A Review Of Tested 312-50 dump

Our pass rate is high to 98.9% and the similarity percentage between our 312-50 study guide and real exam is 90% based on our seven-year educating experience. Do you want achievements in the EC-Council 312-50 exam in just one try? I am currently studying for the EC-Council 312-50 exam. Latest EC-Council 312-50 Test exam practice questions and answers, Try EC-Council 312-50 Brain Dumps First.


The article at Testaimer.com going over http://www.testaimer.com/312-50-test is very comprehensive.

Q21. Joseph was the Web site administrator for the Mason Insurance in New York, who's main Web site was located at www.masonins.com. Joseph uses his laptop computer regularly to administer the Web site. One night, Joseph received an urgent phone call from his friend, Smith. According to Smith, the main Mason Insurance web site had been vandalized! All of its normal content was removed and replaced with an attacker's message ''Hacker Message: You are dead! Freaks!'' 

From his office, which was directly connected to Mason Insurance's internal network, Joseph surfed to the Web site using his laptop. In his browser, the Web site looked completely intact. No changes were apparent. Joseph called a friend of his at his home to help troubleshoot the problem. The Web site appeared defaced when his friend visited using his DSL connection. So, while Smith and his friend could see the defaced page, Joseph saw the intact Mason Insurance web site. To help make sense of this problem, Joseph decided to access the Web site using his dial-up ISP. He disconnected his laptop from the corporate internal network and used his modem to dial up the same ISP used by Smith. After his modem connected, he quickly typed www.masonins.com in his browser to reveal the following web page: 

H@cker Mess@ge: 

Y0u @re De@d! Fre@ks! 

After seeing the defaced Web site, he disconnected his dial-up line, reconnected to the internal network, and used Secure Shell (SSH) to log in directly to the Web server. He ran Tripwire against the entire Web site, and determined that every system file and all the Web content on the server were intact. 

How did the attacker accomplish this hack? 

A. ARP spoofing 

B. SQL injection 

C. DNS poisoning 

D. Routing table injection 

Answer: C

Explanation: External calls for the Web site has been redirected to another server by a successful DNS poisoning. 


Q22. If you perform a port scan with a TCP ACK packet, what should an OPEN port return? 

A. RST 

B. No Reply 

C. SYN/ACK 

D. FIN 

Answer:

Explanation: Open ports return RST to an ACK scan. 


Q23. SSL has been seen as the solution to several common security problems. Administrators will often make use of SSL to encrypt communication from point A to point B. Why do you think this could be a bad idea if there is an Intrusion Detection System deployed to monitor the traffic between point A and B? 

A. SSL is redundant if you already have IDS in place. 

B. SSL will trigger rules at regular interval and force the administrator to turn them off. 

C. SSL will slow down the IDS while it is breaking the encryption to see the packet content. 

D. SSL will mask the content of the packet and Intrusion Detection System will be blinded. 

Answer: D

Explanation: Because the traffic is encrypted, an IDS cannot understand it or evaluate the payload. 


Q24. You have just installed a new Linux file server at your office. This server is going to be used by several individuals in the organization, and unauthorized personnel must not be able to modify any data. 

What kind of program can you use to track changes to files on the server? 

A. Network Based IDS (NIDS) 

B. Personal Firewall 

C. System Integrity Verifier (SIV) 

D. Linux IP Chains 

Answer: C

Explanation: System Integrity Verifiers like Tripwire aids system administrators and users in monitoring a designated set of files for any changes. Used with system files on a regular (e.g., daily) basis, Tripwire can notify system administrators of corrupted or tampered files, so damage control measures can be taken in a timely manner. 


Q25. Sandra is the security administrator of ABC.com. One day she notices that the ABC.com Oracle database server has been compromised and customer information along with financial data has been stolen. The financial loss will be estimated in millions of dollars if the database gets into the hands of competitors. Sandra wants to report this crime to the law enforcement agencies immediately. 

Which organization coordinates computer crime investigations throughout the United States? 

A. NDCA 

B. NICP 

C. CIRP 

D. NPC 

E. CIA 

Answer: D


Q26. When a malicious hacker identifies a target and wants to eventually compromise this target, what would be the first step the attacker would perform? 

A. Cover his tracks by eradicating the log files 

B. Gain access to the remote computer for identification of venue of attacks 

C. Perform a reconnaissance of the remote target for identification of venue of attacks 

D. Always starts with a scan in order to quickly identify venue of attacks 

Answer: C


Q27. An Evil Cracker is attempting to penetrate your private network security. To do this, he must not be seen by your IDS, as it may take action to stop him. What tool might he use to bypass the IDS? 

Select the best answer. 

A. Firewalk 

B. Manhunt 

C. Fragrouter 

D. Fragids 

Answer:

Explanations: 

Firewalking is a way to disguise a portscan. Thus, firewalking is not a tool, but a method of conducting a port scan in which it can be hidden from some firewalls. Synamtec Man-Hunt is an IDS, not a tool to evade an IDS. Fragrouter is a tool that can take IP traffic and fragment it into multiple pieces. There is a legitimate reason that fragmentation is done, but it is also a technique that can help an attacker to evade detection while Fragids is a made-up tool and does not exist. 


Q28. ____________ will let you assume a users identity at a dynamically generated web page or site. 

A. SQL attack 

B. Injection attack 

C. Cross site scripting 

D. The shell attack 

E. Winzapper 

Answer: C

Explanation: Cross site scripting is also referred to as XSS or CSS. You must know the user is online and you must scam that user into clicking on a link that you have sent in order for this hack attack to work. 


Q29. Which of the following is a patch management utility that scans one or more computers on your network and alerts you if you important Microsoft Security patches are missing. It then provides links that enable those missing patches to be downloaded and installed. 

A. MBSA 

B. BSSA 

C. ASNB 

D. PMUS 

Answer: A

Explanation: The Microsoft Baseline Security Analyzer (MBSA) is a tool put out by Microsoft to help analyze security problems in Microsoft Windows. It does this by scanning the system for security problems in Windows, Windows components such as the IIS web server application, Microsoft SQL Server, and Microsoft Office. One example of an issue might be that permissions for one of the directories in the wwwroot folder of IIS could be set at too low a level, allowing unwanted modification of files from outsiders. 


Q30. Bob has been hired to perform a penetration test on ABC.com. He begins by looking at IP address ranges owned by the company and details of domain name registration. He then goes to News Groups and financial web sites to see if they are leaking any sensitive information of have any technical details online. 

Within the context of penetration testing methodology, what phase is Bob involved with? 

A. Passive information gathering 

B. Active information gathering 

C. Attack phase 

D. Vulnerability Mapping 

Answer: A

Explanation: He is gathering information and as long as he doesn’t make contact with any of the targets systems he is considered gathering this information in a passive mode.