Most up-to-date 312-50 Exam Study Guides With New Update Exam Questions
Our pass rate is high to 98.9% and the similarity percentage between our 312-50 study guide and real exam is 90% based on our seven-year educating experience. Do you want achievements in the EC-Council 312-50 exam in just one try? I am currently studying for the EC-Council 312-50 exam. Latest EC-Council 312-50 Test exam practice questions and answers, Try EC-Council 312-50 Brain Dumps First.
Q441. You have discovered that an employee has attached a modem to his telephone line and workstation. He has used this modem to dial in to his workstation, thereby bypassing your firewall. A security breach has occurred as a direct result of this activity. The employee explains that he used the modem because he had to download software for a department project. What can you do to solve this problem?
A. Install a network-based IDS
B. Reconfigure the firewall
C. Conduct a needs analysis
D. Enforce your security policy
Explanation: The employee was unaware of security policy.
Q442. Under what conditions does a secondary name server request a zone transfer from a primary name server?
A. When a primary SOA is higher that a secondary SOA
B. When a secondary SOA is higher that a primary SOA
C. When a primary name server has had its service restarted
D. When a secondary name server has had its service restarted
E. When the TTL falls to zero
Explanation: Understanding DNS is critical to meeting the requirements of the CEH. When the serial number that is within the SOA record of the primary server is higher than the Serial number within the SOA record of the secondary DNS server, a zone transfer will take place.
Q443. While testing web applications, you attempt to insert the following test script into the search area on the company's web site:
<script>alert('Testing Testing Testing')</script>
Afterwards, when you press the search button, a pop up box appears on your screen with the text "Testing Testing Testing". What vulnerability is detected in the web application here?
A. A hybrid attack
B. A buffer overflow
C. Password attacks
D. Cross Site Scripting
Explanation: Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications which allow code injection by malicious web users into the web pages viewed by other users. Examples of such code include HTML code and client-side scripts. An exploited cross-site scripting vulnerability can be used by attackers to bypass access controls such as the same origin policy.
Q444. Bart is looking for a Windows NT/2000/XP command-line tool that can be used to assign, display, or modify ACL’s (access control lists) to files or folders and also one that can be used within batch files.
Which of the following tools can be used for that purpose? (Choose the best answer)
Explanation: Cacls.exe is a Windows NT/2000/XP command-line tool you can use to assign, display, or modify ACLs (access control lists) to files or folders. Cacls is an interactive tool, and since it's a command-line utility, you can also use it in batch files.
Q445. After an attacker has successfully compromised a remote computer, what would be one of the last steps that would be taken to ensure that the compromise is not traced back to the source of the problem?
A. Install pactehs
B. Setup a backdoor
C. Cover your tracks
D. Install a zombie for DDOS
Explanation: As a hacker you don’t want to leave any traces that could lead back to you.
Q446. Which of the following are well know password-cracking programs?(Choose all that apply.
C. Jack the Ripper
E. John the Ripper
Explanation: L0phtcrack and John the Ripper are two well know password-cracking programs. Netcat is considered the Swiss-army knife of hacking tools, but is not used for password cracking
Q447. What are the six types of social engineering?(Choose six).
C. Social Validation
Explanation: All social engineering is performed by taking advantage of human nature. For in-depth information on the subject review, read Robert Cialdini's book, Influence: Science and Practice.
Q448. Charlie is the network administrator for his company. Charlie just received a new Cisco router and wants to test its capabilities out and to see if it might be susceptible to a DoS attack resulting in its locking up. The IP address of the Cisco switch is 172.16.0.45. What command can Charlie use to attempt this task?
A. Charlie can use the command: ping -l 56550 172.16.0.45 -t.
B. Charlie can try using the command: ping 56550 172.16.0.45.
C. By using the command ping 172.16.0.45 Charlie would be able to lockup the router
D. He could use the command: ping -4 56550 172.16.0.45.
Q449. DRAG DROP
Drag the term to match with it’s description