1. Home
  2. EC-COUNCIL
  3. 312-50

Certified Ethical Hacker

Exam Details

  • Exam Code
    :312-50
  • Exam Name
    :Certified Ethical Hacker
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :614 Q&As
  • Last Updated
    :Apr 16, 2025

EC-COUNCIL EC-COUNCIL Certifications 312-50 Questions & Answers

  • Question 471:

    What is a primary advantage a hacker gains by using encryption or programs such as Loki?

    A. It allows an easy way to gain administrator rights

    B. It is effective against Windows computers

    C. It slows down the effective response of an IDS

    D. IDS systems are unable to decrypt it

    E. Traffic will not be modified in transit

  • Question 472:

    Which of the following are potential attacks on cryptography? (Select 3)

    A. One-Time-Pad Attack

    B. Chosen-Ciphertext Attack

    C. Man-in-the-Middle Attack

    D. Known-Ciphertext Attack

    E. Replay Attack

  • Question 473:

    1 172.16.1.254 (172.16.1.254) 0.724 ms 3.285 ms 0.613 ms 2 ip68-98-176-1.nv.nv.cox.net (68.98.176.1) 12.169 ms 14.958 ms 13.416 ms 3 ip68-98-176-1.nv.nv.cox.net (68.98.176.1) 13.948 ms ip68-100-0-1.nv.nv.cox.net

    (68.100.0.1) 16.743 ms 16.207 ms 4 ip68-100-0-137.nv.nv.cox.net (68.100.0.137) 17.324 ms 13.933 ms 20.938 ms

    5 68.1.1.4 (68.1.1.4) 12.439 ms 220.166 ms 204.170 ms 6 so-6-0-0.gar2.wdc1.Level3.net (67.29.170.1) 16.177 ms 25.943 ms 14.104 ms 7 unknown.Level3.net (209.247.9.173) 14.227 ms 17.553 ms 15.415 ms 8 so-0-1-0.bbr1.NewYork1.level3.net (64.159.1.41) 17.063 ms 20.960 ms 19.512 ms 9 so-7-0-0.gar1.NewYork1.Level3.net (64.159.1.182) 20.334 ms 19.440 ms 17.938 ms 10 so-4-0-0.edge1.NewYork1.Level3.net (209.244.17.74) 27.526 ms 18.317 ms 21.202 ms 11 uunet-level3-oc48.NewYork1.Level3.net (209.244.160.12) 21.411 ms 19.133 ms 18.830 ms 12 0.so-6-0-0.XL1.NYC4.ALTER.NET (152.63.21.78) 21.203 ms 22.670 ms 20.111 ms 13 0.so-2-0-0.TL1.NYC8.ALTER.NET (152.63.0.153) 30.929 ms 24.858 ms 23.108 ms 14 0.so-4-1-0.TL1.ATL5.ALTER.NET (152.63.10.129) 37.894 ms 33.244 ms 33.910 ms 15 0.so-7-0-0.XL1.MIA4.ALTER.NET (152.63.86.189) 51.165 ms 49.935 ms 49.466 ms 16 0.so-3-0-0.XR1.MIA4.ALTER.NET (152.63.101.41) 50.937 ms 49.005 ms 51.055 ms 17 117.ATM6-0.GW5.MIA1.ALTER.NET (152.63.82.73) 51.897 ms 50.280 ms 53.647 ms 18 target-gw1.customer.alter.net (65.195.239.14) 51.921 ms 51.571 ms 56.855 ms 19 www.target.com (65.195.239.22) 52.191 ms 52.571 ms 56.855 ms 20 www.target.com (65.195.239.22) 53.561 ms 54.121 ms 58.333 ms

    You perform the above traceroute and notice that hops 19 and 20 both show the same IP address. This probably indicates what?

    A. A host based IDS

    B. A Honeypot

    C. A stateful inspection firewall

    D. An application proxying firewall

  • Question 474:

    ETHER: Destination address : 0000BA5EBA11 ETHER: Source address :

    00A0C9B05EBD ETHER: Frame Length : 1514 (0x05EA) ETHER: Ethernet Type :

    0x0800 (IP) IP: Version = 4 (0x4) IP: Header Length = 20 (0x14) IP:

    Service Type = 0 (0x0) IP: Precedence = Routine IP: ...0.... = Normal Delay IP: ....0... = Normal Throughput IP: .....0.. = Normal Reliability IP: Total Length = 1500 (0x5DC) IP: Identification = 7652 (0x1DE4) IP: Flags Summary = 2 (0x2)

    IP: .......0 = Last fragment in datagram IP: ......1. = Cannot fragment datagram IP:

    Fragment Offset = (0x0) bytes IP: Time to Live = 127 (0x7F) IP: Protocol = TCP - Transmission Control IP: Checksum = 0xC26D IP: Source Address = 10.0.0.2 IP:

    Destination Address = 10.0.1.201 TCP: Source Port = Hypertext Transfer Protocol TCP: Destination Port = 0x1A0B TCP: Sequence Number = 97517760 (0x5D000C0) TCP: Acknowledgement Number = 78544373 (0x4AE7DF5) TCP:

    Data Offset = 20 (0x14) TCP: Reserved = 0 (0x0000) TCP: Flags = 0x10 : .A.... TCP: ..0..... = No urgent data TCP: ...1.... = Acknowledgement field significant TCP: ....0... = No Push function TCP:

    .....0.. = No Reset TCP: ......0. = No Synchronize TCP: .......0 = No Fin TCP: Window = 28793 (0x7079) TCP: Checksum = 0x8F27 TCP: Urgent Pointer = 0 (0x0) An employee wants to defeat detection by a network-based IDS application. He

    does not want to attack the system containing the IDS application. Which of the following strategies can be used to defeat detection by a network-based IDS application?

    A. Create a SYN flood

    B. Create a network tunnel

    C. Create multiple false positives

    D. Create a ping flood

  • Question 475:

    You have discovered that an employee has attached a modem to his telephone line and workstation. He has used this modem to dial in to his workstation, thereby bypassing your firewall. A security breach has occurred as a direct result of this activity. The employee explains that he used the modem because he had to download software for a department project. What can you do to solve this problem?

    A. Install a network-based IDS

    B. Reconfigure the firewall

    C. Conduct a needs analysis

    D. Enforce your security policy

  • Question 476:

    To scan a host downstream from a security gateway, Firewalking:

    A. Sends a UDP-based packet that it knows will be blocked by the firewall to determine how specifically the firewall responds to such packets

    B. Uses the TTL function to send packets with a TTL value set to expire one hop past the identified security gateway

    C. Sends an ICMP ''administratively prohibited'' packet to determine if the gateway will drop the packet without comment.

    D. Assesses the security rules that relate to the target system before it sends packets to any hops on the route to the gateway

  • Question 477:

    Which of the following is not an effective countermeasure against replay attacks?

    A. Digital signatures

    B. Time Stamps

    C. System identification

    D. Sequence numbers

  • Question 478:

    You may be able to identify the IP addresses and machine names for the firewall, and the names of internal mail servers by:

    A. Sending a mail message to a valid address on the target network, and examining the header information generated by the IMAP servers

    B. Examining the SMTP header information generated by using the mx command parameter of DIG

    C. Examining the SMTP header information generated in response to an e-mail message sent to an invalid address

    D. Sending a mail message to an invalid address on the target network, and examining the header information generated by the POP servers

  • Question 479:

    What type of attack changes its signature and/or payload to avoid detection by antivirus programs?

    A. Polymorphic

    B. Rootkit

    C. Boot sector

    D. File infecting

  • Question 480:

    If you come across a sheepdip machaine at your client site, what would you infer?

    A. A sheepdip computer is used only for virus checking.

    B. A sheepdip computer is another name for honeypop.

    C. A sheepdip coordinates several honeypots.

    D. A sheepdip computer defers a denial of service attack.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-50 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.