312-50 is definitely the evaluation value with regard to EC-Council examination which certification has become the reputed checkups which granted on the dealer "EC-Council". This particular EC-Council 312-50 certification can be said for the reason that beginning certification as well as solitary examination selection for attaining EC-Council certification. EC-Council 312-50 examination is definitely the very first step with regard to experienceing the EC-Council. It any individuals for you to examine ale EC-Council modern technology. EC-Council 312-50 is regarded the most effective setting up skilled credentials you can practice. Consequently, getting opted to study with regard to EC-Council you are on the appropriate an eye on an effective skilled enhancement.
This Testaimer.com web site will certainly provide you with credible info concerning 312-50 exam dumps.
2017 Apr 312-50 real exam
Q381. Bank of Timbukut is a medium-sized, regional financial institution in Timbuktu. The bank has deployed a new Internet-accessible Web Application recently. Customers can access their account balances, transfer money between accounts, pay bills and conduct online financial business using a web browser.
John Stevens is in charge of information security at Bank of Timbukut. After one month in production, several customers have complained about the Internet enabled banking application. Strangely, the account balances of many of the bank’s customers had been changed ! However, money hasn’t been removed from the bank, instead money was transferred between accounts. Given this attack profile, John Stevens reviewed the Web Application’s logs and found the following entries.
What kind of attack did the Hacker attempt to carry out at the Bank?
A. Brute Force attack in which the Hacker attempted guessing login ID and password from password cracking tools
B. The Hacker used a generator module to pass results to the Web Server and exploited Web Application CGI vulnerability.
C. The Hacker first attempted logins with suspected user names, then used SQL injection to gain access to valid login IDs
D. The Hacker attempted Session Hijacking, in which the hacker opened an account with the bank, then logged in to receive a session ID, guessed the next ID and took over Jason’s session.
Explanation: Typing things like ‘ or 1=1 – in the login field is evidence of a hacker trying out if the system is vulnerable to SQL injection.
Topic 15, Hacking Wireless Networks
Q382. Frederickson Security Consultants is currently conducting a security audit on the networks of Hawthorn Enterprises, a contractor for the Department of Defense. Since Hawthorn Enterprises conducts business daily with the federal government, they must abide by very stringent security policies. Frederickson is testing all of Hawthorn's physical and logical security measures including biometrics, passwords, and permissions. The federal government requires that all users must utilize random, non-dictionary passwords that must take at least 30 days to crack. Frederickson has confirmed that all Hawthorn employees use a random password generator for their network passwords. The Frederickson consultants have saved off numerous SAM files from Hawthorn's servers using Pwdump6 and are going to try and crack the network passwords. What method of attack is best suited to crack these passwords in the shortest amount of time?
A. Brute force attack
B. Birthday attack
C. Dictionary attack
D. Brute service attack
Q383. Bob is a very security conscious computer user. He plans to test a site that is known to have malicious applets, code, and more. Bob always make use of a basic Web Browser to perform such testing.
Which of the following web browser can adequately fill this purpose?
A. Internet Explorer
Explanation: Lynx is a program used to browse the World Wide Web, which works on simple text terminals, rather than requiring a graphical computer display terminal.
Q384. Which of the following Nmap commands would be used to perform a stack fingerprinting?
A. Nmap -O -p80 <host(s.>
B. Nmap -hU -Q<host(s.>
C. Nmap -sT -p <host(s.>
D. Nmap -u -o -w2 <host>
E. Nmap -sS -0p target
Explanation: This option activates remote host identification via TCP/IP fingerprinting. In other words, it uses a bunch of techniques to detect subtlety in the underlying operating system network stack of the computers you are scanning. It uses this information to create a "fingerprint" which it compares with its database of known OS fingerprints (the nmap-os-fingerprints file. to decide what type of system you are scanning.
Q385. Oregon Corp is fighting a litigation suit with Scamster Inc. Oregon has assigned a private investigative agency to go through garbage, recycled paper, and other rubbish at Scamster's office site in order to find relevant information. What would you call this kind of activity?
A. Garbage Scooping
B. Dumpster Diving
D. CI Gathering
Explanation: Dumpster diving is the colloquial name for going through somebody's garbage --which will usually be in dumpsters for large organizations. This is a powerful tactic because it is protected by social taboos. Trash is bad, and once it goes into the trash, something is best forgotten. The reality is that most company trash is fairly clean, and provides a gold mine of information.
Most recent 312-50 test engine:
Q386. You are scanning the target network for the first time. You are able to detect few convention open ports. While attempting to perform conventional service identification by connecting to the open ports, the scan yields either bad or no result. As you are unsure of the protocols in use, you want to discover as many different protocols as possible. Which of the following scan options can help you achieve this?
A. Nessus sacn with TCP based pings
B. Netcat scan with the switches
C. Nmap scan with the P (ping scan) switch
D. Nmap with the O (Raw IP Packets switch
Explanation: -sO IP protocol scans: This method is used to determine which IP protocols are supported on a host. The technique is to send raw IP packets without any further protocol header to each specified protocol on the target machine. If we receive an ICMP protocol unreachable message, then the protocol is not in use. Otherwise we assume it is open. Note that some hosts (AIX, HP-UX, Digital UNIX) and firewalls may not send protocol unreachable messages.
Q387. Identify SQL injection attack from the HTTP requests shown below:
C. http://www.myserver.com/search.asp?lname=smith%27%3bupdate%20usertable%20set%20pass wd%3d%27hAx0r%27%3b--%00
D. http://www.myserver.com/script.php?mydata=%3cscript%20src=%22http%3a%2f%2fwww.yourser ver.c0m%2fbadscript.js%22% 3e%3c%2fscript%3e
Explantion: The correct answer contains the code to alter the usertable in order to change the password for user smith to hAx0r
Q388. What hacking attack is challenge/response authentication used to prevent?
A. Replay attacks
B. Scanning attacks
C. Session hijacking attacks
D. Password cracking attacks
Explanation: A replay attack is a form of network attack in which a valid data transmission is maliciously or fraudulently repeated or delayed. This is carried out either by the originator or by an adversary who intercepts the data and retransmits it. With a challenge/response authentication you ensure that captured packets can’t be retransmitted without a new authentication.
Q389. A POP3 client contacts the POP3 server:
A. To send mail
B. To receive mail
C. to send and receive mail
D. to get the address to send mail to
E. initiate a UDP SMTP connection to read mail
Explanation: POP is used to receive e-mail.SMTP is used to send e-mail.
Q390. home/root # traceroute www.targetcorp.com <http://www.targetcorp.com>
traceroute to www.targetcorp.com <http://www.targetcorp.com> (192.168.12.18), 64 hops may, 40 byte packets 1 router.anon.com (188.8.131.52) 1.373 ms 1.123 ms 1.280 ms 2 184.108.40.206 (220.127.116.11) 3.680 ms 3.506 ms 4.583 ms 3 firewall.anon.com (18.104.22.168) 127.189 ms 257.404 ms 208.484 ms 4 anon-gw.anon.com (22.214.171.124) 471.68 ms 376.875 ms 228.286 ms 5 fe5-0.lin.isp.com (126.96.36.199) 2.961 ms 3.852 ms 2.974 ms 6 fe0-0.lon0.isp.com (188.8.131.52) 3.979 ms 3.243 ms 4.370 ms 7 184.108.40.206 (220.127.116.11) 11.454 ms 4.221 ms 3.333 ms 6 * * * 7 * * * 8 www.targetcorp.com <http://www.targetcorp.com> (192.168.12.18) 5.392 ms 3.348 ms 3.199 ms
Use the traceroute results shown above to answer the following question:
The perimeter security at targetcorp.com does not permit ICMP TTL-expired packets out.
Explanation: As seen in the exhibit there is 2 registrations with timeout, this tells us that the firewall filters packets where the TTL has reached 0, when you continue with higher starting values for TTL you will get an answer from the target of the traceroute.