Proper study guides for Far out EC-Council Ethical Hacking and Countermeasures (CEHv6) certified begins with EC-Council 312-50 preparation products which designed to deliver the Top Quality 312-50 questions by making you pass the 312-50 test at your first time. Try the free 312-50 demo right now.

2017 Mar 312-50 practice exam

Q191. What type of Trojan is this? 

A. RAT Trojan 

B. E-Mail Trojan 

C. Defacement Trojan 

D. Destructing Trojan 

E. Denial of Service Trojan 

Answer: C

Q192. Samuel is high school teenager who lives in Modesto California. Samuel is a straight ‘A’ student who really likes tinkering around with computers and other types of electronic devices. Samuel just received a new laptop for his birthday and has been configuring it ever since. While tweaking the registry, Samuel notices a pop up at the bottom of his screen stating that his computer was now connected to a wireless network. All of a sudden, he was able to get online and surf the Internet. 

Samuel did some quick research and was able to gain access to the wireless router he was connecting to and see al of its settings? Being able to hop onto someone else’s wireless network so easily fascinated Samuel so he began doing more and more research on wireless technologies and how to exploit them. The next day Samuel’s fried said that he could drive around all over town and pick up hundred of wireless networks. This really excited Samuel so they got into his friend’s car and drove around the city seeing which networks they could connect to and which ones they could not. 

What has Samuel and his friend just performed? 

A. Wardriving 

B. Warwalking 

C. Warchalking 

D. Webdriving 

Answer: A

Explanation: Wardriving is the act of searching for Wi-Fi wireless networks by a person in a moving vehicle using a Wi-Fi-equipped computer, such as a laptop or a PDA, to detect the networks. It was also known (as of 2002) as "WiLDing" (Wireless Lan Driving, although this term never gained any popularity and is no longer used), originating in the San Francisco Bay Area with the Bay Area Wireless Users Group (BAWUG). It is similar to using a scanner for radio. 

Topic 18, Linux Hacking 

437. Windump is the windows port of the famous TCPDump packet sniffer available on a variety of platforms. In order to use this tool on the Windows platform you must install a packet capture library. 

What is the name of this library? 





Answer: C

Explanation: WinPcap is the industry-standard tool for link-layer network access in Windows environments: it allows applications to capture and transmit network packets bypassing the protocol stack, and has additional useful features, including kernel-level packet filtering, a network statistics engine and support for remote packet capture. 

Q193. How would you permanently wipe the data in the hard disk? 

A. wipe -fik /dev/hda1 

B. erase -fik /dev/hda1 

C. delete -fik /dev/hda1 

D. secdel -fik /dev/hda1 

Answer: A

Q194. This attack uses social engineering techniques to trick users into accessing a fake Web site and divulging personal information. Attackers send a legitimate-looking e-mail asking users to update their information on the company's Web site, but the URLs in the e-mail actually point to a false Web site. 

A. Wiresharp attack 

B. Switch and bait attack 

C. Phishing attack 

D. Man-in-the-Middle attack 

Answer: C

Q195. LAN Manager passwords are concatenated to 14 bytes and split in half. The two halves are hashed individually. If the password is 7 characters or less, than the second half of the hash is always: 

A. 0xAAD3B435B51404EE 

B. 0xAAD3B435B51404AA 

C. 0xAAD3B435B51404BB 

D. 0xAAD3B435B51404CC 

Answer: A

Explanation: A problem with LM stems from the total lack of salting or cipher block chaining in the hashing process. To hash a password the first 7 bytes of it are transformed into an 8 byte odd parity DES key. This key is used to encrypt the 8 byte string "KGS!@". Same thing happens with the second part of the password. This lack of salting creates two interesting consequences. Obviously this means the password is always stored in the same way, and just begs for a typical lookup table attack. The other consequence is that it is easy to tell if a password is bigger than 7 bytes in size. If not, the last 7 bytes will all be null and will result in a constant DES hash of 0xAAD3B435B51404EE. 

Latest 312-50 answers:

Q196. ____________ will let you assume a users identity at a dynamically generated web page or site. 

A. SQL attack 

B. Injection attack 

C. Cross site scripting 

D. The shell attack 

E. Winzapper 

Answer: C

Explanation: Cross site scripting is also referred to as XSS or CSS. You must know the user is online and you must scam that user into clicking on a link that you have sent in order for this hack attack to work. 

Q197. ________ is an automated vulnerability assessment tool. 

A. Whack a Mole 

B. Nmap 

C. Nessus 

D. Kismet 

E. Jill32 


Explanation: Nessus is a vulnerability assessment tool. 

Q198. Which of the following is NOT a valid NetWare access level? 

A. Not Logged in 

B. Logged in 

C. Console Access 

D. Administrator 


Explanation: Administrator is an account not a access level. 

Q199. John Beetlesman, the hacker has successfully compromised the Linux System of Agent Telecommunications, Inc’s WebServer running Apache. He has downloaded sensitive documents and database files off the machine. 

Upon performing various tasks, Beetlesman finally runs the following command on the Linux box before disconnecting. 

for ((i=0;i<1;i++));do 

?dd if=/dev/random of=/dev/hda && dd if=/dev/zero of=/dev/hda 


What exactly is John trying to do? 

A. He is making a bit stream copy of the entire hard disk for later download 

B. He is deleting log files to remove his trace 

C. He is wiping the contents of the hard disk with zeros 

D. He is infecting the hard disk with random virus strings 


Explanation: dd copies an input file to an output file with optional conversions. –if is input file, -of is output file. /dev/zero is a special file that provides as many null characters (ASCII NULL, 0x00; not ASCII character "digit zero", "0", 0x30) as are read from it. /dev/hda is the hard drive. 

Q200. Which programming language is NOT vulnerable to buffer overflow attacks? 

A. Java 

B. ActiveX 

C. C++ 

D. Assembly Language 

Answer: A

Explanation: Perl and Java has boundary checking, hence buffer overflows don't occur. On the other hand, Perl and Java don't offer access to the system that is as deep as some programs need. 

Topic 21, Cryptography