★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW 312-50 Exam Dumps (PDF & VCE):
Available on: https://www.certleader.com/312-50-dumps.html


Dont squander any period to research other Actualtests. Our EC-Council EC-Council exam braindumps are totally free for you. EC-Council certification exam questions and also answers are most reliable, precise and logical training materials, which usually promise an individual a substantial score to pass the EC-Council exam. Take measures right currently, and you will always be at your occupation peak very quickly with a EC-Council EC-Council certification.

2021 Oct ec-council certified ethical hacker exam 312-50 cost:

Q261. The terrorist organizations are increasingly blocking all traffic from North America or from Internet Protocol addresses that point to users who rely on the English Language. 

Hackers sometimes set a number of criteria for accessing their website. This information is shared among the co-hackers. For example if you are using a machine with the Linux Operating System and the Netscape browser then you will have access to their website in a convert way. When federal investigators using PCs running windows and using Internet Explorer visited the hacker’s shared site, the hacker’s system immediately mounted a distributed denial-of-service attack against the federal system. 

Companies today are engaging in tracking competitor’s through reverse IP address lookup sites like whois.com, which provide an IP address’s domain. When the competitor visits the companies website they are directed to a products page without discount and prices are marked higher for their product. When normal users visit the website they are directed to a page with full-blown product details along with attractive discounts. This is based on IP-based blocking, where certain addresses are barred from accessing a site. 

What is this masking technique called? 

A. Website Cloaking 

B. Website Filtering 

C. IP Access Blockade 

D. Mirrored WebSite 

Answer: A

Explanation: Website Cloaking travels under a variety of alias including Stealth, Stealth scripts, IP delivery, Food Script, and Phantom page technology. It’s hot- due to its ability to manipulate those elusive top-ranking results from spider search engines. 


Q262. Scanning for services is an easy job for Bob as there are so many tools available from the Internet. In order for him to check the vulnerability of company, he went through a few scanners that are currently available. Here are the scanners that he uses: 

-Axent’s NetRecon (http://www.axent.com) 

-SARA, by Advanced Research Organization (http://www-arc.com/sara) 

-VLAD the Scanner, by Razor (http://razor.bindview.com/tools/) 

However, there are many other alternative ways to make sure that the services that have been scanned will be more accurate and detailed for Bob. 

What would be the best method to accurately identify the services running on a victim host? 

A. Using Cheops-ng to identify the devices of company. 

B. Using the manual method of telnet to each of the open ports of company. 

C. Using a vulnerability scanner to try to probe each port to verify or figure out which service is running for company. 

D. Using the default port and OS to make a best guess of what services are running on each port for company. 

Answer: B

Explanation: By running a telnet connection to the open ports you will receive banners that tells you what service is answering on that specific port. 


Q263. Matthew re-injects a captured wireless packet back onto the network. He does this hundreds of times within a second. The packet is correctly encrypted and Matthew assumes it is an ARP request packet. The wireless host responds with a stream of responses, all individually encrypted with different IVs. What is this attack most appropriately called? 

A. Spoof Attack 

B. Replay Attack 

C. Inject Attack 

D. Rebound Attack 

Answer: B

Explanation: A replay attack is a form of network attack in which a valid data transmission is maliciously or fraudulently repeated or delayed. This is carried out either by the originator or by an adversary who intercepts the data and retransmits it. 


Q264. You work as security technician at ABC.com. While doing web application testing, you might be required to look through multiple web pages online which can take a long time. Which of the processes listed below would be a more efficient way of doing this type of validation? 

A. Use mget to download all pages locally for further inspection. 

B. Use wget to download all pages locally for further inspection. 

C. Use get* to download all pages locally for further inspection. 

D. Use get() to download all pages locally for further inspection. 

Answer: B

Explanation: Wget is a utility used for mirroring websites, get* doesn’t work, as for the actual FTP command to work there needs to be a space between get and * (ie. get *), get(); is just bogus, that’s a C function that’s written 100% wrong. mget is a command used from “within” ftp itself, ruling out A. Which leaves B use wget, which is designed for mirroring and download files, especially web pages, if used with the –R option (ie. wget –R www.ABC.com) it could mirror a site, all expect protected portions of course. 

Note: GNU Wget is a free network utility to retrieve files from the World Wide Web using HTTP and FTP and can be used to make mirrors of archives and home pages thus enabling work in the background, after having logged off. 


Q265. Which type of attack is port scanning? 

A. Web server attack 

B. Information gathering 

C. Unauthorized access 

D. Denial of service attack 

Answer: B


Avant-garde ceh 312-50 dumps:

Q266. Which programming language is NOT vulnerable to buffer overflow attacks? 

A. Java 

B. ActiveX 

C. C++ 

D. Assembly Language 

Answer: A

Explanation: Perl and Java has boundary checking, hence buffer overflows don't occur. On the other hand, Perl and Java don't offer access to the system that is as deep as some programs need. 

Topic 21, Cryptography 


Q267. Reflective DDoS attacks do not send traffic directly at the targeted host. Instead, they usually spoof the originating IP addresses and send the requests at the reflectors. These reflectors (usually routers or high-powered servers with a large amount of network resources at their disposal) then reply to the spoofed targeted traffic by sending loads and loads of data to the final target. 

How would you detect these reflectors on your network? 

A. Run floodnet tool to detect these reflectors 

B. Look for the banner text by running Zobbie Zappers tools 

C. Run Vulnerability scanner on your network to detect these reflectors 

D. Scan the network using Nmap for the services used by these reflectors 

Answer: A

Explanation: http://www.exterminate-it.com/malpedia/remove-floodnet 


Q268. In the context of Trojans, what is the definition of a Wrapper? 

A. An encryption tool to protect the Trojan. 

B. A tool used to bind the Trojan with legitimate file. 

C. A tool used to encapsulated packets within a new header and footer. 

D. A tool used to calculate bandwidth and CPU cycles wasted by the Trojan. 

Answer: B

Explanation: These wrappers allow an attacker to take any executable back-door program and combine it with any legitimate executable, creating a Trojan horse without writing a single line of new code. 


Q269. Sara is using the nslookup command to craft queries to list all DNS information (such as Name Servers, host names, MX records, CNAME records, glue records (delegation for child Domains), zone serial number, TimeToLive (TTL) records, etc) for a Domain. What do you think Sara is trying to accomplish? Select the best answer. 

A. A zone harvesting 

B. A zone transfer 

C. A zone update 

D. A zone estimate 

Answer: B

Explanation: The zone transfer is the method a secondary DNS server uses to update its information from the primary DNS server. DNS servers within a domain are organized using a master-slave method where the slaves get updated DNS information from the master DNS. One should configure the master DNS server to allow zone transfers only from secondary (slave) DNS servers but this is often not implemented. By connecting to a specific DNS server and successfully issuing the ls –d domain-name > file-name you have initiated a zone transfer. 


Q270. Which type of hacker represents the highest risk to your network? 

A. script kiddies 

B. grey hat hackers 

C. black hat hackers 

D. disgruntled employees 

Answer: D

Explanation: The disgruntled users have some permission on your database, versus a hacker who might not get into the database. Global Crossings is a good example of how a disgruntled employee -- who took the internal payroll database home on a hard drive -- caused big problems for the telecommunications company. The employee posted the names, Social Security numbers and birthdates of company employees on his Web site. He may have been one of the factors that helped put them out of business.