Master the 312-50 Ethical Hacking and Countermeasures (CEHv6) content and be ready for exam day success quickly with this Pass4sure 312-50 exam answers. We guarantee it!We make it a reality and give you real 312-50 questions in our EC-Council 312-50 braindumps.Latest 100% VALID EC-Council 312-50 Exam Questions Dumps at below page. You can use our EC-Council 312-50 braindumps and pass your exam.

Q81. What is the best means of prevention against viruses? 

A. Assign read only permission to all files on your system. 

B. Remove any external devices such as floppy and USB connectors. 

C. Install a rootkit detection tool. 

D. Install and update anti-virus scanner. 

Answer: D

Explanation: Although virus scanners only can find already known viruses this is still the best defense, together with users that are informed about risks with the internet. 


Q82. What type of port scan is shown below? 

A. Idle Scan 

B. Windows Scan 

C. XMAS Scan 

D. SYN Stealth Scan 

Answer: C

Explanation: An Xmas port scan is variant of TCP port scan. This type of scan tries to obtain information about the state of a target port by sending a packet which has multiple TCP flags set to 1 - "lit as an Xmas tree". The flags set for Xmas scan are FIN, URG and PSH. The purpose is to confuse and bypass simple firewalls. Some stateless firewalls only check against security policy those packets which have the SYN flag set (that is, packets that initiate connection according to the standards). Since Xmas scan packets are different, they can pass through these simple systems and reach the target host. 


Q83. Steven, a security analyst for XYZ associates, is analyzing packets captured by Ethereal on a Linux Server inside his network when the server starts to slow down tremendously. Steven examines the following Ethereal captures: 

A. Smurf Attack 

B. ARP Spoofing 

C. Ping of Death 

D. SYN Flood 

Answer: A

Explanation: A perpetrator is sending a large amount of ICMP echo (ping) traffic to IP broadcast addresses, all of it having a spoofed source address of the intended victim. If the routing device delivering traffic to those broadcast addresses performs the IP broadcast to layer 2 broadcast function, most hosts on that IP network will take the ICMP echo request and reply to it with an echo reply, multiplying the traffic by the number of hosts responding. 

Topic 9, Social Engineering 

303. Your boss at ABC.com asks you what are the three stages of Reverse Social Engineering. 

A. Sabotage, advertising, Assisting 

B. Sabotage, Advertising, Covering 

C. Sabotage, Assisting, Billing D. Sabotage, Advertising, Covering 

Answer: A

Explanation: Typical social interaction dictates that if someone gives us something then it is only right for us to return the favour. This is known as reverse social engineering, when an attacker sets up a situation where the victim encounters a problem, they ask the attacker for help and once the problem is solved the victim then feels obliged to give the information requested by the attacker. 


Q84. What type of attack changes its signature and/or payload to avoid detection by antivirus programs? 

A. Polymorphic 

B. Rootkit C. Boot sector 

D. File infecting 

Answer: A

Explanation: In computer terminology, polymorphic code is code that mutates while keeping the original algorithm intact. This technique is sometimes used by computer viruses, shellcodes and computer worms to hide their presence. 


Q85. Matthew re-injects a captured wireless packet back onto the network. He does this hundreds of times within a second. The packet is correctly encrypted and Matthew assumes it is an ARP request packet. The wireless host responds with a stream of responses, all individually encrypted with different IVs. What is this attack most appropriately called? 

A. Spoof attack 

B. Replay attack 

C. Injection attack 

D. Rebound attack 

Answer: B

Explanation: A replay attack is a form of network attack in which a valid data transmission is maliciously or fraudulently repeated or delayed. This is carried out either by the originator or by an adversary who intercepts the data and retransmits it, possibly as part of a masquerade attack by IP packet substitution (such as stream cipher attack). 


Q86. What is the term 8 to describe an attack that falsifies a broadcast ICMP echo request and includes a primary and secondary victim? 

A. Fraggle Attack 

B. Man in the Middle Attack 

C. Trojan Horse Attack 

D. Smurf Attack 

E. Back Orifice Attack 

Answer: D

Explanation: Trojan and Back orifice are Trojan horse attacks. Man in the middle spoofs the Ip and redirects the victems packets to the cracker The infamous Smurf attack. preys on ICMP's capability to send traffic to the broadcast address. Many hosts can listen and respond to a single ICMP echo request sent to a broadcast address. 

Network Intrusion Detection third Edition by Stephen Northcutt and Judy Novak pg 70 The "smurf" attack's cousin is called "fraggle", which uses UDP echo packets in the same fashion as the ICMP echo packets; it was a simple re-write of "smurf". 


Q87. Which one of the following instigates a SYN flood attack? 

A. Generating excessive broadcast packets. 

B. Creating a high number of half-open connections. 

C. Inserting repetitive Internet Relay Chat (IRC) messages. 

D. A large number of Internet Control Message Protocol (ICMP) traces. 

Answer: B

Explanation: A SYN attack occurs when an attacker exploits the use of the buffer space during a Transmission Control Protocol (TCP) session initialization handshake. The attacker floods the target system's small "in-process" queue with connection requests, but it does not respond when a target system replies to those requests. This causes the target system to time out while waiting for the proper response, which makes the system crash or become unusable. 


Q88. In this type of Man-in-the-Middle attack, packets and authentication tokens are captured using a sniffer. Once the relevant information is extracted, the tokens are placed back on the network to gain access. 

A. Token Injection Replay attacks 

B. Shoulder surfing attack 

C. Rainbow and Hash generation attack 

D. Dumpster diving attack 

Answer: A


Q89. ________ is an automated vulnerability assessment tool. 

A. Whack a Mole 

B. Nmap 

C. Nessus 

D. Kismet 

E. Jill32 

Answer:

Explanation: Nessus is a vulnerability assessment tool. 


Q90. What is the purpose of firewalking? 

A. It's a technique used to discover Wireless network on foot 

B. It's a technique used to map routers on a network link 

C. It's a technique used to discover interface in promiscuous mode 

D. It's a technique used to discover what rules are configured on a gateway 

Answer: D

Explanation: Firewalking uses a traceroute-like IP packet analysis to determine whether or not a particular packet can pass from the attacker’s host to a destination host through a packet-filtering device. This technique can be used to map ‘open’ or ‘pass through’ ports on a gateway. More over, it can determine whether packets with various control information can pass through a given gateway.