Real of 312-50 free download materials and Q&A for EC-Council certification for IT engineers, Real Success Guaranteed with Updated 312-50 pdf dumps vce Materials. 100% PASS Ethical Hacking and Countermeasures (CEHv6) exam Today!

Q11. To what does “message repudiation” refer to what concept in the realm of email security? 

A. Message repudiation means a user can validate which mail server or servers a message was passed through. 

B. Message repudiation means a user can claim damages for a mail message that damaged their reputation. 

C. Message repudiation means a recipient can be sure that a message was sent from a particular person. 

D. Message repudiation means a recipient can be sure that a message was sent from a certain host. 

E. Message repudiation means a sender can claim they did not actually send a particular message. 

Answer: E

Explanation: A quality that prevents a third party from being able to prove that a communication between two other parties ever took place. This is a desirable quality if you do not want your communications to be traceable. Non-repudiation is the opposite quality—a third party can prove that a communication between two other parties took place. Non-repudiation is desirable if you want to be able to trace your communications and prove that they occurred. Repudiation – Denial of message submission or delivery. 


Q12. _______ is one of the programs used to wardial. 

A. DialIT 

B. Netstumbler 

C. TooPac 

D. Kismet 

E. ToneLoc 

Answer: E

Explanation: ToneLoc is one of the programs used to wardial. While this is considered an "old school" technique, it is still effective at finding backdoors and out of band network entry points. 


Q13. Which of the following is most effective against passwords ? 

Select the Answer: 

A. Dictionary Attack 

B. BruteForce attack 

C. Targeted Attack 

D. Manual password Attack 

Answer: B

Explanation: The most effective means of password attack is brute force, in a brute force attack the program will attempt to use every possible combination of characters. While this takes longer then a dictionary attack, which uses a text file of real words, it is always capable of breaking the password. 


Q14. Exhibit: 

Study the following log extract and identify the attack. 

A. Hexcode Attack 

B. Cross Site Scripting 

C. Multiple Domain Traversal Attack 

D. Unicode Directory Traversal Attack 

Answer: D

Explanation: The “Get /msadc/……/……/……/winnt/system32/cmd.exe?” shows that a Unicode Directory Traversal Attack has been performed. 


Q15. Samuel is high school teenager who lives in Modesto California. Samuel is a straight ‘A’ student who really likes tinkering around with computers and other types of electronic devices. Samuel just received a new laptop for his birthday and has been configuring it ever since. While tweaking the registry, Samuel notices a pop up at the bottom of his screen stating that his computer was now connected to a wireless network. All of a sudden, he was able to get online and surf the Internet. 

Samuel did some quick research and was able to gain access to the wireless router he was connecting to and see al of its settings? Being able to hop onto someone else’s wireless network so easily fascinated Samuel so he began doing more and more research on wireless technologies and how to exploit them. The next day Samuel’s fried said that he could drive around all over town and pick up hundred of wireless networks. This really excited Samuel so they got into his friend’s car and drove around the city seeing which networks they could connect to and which ones they could not. 

What has Samuel and his friend just performed? 

A. Wardriving 

B. Warwalking 

C. Warchalking 

D. Webdriving 

Answer: A

Explanation: Wardriving is the act of searching for Wi-Fi wireless networks by a person in a moving vehicle using a Wi-Fi-equipped computer, such as a laptop or a PDA, to detect the networks. It was also known (as of 2002) as "WiLDing" (Wireless Lan Driving, although this term never gained any popularity and is no longer used), originating in the San Francisco Bay Area with the Bay Area Wireless Users Group (BAWUG). It is similar to using a scanner for radio. 

Topic 18, Linux Hacking 

437. Windump is the windows port of the famous TCPDump packet sniffer available on a variety of platforms. In order to use this tool on the Windows platform you must install a packet capture library. 

What is the name of this library? 

A. NTPCAP 

B. LibPCAP 

C. WinPCAP 

D. PCAP 

Answer: C

Explanation: WinPcap is the industry-standard tool for link-layer network access in Windows environments: it allows applications to capture and transmit network packets bypassing the protocol stack, and has additional useful features, including kernel-level packet filtering, a network statistics engine and support for remote packet capture. 


Q16. ETHER: Destination address : 0000BA5EBA11 ETHER: Source address : 

00A0C9B05EBD ETHER: Frame Length : 1514 (0x05EA) ETHER: Ethernet Type : 

0x0800 (IP) IP: Version = 4 (0x4) IP: Header Length = 20 (0x14) IP: 

Service Type = 0 (0x0) IP: Precedence = Routine IP: ...0.... = Normal 

Delay IP: ....0... = Normal Throughput IP: .....0.. = Normal 

Reliability IP: Total Length = 1500 (0x5DC) IP: Identification = 7652 

(0x1DE4) IP: Flags Summary = 2 (0x2) IP: .......0 = Last fragment in 

datagram IP: ......1. = Cannot fragment datagram IP: Fragment Offset = 

 (0x0) bytes IP: Time to Live = 127 (0x7F) IP: Protocol = TCP -Transmission Control IP: Checksum = 0xC26D IP: Source Address = 

10.0.0.2 IP: 

Destination Address = 10.0.1.201 TCP: Source Port = Hypertext Transfer 

Protocol TCP: Destination Port = 0x1A0B TCP: Sequence Number = 

97517760 (0x5D000C0) TCP: Acknowledgement Number = 78544373 (0x4AE7DF5) 

TCP: 

Data Offset = 20 (0x14) TCP: Reserved = 0 (0x0000) TCP: Flags = 

0x10 : .A.... TCP: ..0..... = No urgent data TCP: ...1.... = 

Acknowledgement field significant TCP: ....0... = No Push function TCP: 

.....0.. = No Reset TCP: ......0. = No Synchronize TCP: .......0 = No 

Fin TCP: Window = 28793 (0x7079) TCP: Checksum = 0x8F27 TCP: Urgent 

Pointer = 0 (0x0) 

An employee wants to defeat detection by a network-based IDS application. He does not want to attack the system containing the IDS application. Which of the following strategies can be used to defeat detection by a network-based IDS application? 

A. Create a SYN flood 

B. Create a network tunnel 

C. Create multiple false positives 

D. Create a ping flood 

Answer: B

Explanation: Certain types of encryption presents challenges to network-based intrusion detection and may leave the IDS blind to certain attacks, where a host-based IDS analyzes the data after it has been decrypted. 


Q17. Hackers usually control Bots through: 

A. IRC Channel 

B. MSN Messenger 

C. Trojan Client Software 

D. Yahoo Chat 

E. GoogleTalk 

Answer: A

Explanation: Most of the bots out today has a function to connect to a predetermined IRC channel in order to get orders. 


Q18. Bob is conducting a password assessment for one of his clients. Bob suspects that password policies are not in place and weak passwords are probably the norm throughout the company he is evaluating. Bob is familiar with password weakness and key loggers. What are the means that Bob can use to get password from his client hosts and servers? 

A. Hardware, Software and Sniffing 

B. Hardware and Software Keyloggers 

C. Software only, they are the most effective 

D. Passwords are always best obtained using Hardware key loggers 

Answer:

Explanation: All loggers will work as long as he has physical access to the computers. 

Topic 8, Denial of Service 

275. The evil hacker, is purposely sending fragmented ICMP packets to a remote target. The total size of this ICMP packet once reconstructed is over 65,536 bytes. From the information given, what type of attack is attempting to perform? 

A. Syn flood 

B. Smurf 

C. Ping of death 

D. Fraggle 

Answer:

Reference: http://insecure.org/sploits/ping-o-death.html 


Q19. You are a Administrator of Windows server. You want to find the port number for POP3. What file would you find the information in and where? 

Select the best answer. 

A. %windir%\\etc\\services 

B. system32\\drivers\\etc\\services 

C. %windir%\\system32\\drivers\\etc\\services 

D. /etc/services 

E. %windir%/system32/drivers/etc/services 

Answer: C

Explanation:

Explanations: %windir%\\system32\\drivers\\etc\\services is the correct place to look for this information. 


Q20. Lee is using Wireshark to log traffic on his network. He notices a number of packets being directed to an internal IP from an outside IP where the packets are ICMP and their size is around 65,536 bytes. What is Lee seeing here? 

A. Lee is seeing activity indicative of a Smurf attack. 

B. Most likely, the ICMP packets are being sent in this manner to attempt IP spoofing. 

C. Lee is seeing a Ping of death attack. 

D. This is not unusual traffic, ICMP packets can be of any size. 

Answer: C