[Newest Version] Free 312-50 PDF and Exam Questions Download 100% Pass Exam

Don’t worry about how to get yourself well prepared your Certified Ethical Hacker Hotest 312-50 vce dumps exam! We will work you out of your Certified Ethical Hacker Apr 18,2022 Latest 312-50 exam questions exam with the latest updated Ethical Hacker Certified 312-50 exam questions . We provides the latest real Certified Ethical Hacker 312-50 practice tests, covering every aspect of Newest 312-50 exam questions exam curriculum.

We Geekcert has our own expert team. They selected and published the latest 312-50 preparation materials from Official Exam-Center.

The following are the 312-50 free dumps. Go through and check the validity and accuracy of our 312-50 dumps.312-50 free dumps are questions from the latest full 312-50 dumps. Check 312-50 free questions to get a better understanding of 312-50 exams.

Question 1:

You have installed antivirus software and you want to be sure that your AV signatures are working correctly. You don\’t want to risk the deliberate introduction of a live virus to test the AV software. You would like to write a harmless test virus, which is based on the European Institute for Computer Antivirus Research format that can be detected by the AV software.

How should you proceed?

A. Type the following code in notepad and save the file as SAMPLEVIRUS.COM. Your antivirus program springs into action whenever you attempt to open, run or copy it.X5O!P %@AP[4\PZX54(P^)7CC)7}$SAMPLEVIRUS-STANDARDANTIVIRUS-TEST-FILE!$H H*

B. Type the following code in notepad and save the file as AVFILE.COM. Your antivirus program springs into action whenever you attempt to open, run or copy it.X5O!P %@AP[4\PZX54(P^)7CC)7}$AVFILE-STANDARD-ANTIVIRUS-TESTFILE!$H H*

C. Type the following code in notepad and save the file as TESTAV.COM. Your antivirus program springs into action whenever you attempt to open, run or copy it.X5O!P %@AP[4\PZX54(P^)7CC)7}$TESTAV-STANDARD-ANTIVIRUSTEST-FILE!$H H*

D. Type the following code in notepad and save the file as EICAR.COM. Your antivirus program springs into action whenever you attempt to open, run or copy it.X5O!P %@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TESTFILE!$H H*

Correct Answer: D

The EICAR test file (official name: EICAR Standard Anti-Virus Test File) is a file, developed by the European Institute for Computer Antivirus Research, to test the response of computer antivirus (AV) programs. The rationale behind it is to allow people, companies, and AV programmers to test their software without having to use a real computer virus that could cause actual damage should the AV not respond correctly. EICAR likens the use of a live virus to test AV software to setting a fire in a trashcan to test a fire alarm, and promotes the EICAR test file as a safe alternative.

Question 2:

Marshall is the information security manager for his company. Marshall was just hired on two months ago after the last information security manager retired. Since the last manager did not implement or even write IT policies, Marshall has begun writing IT security policies to cover every conceivable aspect. Marshall\’s supervisor has informed him that while most employees will be under one set of policies, ten other employees will be under another since they work on computers in publicly- accessible areas. Per his supervisor, Marshall has written two sets of policies. For the users working on publicly-accessible computers, their policies state that everything is forbidden. They are not allowed to browse the Internet or even use email. The only thing they can use is their work related applications like Word and Excel.

What types of policies has Marshall written for the users working on computers in the publicly- accessible areas?

A. He has implemented Permissive policies for the users working on public computers

B. These types of policies would be considered Promiscuous policies

C. He has written Paranoid policies for these users in public areas

D. Marshall has created Prudent policies for the computer users in publicly-accessible areas

Correct Answer: C

It says that everything is forbidden, this means that there is a Paranoid Policy implemented

Question 3:

Bob was frustrated with his competitor, Brownies Inc., and decided to launch an attack that would result in serious financial losses. He planned the attack carefully and carried out the attack at the appropriate moment. Meanwhile, Trent, an administrator at Brownies Inc., realized that their main financial transaction server had been attacked. As a result of the attack, the server crashed and Trent needed to reboot the system, as no one was able to access the resources of the company. This process involves human interaction to fix it. What kind of Denial of Service attack was best illustrated in the scenario above?

A. DOS attacks which involves flooding a network or system

B. DOS attacks which involves crashing a network or system

C. DOS attacks which is done accidentally or deliberately

D. Simple DDOS attack

Correct Answer: B

This is not a DDOS, there is only one person involved as attacker

Question 4:

Attacker forges a TCP/IP packet, which causes the victim to try opening a connection with itself. This causes the system to go into an infinite loop trying to resolve this unexpected connection. Eventually, the connection times out, but during this resolution, the machine appears to hang or become very slow. The attacker sends such packets on a regular basis to slow down the system.

Unpatched Windows XP and Windows Server 2003 machines are vulnerable to these attacks. What type of Denial of Service attack is represented here?

A. SMURF Attacks

B. Targa attacks

C. LAND attacks

D. SYN Flood attacks

Correct Answer: C

The attack involves sending a spoofed TCP SYN packet (connection initiation) with the target host\’s IP address and an open port as both source and destination.The reason a LAND attack works is because it causes the machine to reply to itself continuously.


Question 5:

You run nmap port Scan on and attempt to gain banner/server information from services running on ports 21, 110 and 123.

Here is the output of your scan results: Which of the following nmap command did you run?

A. nmap -A -sV -p21,110,123

B. nmap -F -sV -p21,110,123

C. nmap -O -sV -p21,110,123

D. nmap -T -sV -p21,110,123

Correct Answer: C

Question 6:

You receive an e-mail with the following text message.

“Microsoft and HP today warned all customers that a new, highly dangerous virus has been discovered which will erase all your files at midnight. If there\’s a file called hidserv.exe on your computer, you have been infected and your computer

is now running a hidden server that allows hackers to access your computer. Delete the file immediately. Please also pass this message to all your friends and colleagues as soon as possible.”

You launch your antivirus software and scan the suspicious looking file hidserv.exe located in

c:\windows directory and the AV comes out clean meaning the file is not infected. You view the file signature and confirm that it is a legitimate Windows system file “Human Interface Device Service”.

What category of virus is this?

A. Virus hoax

B. Spooky Virus

C. Stealth Virus

D. Polymorphic Virus

Correct Answer: A

Question 7:

Which of the following statement correctly defines ICMP Flood Attack? (Select 2 answers) A. Bogus ECHO reply packets are flooded on the network spoofing the IP and MAC address

B. The ICMP packets signal the victim system to reply and the combination of traffic saturates the bandwidth of the victim\’s network

C. ECHO packets are flooded on the network saturating the bandwidth of the subnet causing denial of service

D. A DDoS ICMP flood attack occurs when the zombies send large volumes of ICMP_ECHO_REPLY packets to the victim system.

Correct Answer: BD

Question 8:

You are the CIO for Avantes Finance International, a global finance company based in Geneva. You are responsible for network functions and logical security throughout the entire corporation. Your company has over 250 servers running Windows Server, 5000 workstations running Windows Vista, and 200 mobile users working from laptops on Windows 7.

Last week, 10 of your company\’s laptops were stolen from salesmen while at a conference in Amsterdam. These laptops contained proprietary company information. While doing damage assessment on the possible public relations nightmare this may become, a news story leaks about the stolen laptops and also that sensitive information from those computers was posted to a blog online.

What built-in Windows feature could you have implemented to protect the sensitive information on these laptops?

A. You should have used 3DES which is built into Windows

B. If you would have implemented Pretty Good Privacy (PGP) which is built into Windows, the sensitive information on the laptops would not have leaked out

C. You should have utilized the built-in feature of Distributed File System (DFS) to protect the sensitive information on the laptops

D. You could have implemented Encrypted File System (EFS) to encrypt the sensitive files on the laptops

Correct Answer: D

Question 9:

What techniques would you use to evade IDS during a Port Scan? (Select 4 answers)

A. Use fragmented IP packets

B. Spoof your IP address when launching attacks and sniff responses from the server

C. Overload the IDS with Junk traffic to mask your scan

D. Use source routing (if possible)

E. Connect to proxy servers or compromised Trojaned machines to launch attacks

Correct Answer: ABDE

Question 10:

Fred is scanning his network to ensure it is as secure as possible. Fred sends a TCP probe packet to a host with a FIN flag and he receives a RST/ACK response. What does this mean?

A. This response means the port he is scanning is open.

B. The RST/ACK response means the port Fred is scanning is disabled.

C. This means the port he is scanning is half open.

D. This means that the port he is scanning on the host is closed.

Correct Answer: D

Question 11:

File extensions provide information regarding the underlying server technology. Attackers can use this information to search vulnerabilities and launch attacks. How would you disable file extensions in Apache servers?

A. Use disable-eXchange

B. Use mod_negotiation

C. Use Stop_Files

D. Use Lib_exchanges

Correct Answer: B

Question 12:

An Attacker creates a zuckerjournals.com website by copying and mirroring HACKERJOURNALS.COM site to spread the news that Hollywood actor Jason Jenkins died in a car accident. The attacker then submits his fake site for indexing in major search engines. When users search for “Jason Jenkins”, attacker\’s fake site shows up and dupes victims by the fake news.

This is another great example that some people do not know what URL\’s are. Real website: Fake website: http://www.zuckerjournals.com

The website is clearly not WWW.HACKERJOURNALS.COM. It is obvious for many, but unfortunately some people still do not know what an URL is. It\’s the address that you enter into the address bar at the top your browser and this is clearly not legit site, its www.zuckerjournals.com

How would you verify if a website is authentic or not?

A. Visit the site using secure HTTPS protocol and check the SSL certificate for authenticity

B. Navigate to the site by visiting various blogs and forums for authentic links

C. Enable Cache on your browser and lookout for error message warning on the screen

D. Visit the site by clicking on a link from Google search engine

Correct Answer: D

Question 13:

Blane is a network security analyst for his company. From an outside IP, Blane performs an XMAS scan using Nmap. Almost every port scanned does not illicit a response. What can he infer from this kind of response?

A. These ports are open because they do not illicit a response.

B. He can tell that these ports are in stealth mode.

C. If a port does not respond to an XMAS scan using NMAP, that port is closed.

D. The scan was not performed correctly using NMAP since all ports, no matter what their state, will illicit some sort of response from an XMAS scan.

Correct Answer: A

Question 14:

To see how some of the hosts on your network react, Winston sends out SYN packets to an IP range. A number of IPs respond with a SYN/ACK response. Before the connection is established he sends RST packets to those hosts to stop the session. Winston has done this to see how his intrusion detection system will log the traffic. What type of scan is Winston attempting here?

A. Winston is attempting to find live hosts on your company\’s network by using an XMAS scan.

B. He is utilizing a SYN scan to find live hosts that are listening on your network.

C. This type of scan he is using is called a NULL scan.

D. He is using a half-open scan to find live hosts on your network.

Correct Answer: D

Question 15:

What command would you type to OS fingerprint a server using the command line?

A. Option A

B. Option B

C. Option C

D. Option D

Correct Answer: C