The Secret of 312-50 practice question

It is more faster and easier to pass the EC-Council 312-50 exam by using Realistic EC-Council Ethical Hacking and Countermeasures (CEHv6) questuins and answers. Immediate access to the Latest 312-50 Exam and find the same core area 312-50 questions with professionally verified answers, then PASS your exam with a high score now.

The article at going over is very comprehensive.

Q251. What is "Hacktivism"? 

A. Hacking for a cause 

B. Hacking ruthlessly 

C. An association which groups activists 

D. None of the above 

Answer: A

Explanation: The term was coined by author/critic Jason Logan King Sack in an article about media artist Shu Lea Cheang. Acts of hacktivism are carried out in the belief that proper use of code will have leveraged effects similar to regular activism or civil disobedience. 

Q252. SYN Flood is a DOS attack in which an attacker deliberately violates the three-way handshake and opens a large number of half-open TCP connections. 

The signature for SYN Flood attack is: 

A. The source and destination address having the same value. 

B. The source and destination port numbers having the same value. 

C. A large number of SYN packets appearing on a network without the corresponding reply packets. 

D. A large number of SYN packets appearing on a network with the corresponding reply packets. 

Answer: C

Explanation: A SYN attack occurs when an attacker exploits the use of the buffer space during a Transmission Control Protocol (TCP) session initialization handshake. The attacker floods the target system's small "in-process" queue with connection requests, but it does not respond when a target system replies to those requests. This causes the target system to time out while waiting for the proper response, which makes the system crash or become unusable. 

Q253. What is War Dialing? 

A. War dialing involves the use of a program in conjunction with a modem to penetrate the modem/PBX-based systems 

B. War dialing is a vulnerability scanning technique that penetrates Firewalls 

C. It is a social engineering technique that uses Phone calls to trick victims 

D. Involves IDS Scanning Fragments to bypass Internet filters and stateful Firewalls 

Answer: A

Q254. You have successfully brute forced basic authentication configured on a Web Server using Brutus hacking tool. The username/password is “Admin” and “Bettlemani@”. You logon to the system using the brute forced password and plant backdoors and rootkits. 

After downloading various sensitive documents from the compromised machine, you proceed to clear the log files to hide your trace.. 

Which event log located at C:Windowssystem32config contains the trace of your brute force attempts? 

A. AppEvent.Evt 

B. SecEvent.Evt 

C. SysEvent.Evt 

D. WinEvent.Evt 

Answer: B

Explanation: The Security Event log (SecEvent.Evt) will contain all the failed logins against the system. 

Topic 6, Trojans and Backdoors 

Q255. Syslog is a standard for logging program messages. It allows separation of the software that generates messages from the system that stores them and the software that reports and analyzes them. It also provides devices, which would otherwise be unable to communicate a means to notify administrators of problems or performance. 

What default port Syslog daemon listens on? 

A. 242 

B. 312 

C. 416 

D. 514 

Answer: D

Q256. War dialing is a very old attack and depicted in movies that were made years ago. 

Why would a modem security tester consider using such an old technique? 

A. It is cool, and if it works in the movies it must work in real life. 

B. It allows circumvention of protection mechanisms by being on the internal network. 

C. It allows circumvention of the company PBX. 

D. A good security tester would not use such a derelict technique. 

Answer: B

Explanation: If you are lucky and find a modem that answers and is connected to the target network, it usually is less protected (as only employees are supposed to know of its existence) and once connected you don’t need to take evasive actions towards any firewalls or IDS. 

Q257. In this type of Man-in-the-Middle attack, packets and authentication tokens are captured using a sniffer. Once the relevant information is extracted, the tokens are placed back on the network to gain access. 

A. Token Injection Replay attacks 

B. Shoulder surfing attack 

C. Rainbow and Hash generation attack 

D. Dumpster diving attack 

Answer: A

Q258. What type of encryption does WPA2 use? 

A. DES 64 bit 

B. AES-CCMP 128 bit 

C. MD5 48 bit 

D. SHA 160 bit 

Answer: B

Q259. Which of the following Nmap commands would be used to perform a UDP scan of the lower 1024 ports? 

A. Nmap -h -U 

B. Nmap -hU <host(s.> 

C. Nmap -sU -p 1-1024 <host(s.> 

D. Nmap -u -v -w2 <host> 1-1024 

E. Nmap -sS -O target/1024 

Answer: C

Explanation: Nmap -sU -p 1-1024 <hosts.> is the proper syntax. Learning Nmap and its switches are critical for successful completion of the CEH exam. 

Q260. Which of the following nmap command in Linux procedures the above output? 

A. sudo nmap –sP 

B. root nmap –sA 

C. run nmap –TX 

D. launch nmap –PP 

Answer: A

Explanation: This is an output from a ping scan. The option –sP will give you a ping scan of the network. 

Topic 4, Enumeration 

129. Sandra has been actively scanning the client network on which she is doing a vulnerability assessment test. While conducting a port scan she notices open ports in the range of 135 to 139. What protocol is most likely to be listening on those ports? 

A. Finger 


C. Samba 


Answer: D

Explanation: The SMB (Server Message Block) protocol is used among other things for file sharing in Windows NT / 2000. In Windows NT it ran on top of NBT (NetBIOS over TCP/IP), which used the famous ports 137, 138 (UDP) and 139 (TCP). In Windows 2000, Microsoft added the possibility to run SMB directly over TCP/IP, without the extra layer of NBT. For this they use TCP port 445.