What Does 312-50 free download Mean?

It is impossible to pass EC-Council 312-50 exam without any help in the short term. Come to Ucertify soon and find the most advanced, correct and guaranteed EC-Council 312-50 practice questions. You will get a surprising result by our Renovate Ethical Hacking and Countermeasures (CEHv6) practice guides.

Q411. What are the limitations of Vulnerability scanners? (Select 2 answers) 

A. There are often better at detecting well-known vulnerabilities than more esoteric ones 

B. The scanning speed of their scanners are extremely high 

C. It is impossible for any, one scanning product to incorporate all known vulnerabilities in a timely manner 

D. The more vulnerabilities detected, the more tests required 

E. They are highly expensive and require per host scan license 

Answer: AC


Q412. Consider the following code: 

If an attacker can trick a victim user to click a link like this and the web application does not validate input, then the victim’s browser will pop up an alert showing the users current set of cookies. An attacker can do much more damage, including stealing passwords, resetting your home page or redirecting the user to another web site. 

What is the countermeasure against XSS scripting? 

A. Create an IP access list and restrict connections based on port number 

B. Replace “<” and “>” characters with ?lt; and ?gt; using server scripts 

C. Disable Javascript in IE and Firefox browsers 

D. Connect to the server using HTTPS protocol instead of HTTP 

Answer: B

Explanation: The correct answer contains a string which is an HTML-quoted version of the original script. The quoted versions of these characters will appear as literals in a browser, rather than with their special meaning as HTML tags. This prevents any script from being injected into HTML output, but it also prevents any user-supplied input from being formatted with benign HTML. 

Topic 13, Web Based Password Cracking Techniques 


Q413. Attackers send an ACK probe packet with random sequence number, no response means port is filtered (Stateful firewall is present) and RST response means the port is not filtered. What type of Port Scanning is this? 

A. RST flag scanning 

B. FIN flag scanning 

C. SYN flag scanning 

D. ACK flag scanning 

Answer: D


Q414. fter studying the following log entries, what is the attacker ultimately trying to achieve as inferred from the log sequence? 

1. mkdir -p /etc/X11/applnk/Internet/.etc 

2. mkdir -p /etc/X11/applnk/Internet/.etcpasswd 

3. touch -acmr /etc/passwd /etc/X11/applnk/Internet/.etcpasswd 

4. touch -acmr /etc /etc/X11/applnk/Internet/.etc 

5. passwd nobody -d 

6. /usr/sbin/adduser dns -d/bin -u 0 -g 0 -s/bin/bash 

7. passwd dns -d 

8. touch -acmr /etc/X11/applnk/Internet/.etcpasswd /etc/passwd 

9. touch -acmr /etc/X11/applnk/Internet/.etc /etc 

A. Change password of user nobody 

B. Extract information from a local directory 

C. Change the files Modification Access Creation times 

D. Download rootkits and passwords into a new directory 

Answer: C


Q415. You want to know whether a packet filter is in front of 192.168.1.10. Pings to 192.168.1.10 don't get answered. A basic nmap scan of 192.168.1.10 seems to hang without returning any information. What should you do next? 

A. Use NetScan Tools Pro to conduct the scan 

B. Run nmap XMAS scan against 192.168.1.10 

C. Run NULL TCP hping2 against 192.168.1.10 

D. The firewall is blocking all the scans to 192.168.1.10 

Answer: C


Q416. One of the most common and the best way of cracking RSA encryption is to being to derive the two prime numbers, which are used in the RSA PKI mathematical process. If the two numbers p and q are discovered through a _________________ process, then the private key can be derived. 

A. Factorization 

B. Prime Detection 

C. Hashing 

D. Brute-forcing 

Answer: A

Explanation: In April 1994, an international cooperative group of mathematicians and computer scientists solved a 17-year-old challenge problem, the factoring of a 129-digit number, called RSA-129, into two primes. That is, RSA-129 = 1143816257578888676692357799761466120102182 9672124236256256184293570693524573389783059 7123563958705058989075147599290026879543541 = 34905295108476509491478496199038 98133417764638493387843990820577 times 32769132993266709549961988190834 461413177642967992942539798288533. Se more at http://en.wikipedia.org/wiki/RSA_Factoring_Challenge 


Q417. Jack Hackers wants to break into Brown’s Computers and obtain their secret double fudge cookie recipe. Jack calls Jane, an accountant at Brown Co. pretending to be an administrator from Brown Co. Jack tell Jane that there has been a problem with some accounts and asks her to verify her password with him “just to double check our records”. Jane does not suspect anything amiss and parts her password. Jack can now access Brown Co.’s computer with a valid username and password to steal the cookie recipe. What kind of attack is being illustrated here? 

A. Faking Identity 

B. Spoofing Identity 

C. Social Engineering 

D. Reverse Psychology 

E. Reverse Engineering 

Answer: C

Explanation: Social engineering is a collection of techniques used to manipulate people into performing actions or divulging confidential information. While similar to a confidence trick or simple fraud, the term typically applies to trickery for information gathering or computer system access and in most cases the attacker never comes face-to-face with the victim. 


Q418. What is the name of the software tool used to crack a single account on Netware Servers using a dictionary attack? 

A. NPWCrack 

B. NWPCrack 

C. NovCrack 

D. CrackNov 

E. GetCrack 

Answer:

Explanation: NWPCrack is the software tool used to crack single accounts on Netware servers. 


Q419. While performing a ping sweep of a subnet you receive an ICMP reply of Code 3/Type 13 for all the pings sent out. 

What is the most likely cause behind this response? 

A. The firewall is dropping the packets. 

B. An in-line IDS is dropping the packets. 

C. A router is blocking ICMP. 

D. The host does not respond to ICMP packets. 

Answer:

Explanation: Type 3 message = Destination Unreachable [RFC792], Code 13 (cause) = 

Communication Administratively Prohibited [RFC1812] 


Q420. According to the CEH methodology, what is the next step to be performed after footprinting? 

A. Enumeration 

B. Scanning 

C. System Hacking 

D. Social Engineering 

E. Expanding Influence 

Answer:

Explanation: Once footprinting has been completed, scanning should be attempted next. 

Scanning should take place on two distinct levels: network and host.