10 tips on How to 312-50 Test Like a Badass [341 to 350]

★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW 312-50 Exam Dumps (PDF & VCE):
Available on: https://www.certleader.com/312-50-dumps.html


Exact of 312-50 practice exam materials and item pool for EC-Council certification for examinee, Real Success Guaranteed with Updated 312-50 pdf dumps vce Materials. 100% PASS Ethical Hacking and Countermeasures (CEHv6) exam Today!

2016 May 312-50 Study Guide Questions:

Q341. Jacob would like your advice on using a wireless hacking tool that can save him time and get him better results with lesser packets. You would like to recommend a tool that uses KoreK's implementation. Which tool would you recommend from the list below? 

A. Kismet 

B. Shmoo 

C. Aircrack 

D. John the Ripper 

Answer: C

Explanation: Implementing KoreK's attacks as well as improved FMS, aircrack provides the fastest and most effective statistical attacks available. John the Ripper is a password cracker, Kismet is an 802.11 layer2 wireless network detector, sniffer, and intrusion detection system, and 


Q342. In the context of using PKI, when Sven wishes to send a secret message to Bob, he looks up Bob’s public key in a directory, uses it to encrypt the message before sending it off. Bob then uses his private key to decrypt the message and reads it. No one listening on can decrypt the message. 

Anyone can send an encrypted message to Bob but only Bob can read it. Thus, although many people may know Bob’s public key and use it to verify Bob’s signature, they cannot discover Bob’s private key and use it to forge digital signatures. 

What does this principle refer to? 

A. Irreversibility 

B. Non-repudiation 

C. Symmetry 

D. Asymmetry 

Answer: D

Explanation: PKI uses asymmetric key pair encryption. One key of the pair is the only way to decrypt data encrypted with the other. 


Q343. The United Kingdom (UK) he passed a law that makes hacking into an unauthorized network a felony. 

The law states: 

Section1 of the Act refers to unauthorized access to computer material. This states that a person commits an offence if he causes a computer to perform any function with intent to secure unauthorized access to any program or data held in any computer. For a successful conviction under this part of the Act, the prosecution must prove that the access secured is unauthorized and that the suspect knew that this was the case. This section is designed to deal with common-or-graden hacking. 

Section 2 of the deals with unauthorized access with intent to commit or facilitate the commission of further offences. An offence is committed under Section 2 if a Section 1 offence has been committed and there is the intention of committing or facilitating a further offense (any offence which attacks a custodial sentence of more than five years, not necessarily one covered but the Act). Even if it is not possible to prove the intent to commit the further offence, the Section 1 offence is still committed. 

Section 3 Offences cover unauthorized modification of computer material, which generally means the creation and distribution of viruses. For conviction to succeed there must have been the intent to cause the modifications and knowledge that the modification had not been authorized 

What is the law called? 

A. Computer Misuse Act 1990 

B. Computer incident Act 2000 

C. Cyber Crime Law Act 2003 

D. Cyber Space Crime Act 1995 

Answer: A 

Explanation: Computer Misuse Act (1990) creates three criminal offences: 


312-50 download

Up to the minute 312-50 simulations:

Q344. Which of the following are well know password-cracking programs?(Choose all that apply. 

A. L0phtcrack 

B. NetCat 

C. Jack the Ripper 

D. Netbus 

E. John the Ripper 

Answer: AE

Explanation: L0phtcrack and John the Ripper are two well know password-cracking programs. Netcat is considered the Swiss-army knife of hacking tools, but is not used for password cracking 


Q345. Which programming language is NOT vulnerable to buffer overflow attacks? 

A. Java 

B. ActiveX 

C. C++ 

D. Assembly Language 

Answer: A

Explanation: Perl and Java has boundary checking, hence buffer overflows don't occur. On the other hand, Perl and Java don't offer access to the system that is as deep as some programs need. 

Topic 21, Cryptography 


Q346. You are scanning into the target network for the first time. You find very few conventional ports open. When you attempt to perform traditional service identification by connecting to the open ports, it yields either unreliable or no results. You are unsure of what protocols are being used. You need to discover as many different protocols as possible. Which kind of scan would you use to do this? 

A. Nmap with the –sO (Raw IP packets) switch 

B. Nessus scan with TCP based pings 

C. Nmap scan with the –sP (Ping scan) switch 

D. Netcat scan with the –u –e switches 

Answer: A

Explanation: Running Nmap with the –sO switch will do a IP Protocol Scan. The IP protocol scan is a bit different than the other nmap scans. The IP protocol scan is searching for additional IP protocols in use by the remote station, such as ICMP, TCP, and UDP. If a router is scanned, additional IP protocols such as EGP or IGP may be identified. 


312-50 exam topics

Download 312-50 tutorials:

Q347. How would you prevent session hijacking attacks? 

A. Using biometrics access tokens secures sessions against hijacking 

B. Using non-Internet protocols like http secures sessions against hijacking 

C. Using hardware-based authentication secures sessions against hijacking 

D. Using unpredictable sequence numbers secures sessions against hijacking 

Answer: D

Explanation: Protection of a session needs to focus on the unique session identifier because it is the only thing that distinguishes users. If the session ID is compromised, attackers can impersonate other users on the system. The first thing is to ensure that the sequence of identification numbers issued by the session management system is unpredictable; otherwise, it's trivial to hijack another user's session. Having a large number of possible session IDs (meaning that they should be very long) means that there are a lot more permutations for an attacker to try. 


Q348. Symmetric encryption algorithms are known to be fast but present great challenges on the key management side. Asymmetric encryption algorithms are slow but allow communication with a remote host without having to transfer a key out of band or in person. If we combine the strength of both crypto systems where we use the symmetric algorithm to encrypt the bulk of the data and then use the asymmetric encryption system to encrypt the symmetric key, what would this type of usage be known as? 

A. Symmetric system 

B. Combined system 

C. Hybrid system 

D. Asymmetric system 

Answer: C

Explanation: Because of the complexity of the underlying problems, most public-key algorithms involve operations such as modular multiplication and exponentiation, which are much more computationally expensive than the techniques used in most block ciphers, especially with typical key sizes. As a result, public-key cryptosystems are commonly "hybrid" systems, in which a fast symmetric-key encryption algorithm is used for the message itself, while the relevant symmetric key is sent with the message, but encrypted using a public-key algorithm. Similarly, hybrid signature schemes are often used, in which a cryptographic hash function is computed, and only the resulting hash is digitally signed. 


Q349. In order to attack a wireless network, you put up an access point and override the signal of the real access point. As users send authentication data, you are able to capture it. What kind of attack is this? 

A. WEP attack 

B. Drive by hacking 

C. Rogue access point attack 

D. Unauthorized access point attack 

Answer: C

Explanation: The definition of a Rogue access point is:1. A wireless access point (AP) installed by an employee without the consent of the IT department. Without the proper security configuration, users have exposed their company's network to the outside world.2. An access point (AP) set up by an attacker outside a facility with a wireless network. Also called an "evil twin," the rogue AP picks up beacons (signals that advertise its presence) from the company's legitimate AP and transmits identical beacons, which some client machines inside the building associate with. 


Q350. You have been using the msadc.pl attack script to execute arbitrary commands on an NT4 web server. While it is effective, you find it tedious to perform extended functions. On further research you come across a perl script that runs the following msadc functions: 


What kind of exploit is indicated by this script? 

A. A buffer overflow exploit. 

B. A SUID exploit. 

C. A SQL injection exploit. 

D. A chained exploit. 

E. A buffer under run exploit. 

Answer: D



see more Ethical Hacking and Countermeasures (CEHv6)