Our pass rate is high to 98.9% and the similarity percentage between our 312-50 study guide and real exam is 90% based on our seven-year educating experience. Do you want achievements in the EC-Council 312-50 exam in just one try? I am currently studying for the EC-Council 312-50 exam. Latest EC-Council 312-50 Test exam practice questions and answers, Try EC-Council 312-50 Brain Dumps First.

Q91. Bob is conducting a password assessment for one of his clients. Bob suspects that password policies are not in place and weak passwords are probably the norm throughout the company he is evaluating. Bob is familiar with password weakness and key loggers. What are the means that Bob can use to get password from his client hosts and servers? 

A. Hardware, Software and Sniffing 

B. Hardware and Software Keyloggers 

C. Software only, they are the most effective 

D. Passwords are always best obtained using Hardware key loggers 


Explanation: All loggers will work as long as he has physical access to the computers. 

Topic 8, Denial of Service 

275. The evil hacker, is purposely sending fragmented ICMP packets to a remote target. The total size of this ICMP packet once reconstructed is over 65,536 bytes. From the information given, what type of attack is attempting to perform? 

A. Syn flood 

B. Smurf 

C. Ping of death 

D. Fraggle 


Reference: http://insecure.org/sploits/ping-o-death.html 

Q92. To see how some of the hosts on your network react, Winston sends out SYN packets to an IP range. A number of IPs respond with a SYN/ACK response. Before the connection is established he sends RST packets to those hosts to stop the session. Winston has done this to see how his intrusion detection system will log the traffic. What type of scan is Winston attempting here? 

A. Winston is attempting to find live hosts on your company's network by using an XMAS scan. 

B. He is utilizing a SYN scan to find live hosts that are listening on your network. 

C. This type of scan he is using is called a NULL scan. 

D. He is using a half-open scan to find live hosts on your network. 

Answer: D

Q93. Neil is an IT security consultant working on contract for Davidson Avionics. Neil has been hired to audit the network of Davidson Avionics. He has been given permission to perform any tests necessary. Neil has created a fake company ID badge and uniform. Neil waits by one of the company's entrance doors and follows an employee into the office after they use their valid access card to gain entrance. What type of social engineering attack has Neil employed here? 

A. Neil has used a tailgating social engineering attack to gain access to the offices 

B. He has used a piggybacking technique to gain unauthorized access 

C. This type of social engineering attack is called man trapping 

D. Neil is using the technique of reverse social engineering to gain access to the offices of Davidson Avionics 

Answer: A

Q94. What type of encryption does WPA2 use? 

A. DES 64 bit 

B. AES-CCMP 128 bit 

C. MD5 48 bit 

D. SHA 160 bit 

Answer: B

Q95. Which of the following tools are used for enumeration? (Choose three.) 

A. SolarWinds 


C. Cheops 


E. DumpSec 

Answer: BDE

Explanation: USER2SID, SID2USER, and DumpSec are three of the tools used for system enumeration. Others are tools such as NAT and Enum. Knowing which tools are used in each step of the hacking methodology is an important goal of the CEH exam. You should spend a portion of your time preparing for the test practicing with the tools and learning to understand their output. 

Q96. Bob waits near a secured door, holding a box. He waits until an employee walks up to the secured door and uses the special card in order to access the restricted area of the target company. Just as the employee opens the door, Bob walks up to the employee (still holding the box) and asks the employee to hold the door open so that he can enter. What is the best way to undermine the social engineering activity of tailgating? 

A. issue special cards to access secured doors at the company and provide a one-time only brief description of use of the special card 

B. to post a sign that states “no tailgating” next to the special card reader adjacent to the secured door 

C. setup a mock video camera next to the special card reader adjacent to the secured door 

D. to educate all of the employees of the company on best security practices on a recurring basis 

Answer: D

Explanation: Tailgating will not work in small company’s where everyone knows everyone, and neither will it work in very large companies where everyone is required to swipe a card to pass, but it’s a very simple and effective social engineering attack against mid-sized companies where it’s common for one employee not to know everyone. There is two ways of stop this attack either by buying expensive perimeter defense in form of gates that only let on employee pass at every swipe of a card or by educating every employee on a recurring basis. 

Q97. What is the correct command to run Netcat on a server using port 56 that spawns command shell when connected? 

A. nc -port 56 -s cmd.exe 

B. nc -p 56 -p -e shell.exe 

C. nc -r 56 -c cmd.exe 

D. nc -L 56 -t -e cmd.exe 

Answer: D

Q98. William has received a Tetris game from someone in his computer programming class through email. William does not really know the person who sent the game very well, but decides to install the game anyway because he really likes Tetris. 

After William installs the game, he plays it for a couple of hours. The next day, William plays the Tetris game again and notices that his machines have begun to slow down. He brings up his Task Manager and sees the following programs running (see Screenshot): 

What has William just installed? 

A. Remote Access Trojan (RAT) 

B. Zombie Zapper (ZoZ) 

C. Bot IRC Tunnel (BIT) 

D. Root Digger (RD) 

Answer: A

Explanation: RATs are malicious programs that run invisibly on host PCs and permit an intruder remote access and control. On a basic level, many RATs mimic the functionality of legitimate remote control programs such as Symantec's pcAnywhere but are designed specifically for stealth installation and operation. Intruders usually hide these Trojan horses in games and other small programs that unsuspecting users then execute on their PCs. Typically, exploited users either download and execute the malicious programs or are tricked into clicking rogue email attachments. 

Q99. Jane wishes to forward X-Windows traffic to a remote host as well as POP3 traffic. She is worried that adversaries might be monitoring the communication link and could inspect captured traffic. She would line to tunnel the information to the remote end but does not have VPN capabilities to do so. 

Which of the following tools can she use to protect the link? 

A. MD5 




Answer: B

Explanation: Port forwarding, or tunneling, is a way to forward otherwise insecure TCP traffic through SSH Secure Shell. You can secure for example POP3, SMTP and HTTP connections that would otherwise be insecure. 

Q100. Ursula is a college student at a University in Amsterdam. Ursula originally went to college to study engineering but later changed to marine biology after spending a month at sea with her friends. These friends frequently go out to sea to follow and harass fishing fleets that illegally fish in foreign waters. Ursula eventually wants to put companies practicing illegal fishing out of business. Ursula decides to hack into the parent company's computers and destroy critical data knowing fully well that, if caught, she probably would be sent to jail for a very long time. What would Ursula be considered? 

A. Ursula would be considered a gray hat since she is performing an act against illegal activities. 

B. She would be considered a suicide hacker. 

C. She would be called a cracker. 

D. Ursula would be considered a black hat. 

Answer: B