★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW 312-50 Exam Dumps (PDF & VCE):
Available on: https://www.certleader.com/312-50-dumps.html


100% Guarantee of 312-50 actual exam materials and pdf for EC-Council certification for IT specialist, Real Success Guaranteed with Updated 312-50 pdf dumps vce Materials. 100% PASS Ethical Hacking and Countermeasures (CEHv6) exam Today!

2021 Aug ec council 312-50:

Q31. You just purchased the latest DELL computer, which comes pre-installed with Windows XP, McAfee antivirus software and a host of other applications. You want to connect Ethernet wire to your cable modem and start using the computer immediately. 

Windows is dangerously insecure when unpacked from the box, and there are a few things that you must do before you use it. 

A. New Installation of Windows Should be patched by installation the latest service packs and hotfixes 

B. Enable “guest” account 

C. Install a personal firewall and lock down unused ports from connecting to your computer 

D. Install the latest signatures for Antivirus software 

E. Configure “Windows Update” to automatic 

F. Create a non-admin user with a complex password and login to this account 

Answer: ACDEF

Explanation: The guest account is a possible vulnerability to your system so you should not enable it unless needed. Otherwise you should perform all other actions mentioned in order to have a secure system. 


Topic 23, Mixed Questions 

566. One of the better features of NetWare is the use of packet signature that includes cryptographic signatures. The packet signature mechanism has four levels from 0 to 3. 

In the list below which of the choices represent the level that forces NetWare to sign all packets? 

A. 0 (zero) 

B. 1 

C. 2 

D. 3 

Answer: D

Explanation: 0Server does not sign packets (regardless of the client level). 

1Server signs packets if the client is capable of signing (client level is 2 or higher). 

2Server signs packets if the client is capable of signing (client level is 1 or higher). 

3Server signs packets and requires all clients to sign packets or logging in will fail. 


Q32. Network Administrator Patricia is doing an audit of the network. Below are some of her findings concerning DNS. Which of these would be a cause for alarm? 

Select the best answer. 

A. There are two external DNS Servers for Internet domains. Both are AD integrated. 

B. All external DNS is done by an ISP. 

C. Internal AD Integrated DNS servers are using private DNS names that are 

D. unregistered. 

E. Private IP addresses are used on the internal network and are registered with the internal AD integrated DNS server. 

Answer: A 

Explanations: 

A. There are two external DNS Servers for Internet domains. Both are AD integrated. This is the correct answer. Having an AD integrated DNS external server is a serious cause for alarm. There is no need for this and it causes vulnerability on the network. 

B. All external DNS is done by an ISP. 

This is not the correct answer. This would not be a cause for alarm. This would actually reduce the company's network risk as it is offloaded onto the ISP. 

C. Internal AD Integrated DNS servers are using private DNS names that are unregistered. This is not the correct answer. This would not be a cause for alarm. This would actually reduce the company's network risk. 

D. Private IP addresses are used on the internal network and are registered with the internal AD integrated DNS server. 

This is not the correct answer. This would not be a cause for alarm. This would actually reduce the company's network risk. 


Q33. What is the key advantage of Session Hijacking? 

A. It can be easily done and does not require sophisticated skills. 

B. You can take advantage of an authenticated connection. 

C. You can successfully predict the sequence number generation. 

D. You cannot be traced in case the hijack is detected. 

Answer: B

Explanation: As an attacker you don’t have to steal an account and password in order to take advantage of an authenticated connection. 


Q34. Which type of Nmap scan is the most reliable, but also the most visible, and likely to be picked up by and IDS? 

A. SYN scan 

B. ACK scan 

C. RST scan 

D. Connect scan 

E. FIN scan 

Answer: D 

Explanation: The TCP full connect (-sT) scan is the most reliable. 


Q35. The GET method should never be used when sensitive data such as credit card is being sent to a CGI program. This is because any GET command will appear in the URL, and will be logged by any servers. For example, let's say that you've entered your credit card information into a form that uses the GET method. The URL may appear like this: 

https://www.xsecurity-bank.com/creditcard.asp?cardnumber=453453433532234 

The GET method appends the credit card number to the URL. This means that anyone with access to a server log will be able to obtain this information. How would you protect from this type of attack? 

A. Never include sensitive information in a script 

B. Use HTTPS SSLv3 to send the data instead of plain HTTPS 

C. Replace the GET with POST method when sending data 

D. Encrypt the data before you send using GET method 

Answer: C


312-50 test question

Improve examcollection ceh 312-50:

Q36. In an attempt to secure his wireless network, Bob turns off broadcasting of the SSID. He concludes that since his access points require the client computer to have the proper SSID, it would prevent others from connecting to the wireless network. Unfortunately unauthorized users are still able to connect to the wireless network. 

Why do you think this is possible? 

A. Bob forgot to turn off DHCP. 

B. All access points are shipped with a default SSID. 

C. The SSID is still sent inside both client and AP packets. 

D. Bob’s solution only works in ad-hoc mode. 

Answer: B

Explanation: All access points are shipped with a default SSID unique to that manufacturer, for example 3com uses the default ssid comcomcom. 


Q37. Under what conditions does a secondary name server request a zone transfer from a primary name server? 

A. When a primary SOA is higher that a secondary SOA 

B. When a secondary SOA is higher that a primary SOA 

C. When a primary name server has had its service restarted 

D. When a secondary name server has had its service restarted 

E. When the TTL falls to zero 

Answer: A

Explanation: Understanding DNS is critical to meeting the requirements of the CEH. When the serial number that is within the SOA record of the primary server is higher than the Serial number within the SOA record of the secondary DNS server, a zone transfer will take place. 


Q38. David is a security administrator working in Boston. David has been asked by the office's manager to block all POP3 traffic at the firewall because he believes employees are spending too much time reading personal email. How can David block POP3 at the firewall? 

A. David can block port 125 at the firewall. 

B. David can block all EHLO requests that originate from inside the office. 

C. David can stop POP3 traffic by blocking all HELO requests that originate from inside the office. 

D. David can block port 110 to block all POP3 traffic. 

Answer: D


Q39. In this type of Man-in-the-Middle attack, packets and authentication tokens are captured using a sniffer. Once the relevant information is extracted, the tokens are placed back on the network to gain access. 


A. Token Injection Replay attacks 

B. Shoulder surfing attack 

C. Rainbow and Hash generation attack 

D. Dumpster diving attack 

Answer: A


Q40. You ping a target IP to check if the host is up. You do not get a response. You suspect ICMP is blocked at the firewall. Next you use hping2 tool to ping the target host and you get a response. Why does the host respond to hping2 and not ping packet? 

[ceh]# ping 10.2.3.4 

PING 10.2.3.4 (10.2.3.4) from 10.2.3.80 : 56(84) bytes of data. 

--- 10.2.3.4 ping statistics ---

3 packets transmitted, 0 packets received, 100% packet loss 

[ceh]# ./hping2 -c 4 -n -i 2 10.2.3.4 

HPING 10.2.3.4 (eth0 10.2.3.4): NO FLAGS are set, 40 headers + 

0 data bytes 

len=46 ip=10.2.3.4 flags=RA seq=0 ttl=128 id=54167 win=0 rtt=0.8 ms 

len=46 ip=10.2.3.4 flags=RA seq=1 ttl=128 id=54935 win=0 rtt=0.7 ms 

len=46 ip=10.2.3.4 flags=RA seq=2 ttl=128 id=55447 win=0 rtt=0.7 ms 

len=46 ip=10.2.3.4 flags=RA seq=3 ttl=128 id=55959 win=0 rtt=0.7 ms 

--- 10.2.3.4 hping statistic ---

4 packets tramitted, 4 packets received, 0% packet loss 

round-trip min/avg/max = 0.7/0.8/0.8 ms 

A. ping packets cannot bypass firewalls 

B. you must use ping 10.2.3.4 switch 

C. hping2 uses TCP instead of ICMP by default 

D. hping2 uses stealth TCP packets to connect 

Answer: C

Explanation: Default protocol is TCP, by default hping2 will send tcp headers to target host's port 0 with a winsize of 64 without any tcp flag on. Often this is the best way to do an 'hide ping', useful when target is behind a firewall that drop ICMP. Moreover a tcp null-flag to port 0 has a good probability of not being logged.