing Methodologies 

556. Joel and her team have been going through tons of garbage, recycled paper, and other rubbish in order to find some information about the target they are attempting to penetrate. 

What would you call this kind of activity? 

A. CI Gathering 

B. Scanning 

C. Dumpster Diving 

D. Garbage Scooping 

Answer: C

Q387. This attack uses social engineering techniques to trick users into accessing a fake Web site and divulging personal information. Attackers send a legitimate-looking e-mail asking users to update their information on the company's Web site, but the URLs in the e-mail actually point to a false Web site. 

A. Wiresharp attack 

B. Switch and bait attack 

C. Phishing attack 

D. Man-in-the-Middle attack 

Answer: C

Q388. A program that defends against a port scanner will attempt to: 

A. Sends back bogus data to the port scanner 

B. Log a violation and recommend use of security-auditing tools 

C. Limit access by the scanning system to publicly available ports only 

D. Update a firewall rule in real time to prevent the port scan from being completed 

Answer: D

Q389. Jake works as a system administrator at Acme Corp. Jason, an accountant of the firm befriends him at the canteen and tags along with him on the pretext of appraising him about potential tax benefits. Jason waits for Jake to swipe his access card and follows him through the open door into the secure systems area. How would you describe Jason's behavior within a security context? 

A. Trailing 

B. Tailgating 

C. Swipe Gating 

D. Smooth Talking 

Answer: B

Explanation: Tailgating, in which an unauthorized person follows someone with a pass into an office, is a very simple social engineering attack. The intruder opens the door, which the authorized user walks through, and then engages them in conversation about the weather or weekend sport while they walk past the reception area together. 

Q390. Which tool/utility can help you extract the application layer data from each TCP connection from a log file into separate files? 

A. Snort 

B. argus 

C. TCPflow 

D. Tcpdump 

Answer: C

Explanation: Tcpflow is a program that captures data transmitted as part of TCP connections (flows), and stores the data in a way that is convenient for protocol analysis or debugging. A program like 'tcpdump' shows a summary of packets seen on the wire, but usually doesn't store the data that's actually being transmitted. In contrast, tcpflow reconstructs the actual data streams and stores each flow in a separate file for later analysis.