TestInside EC-COUNCIL 312-50 Certified Ethical Hacker Certification
312-50 Certified Ethical Hacker
EC-COUNCIL Ethical Hacking and Countermeasures (CEHv6)
Practice Exam: 312-50 Exams
Exam Number/Code: 312-50
Exam Name: Ethical Hacking and Countermeasures (CEHv6)
Questions and Answers: 574 Q&As
( Certified Ethical Hacker )
"Ethical Hacking and Countermeasures (CEHv6)", also known as 312-50
exam, is a EC-COUNCIL certification.With the complete collection of
E x a m :
questions and answers, TestInside has assembled to take you through 574
Q&As to your 312-50 Exam preparation. In the 312-50 exam resources, you will cover every field and category in EC-
COUNCIL Certification helping to ready you for your successful EC-COUNCIL Certification.
Quality and Value for the 312-50 Exam TestInside Practice Exams for EC-COUNCIL Certified Ethical Hacker
Certification 312-50 are written to the highest standards of technical accuracy, using only certified subject matter
experts and published authors for development.
TestInside provide the professional Q&A.
1. We offer free update service for three month.
After you purchase our product, we will offer free update in time for three month.
2. High quality and Value for the 312-50 Exam.
312-50 simulation test questions, including the examination question and the answer, complete by our senior IT
lecturers and the Certified Ethical Hacker product experts, included the current newest 312-50 examination questions.
3. 100% Guarantee to Pass Your Certified Ethical Hacker exam and get your Certified Ethical Hacker Certification.
If you do not pass the EC-COUNCIL Certification 312-50 exam (Ethical Hacking and Countermeasures (CEHv6)) on
your first attempt using our TestInside testing engine and pdf file, we will give you a FULL REFUND of your purchasing
use TestInside 312-50 Q&A ensure you pass the exam at your first try.
TestInside professional provide Certified Ethical Hacker 312-50 the newest Q&A, completely covers 312-50 test
original topic. With our complete Certified Ethical Hacker resources, you will minimize your Certified Ethical Hacker
cost and be ready to pass your 312-50 tests on Your First Try, 100% Money Back Guarantee included!
EC-COUNCIL 312-50 Test belongs to one of the Certified Ethical Hacker certified test, if needs to obtain the Certified
Ethical Hacker certificate, you also need to participate in other related test, the details you may visit the Certified
Ethical Hacker certified topic, in there, you will see all related Certified Ethical Hacker certified subject of examination.
TestInside Testing Engine Features
Comprehensive questions and answers about 312-50 exam
312-50 exam questions accompanied by exhibits
Verified Answers Researched by Industry Experts and almost 100% correct
312-50 exam questions updated on regular basis
Same type as the certification exams, 312-50 exam preparation is in multiple-choice questions (MCQs).
Tested by multiple times before publishing
Try free 312-50 exam demo before you decide to buy it in Test-Inside.com.
Note:This pdf demo do not include the question's picture.
Exam : EC-Council 312-50
Title : Ethical Hacking and Countermeasures (CEHv6)
1. According to the CEH methodology, what is the next step to be performed after footprinting?
C. System Hacking
D. Social Engineering
E. Expanding Influence
2. Your Certkiller trainee Sandra asks you which are the four existing Regional Internet Registry (RIR's)?
A. APNIC, PICNIC, ARIN, LACNIC
B. RIPE NCC, LACNIC, ARIN, APNIC
C. RIPE NCC, NANIC, ARIN, APNIC
D. RIPE NCC, ARIN, APNIC, LATNIC
3. Doug is conducting a port scan of a target network. He knows that his client target network has a web server and
that there is a mail server also which is up and running. Doug has been sweeping the network but has not been able
to elicit any response from the remote target. Which of the following could be the most likely cause behind this lack of
response? Select 4.
A. UDP is filtered by a gateway
B. The packet TTL value is too low and cannot reach the target
C. The host might be down
D. The destination network might be down
E. The TCP windows size does not match
F. ICMP is filtered by a gateway
4. Which of the following activities will NOT be considered as passive footprinting?
A. Go through the rubbish to find out any information that might have been discarded.
B. Search on financial site such as Yahoo Financial to identify assets.
C. Scan the range of IP address found in the target DNS database.
D. Perform multiples queries using a search engine.
5. What is the essential difference between an 'Ethical Hacker' and a 'Cracker'?
A. The ethical hacker does not use the same techniques or skills as a cracker.
B. The ethical hacker does it strictly for financial motives unlike a cracker.
C. The ethical hacker has authorization from the owner of the target.
D. The ethical hacker is just a cracker who is getting paid.
6. You are footprinting an organization to gather competitive intelligence. You visit the company's website for contact
information and telephone numbers but do not find it listed there. You know that they had the entire staff directory
listed on their website 12 months ago but not it is not there.
How would it be possible for you to retrieve information from the website that is outdated?
A. Visit google's search engine and view the cached copy.
B. Visit Archive.org web site to retrieve the Internet archive of the company's website.
C. Crawl the entire website and store them into your computer.
D. Visit the company's partners and customers website for this information.
Joe Hacker runs the hping2 hacking tool to predict the target host's sequence numbers in one of the hacking session.
What does the first and second column mean? Select two.
A. The first column reports the sequence number
B. The second column reports the difference between the current and last sequence number
C. The second column reports the next sequence number
D. The first column reports the difference between current and last sequence number
8. What is "Hacktivism"?
A. Hacking for a cause
B. Hacking ruthlessly
C. An association which groups activists
D. None of the above
9. Which one of the following is defined as the process of distributing incorrect Internet Protocol (IP) addresses/names
with the intent of diverting traffic?
A. Network aliasing
B. Domain Name Server (DNS) poisoning
C. Reverse Address Resolution Protocol (ARP)
D. Port scanning
10. Snort has been used to capture packets on the network. On studying the packets, the penetration tester finds it
to be abnormal. If you were the penetration tester, why would you find this abnormal?
(Note: The student is being tested on concept learnt during passive OS fingerprinting, basic TCP/IP connection
concepts and the ability to read packet signatures from a sniff dumo.)
05/20-17:06:45.061034 18.104.22.168:31337 -> 172.16.1.101:1 TCP TTL:44 TOS:0x10 ID:242
***FRP** Seq: 0XA1D95 Ack: 0x53 Win: 0x400
05/20-17:06:58.685879 22.214.171.124:31337 ->
TCP TTL:44 TOS:0x10 ID:242
***FRP** Seg: 0XA1D95 Ack: 0x53 Win: 0x400
What is odd about this attack? (Choose the most appropriate statement)
A. This is not a spoofed packet as the IP stack has increasing numbers for the three flags.
B. This is back orifice activity as the scan comes from port 31337.
C. The attacker wants to avoid creating a sub-carrier connection that is not normally valid.
D. There packets were created by a tool; they were not created by a standard IP stack.
11. Where should a security tester be looking for information that could be used by an attacker against an
organization? (Select all that apply)
A. CHAT rooms
B. WHOIS database
C. News groups
D. Web sites
E. Search engines
F. Organization's own web site
12. While performing a ping sweep of a subnet you receive an ICMP reply of Code 3/Type 13 for all the pings sent out.
What is the most likely cause behind this response?
A. The firewall is dropping the packets.
B. An in-line IDS is dropping the packets.
C. A router is blocking ICMP.
D. The host does not respond to ICMP packets.
13. The following excerpt is taken from a honeyput log. The log captures activities across three days. There are
several intrusion attempts; however, a few are successful. Study the log given below and answer the following
(Note: The objective of this questions is to test whether the student has learnt about passive OS fingerprinting (which
should tell them the OS from log captures): can they tell a SQL injection attack signature; can they infer if a user ID
has been created by an attacker and whether they can read plain source - destination entries from log entries.)
What can you infer from the above log?
A. The system is a windows system which is being scanned unsuccessfully.
B. The system is a web application server compromised through SQL injection.
C. The system has been compromised and backdoored by the attacker.
D. The actual IP of the successful attacker is 126.96.36.199.
14. You are footprinting Acme.com to gather competitive intelligence. You visit the acme.com websire for contact
information and telephone number numbers but do not find it listed there. You know that they had the entire staff
directory listed on their website 12 months ago but now it is not there. How would it be possible for you to retrieve
information from the website that is outdated?
A. Visit google search engine and view the cached copy.
B. Visit Archive.org site to retrieve the Internet archive of the acme website.
C. Crawl the entire website and store them into your computer.
D. Visit the company's partners and customers website for this information.
15. How does Traceroute map the route that a packet travels from point A to point B?
A. It uses a TCP Timestamp packet that will elicit a time exceed in transit message.
B. It uses a protocol that will be rejected at the gateways on its way to its destination.
C. It manipulates the value of time to live (TTL) parameter packet to elicit a time exceeded in transit message.
D. It manipulated flags within packets to force gateways into generating error messages.
16. You receive an email with the following message:
Hello Steve, We are having technical difficulty in restoring user database record after the recent blackout. Your
account data is corrupted. Please logon to the SuperEmailServices.com and change your password.
http://email@example.com/support/logon.htm If you do not reset your password within
7 days, your account will be permanently disabled locking you out from our e-mail services.
From this e-mail you suspect that this message was sent by some hacker since you have been using their e-mail
services for the last 2 years and they have never sent out an e-mail such as this. You also observe the URL in the
message and confirm your suspicion about 0xde.0xad.0xbde.0xef which looks like hexadecimal numbers. You
immediately enter the following at Windows 2000 command prompt:
You get a response with a valid IP address.
What is the obstructed IP address in the e-mail URL?
17. What are the two basic types of attacks?(Choose two.
18. Bob has been hired to perform a penetration test on Certkiller .com. He begins by looking at IP address ranges
owned by the company and details of domain name registration. He then goes to News Groups and financial web
sites to see if they are leaking any sensitive information of have any technical details online. Within the context of
penetration testing methodology, what phase is Bob involved with?
A. Passive information gathering
B. Active information gathering
C. Attack phase
D. Vulnerability Mapping
19. Network Administrator Patricia is doing an audit of the network. Below are some of her findings concerning DNS.
Which of these would be a cause for alarm? Select the best answer.
A. There are two external DNS Servers for Internet domains. Both are AD integrated.
B. All external DNS is done by an ISP.
C. Internal AD Integrated DNS servers are using private DNS names that are
E. Private IP addresses are used on the internal network and are registered with the internal AD integrated DNS
20. Your lab partner is trying to find out more information about a competitors web site. The site has a .com
extension. She has decided to use some online whois tools and look in one of the regional Internet registrys. Which
one would you suggest she looks in first?
21. While footprinting a network, what port/service should you look for to attempt a zone transfer?
A. 53 UDP
B. 53 TCP
C. 25 UDP
D. 25 TCP
E. 161 UDP
F. 22 TCP
G. 60 TCP
22. A very useful resource for passively gathering information about a target company is:
A. Host scanning
B. Whois search
D. Ping sweep
23. Who is an Ethical Hacker?
A. A person whohacksfor ethical reasons
B. A person whohacksfor an ethical cause
C. A person whohacksfor defensive purposes
D. A person whohacksfor offensive purposes
24. Which of the following tools are used for footprinting?(Choose four.
A. Sam Spade
25. NSLookup is a good tool to use to gain additional information about a target network. What does the following
command accomplish? nslookup
> server <ipaddress>
> set type =any
> ls -d <target.com>
A. Enables DNS spoofing
B. Loads bogus entries into the DNS table
C. Verifies zone security
D. Performs a zone transfer
E. Resets the DNS cache
26. To what does "message repudiation" refer to what concept in the realm of email security?
A. Message repudiation means a user can validate which mail server or servers a message was passed through.
B. Message repudiation means a user can claim damages for a mail message that damaged their reputation.
C. Message repudiation means a recipient can be sure that a message was sent from a particular person.
D. Message repudiation means a recipient can be sure that a message was sent from a certain host.
E. Message repudiation means a sender can claim they did not actually send a particular message.
27. Which of the following would be the best reason for sending a single SMTP message to an address that does not
exist within the target company?
A. To create a denial of service attack.
B. To verify information about the mail administrator and his address.
C. To gather information about internal hosts used in email treatment.
D. To gather information about procedures that are in place to deal with such messages.
28. A Certkiller security System Administrator is reviewing the network system log files.
He notes the following:
- Network log files are at 5 MB at 12:00 noon.
- At 14:00 hours, the log files at 3 MB.
What should he assume has happened and what should he do about the situation?
A. He should contact the attacker's ISP as soon as possible and have the connection disconnected.
B. He should log the event as suspicious activity, continue to investigate, and take further steps according to site
C. He should log the file size, and archive the information, because the router crashed.
D. He should run a file system check, because the Syslog server has a self correcting file system problem.
E. He should disconnect from the Internet discontinue any further unauthorized use, because an attack has taken
29. User which Federal Statutes does FBI investigate for computer crimes involving e-mail scams and mail fraud?
A. 18 U.S.C 1029 Possession of Access Devices
B. 18 U.S.C 1030 Fraud and related activity in connection with computers
C. 18 U.S.C 1343 Fraud by wire, radio or television
D. 18 U.S.C 1361 Injury to Government Property
E. 18 U.S.C 1362 Government communication systems
F. 18 U.S.C 1831 Economic Espionage Act
G. 18 U.S.C 1832 Trade Secrets Act
30. What does the term "Ethical Hacking" mean?
A. Someone who is hacking for ethical reasons.
B. Someone who is using his/her skills for ethical reasons.
C. Someone who is using his/her skills for defensive purposes.
D. Someone who is using his/her skills for offensive purposes.
More 312-50 Information
Related 312-50 Exams
EC0-350 ethical hacking and countermeasures
312-49 Computer Hacking Forensic Investigator
312-50 Ethical Hacking and Countermeasures (CEHv6)
EC0-349 Computer Hacking Forensic Investigator
Other EC-COUNCIL Exams