Finding Latest 312-50 prep

Guaranteed of 312-50 answers materials and prep for EC-Council certification for IT learners, Real Success Guaranteed with Updated 312-50 pdf dumps vce Materials. 100% PASS Ethical Hacking and Countermeasures (CEHv6) exam Today!

The article at going over is very comprehensive.

Q141. Bob wants to prevent attackers from sniffing his passwords on the wired network. Which of the following lists the best options? 


B. SSID, WEP, Kerberos 

C. SMB, SMTP, Smart card 

D. Kerberos, Smart card, Stanford SRP 

Answer: D

Explanation: Kerberos, Smart cards and Stanford SRP are techniques where the password never leaves the computer. 

Q142. ou wish to determine the operating system and type of web server being used. At the same time you wish to arouse no suspicion within the target organization. 

While some of the methods listed below work, which holds the least risk of detection? 

A. Make some phone calls and attempt to retrieve the information using social engineering. 

B. Use nmap in paranoid mode and scan the web server. 

C. Telnet to the web server and issue commands to illicit a response. 

D. Use the netcraft web site look for the target organization’s web site. 

Answer: D

Explanation: Netcraft is providing research data and analysis on many aspects of the Internet. Netcraft has explored the Internet since 1995 and is a respected authority on the market share of web servers, operating systems, hosting providers, ISPs, encrypted transactions, electronic commerce, scripting languages and content technologies on the internet. 

Q143. You visit a website to retrieve the listing of a company's staff members. But you can not find it on the website. You know the listing was certainly present one year before. How can you retrieve information from the outdated website? 

A. Through Google searching cached files 

B. Through 

C. Download the website and crawl it 

D. Visit customers' and prtners' websites 

Answer: B

Explanation: mirrors websites and categorizes them by date and month depending on the crawl time. dates back to 1996, Google is incorrect because the cache is only as recent as the latest crawl, the cache is over-written on each subsequent crawl. Download the website is incorrect because that's the same as what you see online. Visiting customer partners websites is just bogus. The answer is then Firmly, C, 

Q144. Data is sent over the network as clear text (unencrypted) when Basic Authentication is configured on Web Servers. 

A. True 

B. False 

Answer: A

Explanation: Using HTTP basic authentication will result in your password being sent over the internet as clear text. Don't use this technique unless you understand what the ramifications of this are. 

Q145. Which of the following ICMP message types are used for destinations unreachables? 

A. 0 

B. 3 

C. 11 

D. 13 

E. 17 

Answer: B

Explanation: Type 3 messages are used for unreachable messages. 0 is Echo Reply, 8 is Echo request, 11 is time exceeded, 13 is timestamp and 17 is subnet mask request. Learning these would be advisable for the test. 

Q146. ou are footprinting to gather competitive intelligence. You visit the websire for contact information and telephone number numbers but do not find it listed there. You know that they had the entire staff directory listed on their website 12 months ago but now it is not there. How would it be possible for you to retrieve information from the website that is outdated? 

A. Visit google search engine and view the cached copy. 

B. Visit site to retrieve the Internet archive of the acme website. 

C. Crawl the entire website and store them into your computer. 

D. Visit the company’s partners and customers website for this information. 

Answer: B

Explanation: The Internet Archive (IA) is a non-profit organization dedicated to maintaining an archive of Web and multimedia resources. Located at the Presidio in San Francisco, California, this archive includes "snapshots of the World Wide Web" (archived copies of pages, taken at various points in time), software, movies, books, and audio recordings (including recordings of live concerts from bands that allow it). This site is found at 

Q147. Matthew re-injects a captured wireless packet back onto the network. He does this hundreds of times within a second. The packet is correctly encrypted and Matthew assumes it is an ARP request packet. The wireless host responds with a stream of responses, all individually encrypted with different IVs. What is this attack most appropriately called? 

A. Spoof Attack 

B. Replay Attack 

C. Inject Attack 

D. Rebound Attack 

Answer: B

Explanation: A replay attack is a form of network attack in which a valid data transmission is maliciously or fraudulently repeated or delayed. This is carried out either by the originator or by an adversary who intercepts the data and retransmits it. 

Q148. What is the disadvantage of an automated vulnerability assessment tool? 

A. Ineffective 

B. Slow C. Prone to false positives 

D. Prone to false negatives 

E. Noisy 


Explanation: Vulnerability assessment tools perform a good analysis of system vulnerabilities; however, they are noisy and will quickly trip IDS systems. 

Q149. This IDS defeating technique works by splitting a datagram (or packet) into multiple fragments and the IDS will not spot the true nature of the fully assembled datagram. The datagram is not reassembled until it reaches its final destination. It would be a processor-intensive tasks for an IDS to reassemble all fragments itself and on a busy system the packet will slip through the IDS onto the network. 

What is this technique called? 

A. IP Fragmentation or Session Splicing 

B. IP Routing or Packet Dropping 

C. IDS Spoofing or Session Assembly 

D. IP Splicing or Packet Reassembly 

Answer: A

Explanation: The basic premise behind session splicing, or IP Fragmentation, is to deliver the payload over multiple packets thus defeating simple pattern matching without session reconstruction. This payload can be delivered in many different manners and even spread out over a long period of time. Currently, Whisker and Nessus have session splicing capabilities, and other tools exist in the wild. 

Q150. Shayla is an IT security consultant, specializing in social engineering and external penetration tests. Shayla has been hired on by Treks Avionics, a subcontractor for the Department of Defense. Shayla has been given authority to perform any and all tests necessary to audit the company's network security. 

No employees for the company, other than the IT director, know about Shayla's work she will be doing. Shayla's first step is to obtain a list of employees through company website contact pages. Then she befriends a female employee of the company through an online chat website. After meeting with the female employee numerous times, Shayla is able to gain her trust and they become friends. One day, Shayla steals the employee's access badge and uses it to gain unauthorized access to the Treks Avionics offices. 

What type of insider threat would Shayla be considered? 

A. She would be considered an Insider Affiliate 

B. Because she does not have any legal access herself, Shayla would be considered an Outside Affiliate 

C. Shayla is an Insider Associate since she has befriended an actual employee 

D. Since Shayla obtained access with a legitimate company badge; she would be considered a Pure Insider 

Answer: A