Certbus > EC-COUNCIL > Certified Ethical Hacker > 312-50 > 312-50 Online Practice Questions and Answers

312-50 Online Practice Questions and Answers

Questions 4

Pandora is used to attack __________ network operating systems.

A. Windows

B. UNIX

C. Linux

D. Netware

E. MAC OS

Browse 765 Q&As
Questions 5

In what stage of Virus life does a stealth virus gets activated with the user performing certain actions such as running an infected program?

A. Design

B. Elimination

C. Incorporation

D. Replication

E. Launch

F. Detection

Browse 765 Q&As
Questions 6

You went to great lengths to install all the necessary technologies to prevent hacking attacks, such as expensive firewalls, antivirus software, anti-spam systems and intrusion detection/prevention tools in your company's network. You have configured the most secure policies and tightened every device on your network. You are confident that hackers will never be able to gain access to your network with complex security system in place. Your peer, Peter Smith who works at the same department disagrees with you. He says even the best network security technologies cannot prevent hackers gaining access to the network because of presence of "weakest link" in the security chain. What is Peter Smith talking about?

A. Untrained staff or ignorant computer users who inadvertently become the weakest link in your security chain

B. "zero-day" exploits are the weakest link in the security chain since the IDS will not be able to detect these attacks

C. "Polymorphic viruses" are the weakest link in the security chain since the Anti-Virus scanners will not be able to detect these attacks

D. Continuous Spam e-mails cannot be blocked by your security system since spammers use different techniques to bypass the filters in your gateway

Browse 765 Q&As
Questions 7

A buffer overflow occurs when a program or process tries to store more data in a buffer (temporary data storage area) then it was intended to hold. What is the most common cause of buffer overflow in software today?

A. Bad permissions on files.

B. High bandwidth and large number of users.

C. Usage of non standard programming languages.

D. Bad quality assurance on software produced.

Browse 765 Q&As
Questions 8

An employee wants to defeat detection by a network-based IDS application. He does not want to attack the system containing the IDS application. Which of the following strategies can be used to defeat detection by a network-based IDS application? (Choose the best answer)

A. Create a network tunnel.

B. Create a multiple false positives.

C. Create a SYN flood.

D. Create a ping flood.

Browse 765 Q&As
Questions 9

Carl has successfully compromised a web server from behind a firewall by exploiting a vulnerability in the web server program. He wants to proceed by installing a backdoor program. However, he is aware that not all inbound ports on the firewall are in the open state.

From the list given below, identify the port that is most likely to be open and allowed to reach the server that Carl has just compromised.

A. 53

B. 110

C. 25

D. 69

Browse 765 Q&As
Questions 10

Neil monitors his firewall rules and log files closely on a regular basis. Some of the users have complained to Neil that there are a few employees who are visiting offensive web sites during work hours, without consideration for others. Neil knows that he has an updated content filtering system and that such access should not be authorized.

What type of technique might be used by these offenders to access the Internet without restriction?

A. They are using UDP which is always authorized at the firewall.

B. They are using tunneling software which allows them to communicate with protocols in a way it was not intended.

C. They have been able to compromise the firewall, modify the rules, and give themselves proper access.

D. They are using an older version of Internet Explorer that allows them to bypass the proxy server.

Browse 765 Q&As
Questions 11

You may be able to identify the IP addresses and machine names for the firewall, and the names of internal mail servers by:

A. Sending a mail message to a valid address on the target network, and examining the header information generated by the IMAP servers

B. Examining the SMTP header information generated by using the mx command parameter of DIG

C. Examining the SMTP header information generated in response to an e-mail message sent to an invalid address

D. Sending a mail message to an invalid address on the target network, and examining the header information generated by the POP servers

Browse 765 Q&As
Questions 12

In order to attack wireless network, you put up an access point and override the signal of the real access point. And when users send authentication data, you are able to capture it. What kind of attack is this?

A. WEP Attack

B. Drive by hacking

C. Rogue Access Point Attack

D. Unauthorized Access Point Attack

Browse 765 Q&As
Questions 13

Matthew re-injects a captured wireless packet back onto the network. He does this hundreds of times within a second. The packet is correctly encrypted and Matthew assumes it is an ARP request packet. The wireless host responds with a

stream of responses, all individually encrypted with different IVs.

What is this attack most appropriately called?

A. Spoof Attack

B. Replay Attack

C. Inject Attack

D. Rebound Attack

Browse 765 Q&As
Questions 14

Bill is attempting a series of SQL queries in order to map out the tables within the database that he is trying to exploit.

Choose the attack type from the choices given below.

A. Database Fingerprinting

B. Database Enumeration

C. SQL Fingerprinting

D. SQL Enumeration

Browse 765 Q&As
Questions 15

_________ is a tool that can hide processes from the process list, can hide files, registry entries, and intercept keystrokes.

A. Trojan

B. RootKit

C. DoS tool

D. Scanner

E. Backdoor

Browse 765 Q&As
Questions 16

What ports should be blocked on the firewall to prevent NetBIOS traffic from not coming through the firewall if your network is comprised of Windows NT, 2000, and XP?(Choose all that apply.

A. 110

B. 135

C. 139

D. 161

E. 445

F. 1024

Browse 765 Q&As
Questions 17

You are scanning into the target network for the first time. You find very few conventional ports open. When you attempt to perform traditional service identification by connecting to the open ports, it yields either unreliable or no results. You are unsure of what protocols are being used. You need to discover as many different protocols as possible. Which kind of scan would you use to do this?

A. Nmap with the sO (Raw IP packets) switch

B. Nessus scan with TCP based pings

C. Nmap scan with the sP (Ping scan) switch

D. Netcat scan with the u e switches

Browse 765 Q&As
Questions 18

Which of the following is an automated vulnerability assessment tool.

A. Whack a Mole

B. Nmap

C. Nessus

D. Kismet

E. Jill32

Browse 765 Q&As
Exam Code: 312-50
Exam Name: Ethical Hacker Certified
Last Update: Mar 19, 2024
Questions: 765 Q&As

PDF

$45.99

VCE

$49.99

PDF + VCE

$59.99