EC-Council 312-50 ExamEthical Hacking and Countermeasures (CEHv6)

Total Question: 765 Last Updated: January 15,2018
  • Updated 312-50 Dumps
  • Based on Real 312-50 Exams Scenarios
  • Free 312-50 pdf Demo Available
  • Check out our 312-50 Dumps in a new PDF format
  • Instant 312-50 download
  • Guarantee 312-50 success in first attempt
Package Select:

Questions & Answers PDF

Practice Test Software

Practice Test + PDF 30% Discount

Price: $65.95 $29.99

Buy Now Free Trial

Top Tips Of 312-50 ebook

Exam Code: 312-50 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: Ethical Hacking and Countermeasures (CEHv6)
Certification Provider: EC-Council
Free Today! Guaranteed Training- Pass 312-50 Exam.

Q421. What does the this symbol mean? 

A. Open Access Point 

B. WPA Encrypted Access Point 

C. WEP Encrypted Access Point 

D. Closed Access Point 

Answer: A

Explanation: This symbol is a “warchalking” symbol for a open node (open circle) with the SSID tsunami and the bandwidth 2.0 Mb/s 


Q422. Bob reads an article about how insecure wireless networks can be. He gets approval from his management to implement a policy of not allowing any wireless devices on the network. What other steps does Bob have to take in order to successfully implement this? (Select 2 answer.) 

A. Train users in the new policy. 

B. Disable all wireless protocols at the firewall. 

C. Disable SNMP on the network so that wireless devices cannot be configured. 

D. Continuously survey the area for wireless devices. 

Answer: AD

Explanation: If someone installs a access point and connect it to the network there is no way to find it unless you are constantly surveying the area for wireless devices. SNMP and firewalls can not prevent the installation of wireless devices on the corporate network. 


Q423. You are the security administrator of Jaco Banking Systems located in Boston. You are setting up e-banking website (http://www.ejacobank.com) authentication system. Instead of issuing banking customer with a single password, you give them a printed list of 100 unique passwords. Each time the customer needs to log into the e-banking system website, the customer enters the next password on the list. If someone sees them type the password using shoulder surfing, MiTM or keyloggers, then no damage is done because the password will not be accepted a second time. Once the list of 100 passwords is almost finished, the system automatically sends out a new password list by encrypted e-mail to the customer. 

You are confident that this security implementation will protect the customer from password abuse. 

Two months later, a group of hackers called "HackJihad" found a way to access the one-time password list issued to customers of Jaco Banking Systems. The hackers set up a fake website (http://www.e-jacobank.com) and used phishing attacks to direct ignorant customers to it. The fake website asked users for their e-banking username and password, and the next unused entry from their one-time password sheet. The hackers collected 200 customer's username/passwords this way. They transferred money from the customer's bank account to various offshore accounts. 

Your decision of password policy implementation has cost the bank with USD 925,000 to hackers. You immediately shut down the e-banking website while figuring out the next best security solution 

What effective security solution will you recommend in this case? 

A. Implement Biometrics based password authentication system. Record the customers face image to the authentication database 

B. Configure your firewall to block logon attempts of more than three wrong tries 

C. Enable a complex password policy of 20 characters and ask the user to change the password immediately after they logon and do not store password histories 

D. Implement RSA SecureID based authentication system 

Answer: D


Q424. Exhibit: * Missing* 

Jason's Web server was attacked by a trojan virus. He runs protocol analyzer and notices that the trojan communicates to a remote server on the Internet. Shown below is the standard "hexdump" representation of the network packet, before being decoded. Jason wants to identify the trojan by looking at the destination port number and mapping to a trojan-port number database on the Internet. Identify the remote server's port number by decoding the packet? 

A. Port 1890 (Net-Devil Trojan) 

B. Port 1786 (Net-Devil Trojan) 

C. Port 1909 (Net-Devil Trojan) 

D. Port 6667 (Net-Devil Trojan) 

Answer: D

Explanation: From trace, 0x1A0B is 6667, IRC Relay Chat, which is one port used. Other ports are in the 900's. 


Q425. Bill is a security analyst for his company. All the switches used in the company's office are Cisco switches. Bill wants to make sure all switches are safe from ARP poisoning. How can Bill accomplish this? 

A. Bill can use the command: ip dhcp snooping. 

B. Bill can use the command: no ip snoop. 

C. Bill could use the command: ip arp no flood. 

D. He could use the command: ip arp no snoop. 

Answer: A


Q426. This is an example of whois record. 

Sometimes a company shares a little too much information on their organization through public domain records. Based on the above whois record, what can an attacker do? (Select 2 answers) 

A. Search engines like Google, Bing will expose information listed on the WHOIS record 

B. An attacker can attempt phishing and social engineering on targeted individuals using the information from WHOIS record 

C. Spammers can send unsolicited e-mails to addresses listed in the WHOIS record 

D. IRS Agents will use this information to track individuals using the WHOIS record information 

Answer: BC


Q427. The programmers on your team are analyzing the free, open source software being used to run FTP services on a server in your organization. They notice that there is excessive number of functions in the source code that might lead to buffer overflow. These C++ functions do not check bounds. Identify the line the source code that might lead to buffer overflow. 

A. Line number 31. 

B. Line number 15 

C. Line number 8 

D. Line number 14 

Answer: B


Q428. Jason works in the sales and marketing department for a very large advertising agency located in Atlanta. Jason is working on a very important marketing campaign for his company's largest client. Before the project could be completed and implemented, a competing advertising company comes out with the exact same marketing materials and advertising, thus rendering all the work done for Jason's client unusable. Jason is questioned about this and says he has no idea how all the material ended up in the hands of a competitor. 

Without any proof, Jason's company cannot do anything except move on. After working on another high profile client for about a month, all the marketing and sales material again ends up in the hands of another competitor and is released to the public before Jason's company can finish the project. Once again, Jason says that he had nothing to do with it and does not know how this could have happened. Jason is given leave with pay until they can figure out what is going on. 

Jason's supervisor decides to go through his email and finds a number of emails that were sent to the competitors that ended up with the marketing material. The only items in the emails were attached jpg files, but nothing else. Jason's supervisor opens the picture files, but cannot find anything out of the ordinary with them. 

What technique has Jason most likely used? 

A. Stealth Rootkit Technique 

B. Snow Hiding Technique 

C. ADS Streams Technique 

D. Image Steganography Technique 

Answer: D


Q429. While testing web applications, you attempt to insert the following test script into the search area on the company's web site: 

<script>alert('Testing Testing Testing')</script> 

Afterwards, when you press the search button, a pop up box appears on your screen with the text "Testing Testing Testing". What vulnerability is detected in the web application here? 

A. A hybrid attack 

B. A buffer overflow 

C. Password attacks 

D. Cross Site Scripting 

Answer: D

Explanation: Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications which allow code injection by malicious web users into the web pages viewed by other users. Examples of such code include HTML code and client-side scripts. An exploited cross-site scripting vulnerability can be used by attackers to bypass access controls such as the same origin policy. 


Q430. What is a primary advantage a hacker gains by using encryption or programs such as Loki? 

A. It allows an easy way to gain administrator rights 

B. It is effective against Windows computers 

C. It slows down the effective response of an IDS 

D. IDS systems are unable to decrypt it 

E. Traffic will not be modified in transit 

Answer: D

Explanation: Because the traffic is encrypted, an IDS cannot understand it or evaluate the payload. 


Related 312-50 Articles