[Free] Download New Updated (February 2016) ECCouncil 312-50 Practice Tests 641-650



While examining audit logs, you discover that people are able to telnet into the SMTP server on port 25. You would like to block this, though you do not see any evidence of an attack or other wrong doing. However, you are concerned about affecting the normal functionality of the email server. From the following options choose how best you can achieve this objective?


A.     Block port 25 at the firewall.

B.     Shut off the SMTP service on the server.

C.     Force all connections to use a username and password.

D.     Switch from Windows Exchange to UNIX Sendmail.

E.      None of the above.


Correct Answer: E





Windows LAN Manager (LM) hashes are known to be weak. Which of the following are known weaknesses of LM? (Choose three)


Converts passwords to uppercase.

B.     Hashes are sent in clear text over the network.

C.     Makes use of only 32 bit encryption.

D.     Effective length is 7 characters.


Correct Answer: ABD




You have retrieved the raw hash values from a Windows 2000 Domain Controller. Using social engineering, you come to know that they are enforcing strong passwords. You understand that all users are required to use passwords that are at least 8 characters in length. All passwords must also use 3 of the 4 following categories: lower case letters, capital letters, numbers and special characters. With your existing knowledge of users, likely user account names and the possibility that they will choose the easiest passwords possible, what would be the fastest type of password cracking attack you can run against these hash values and still get results?


A.     Online Attack

B.     Dictionary Attack

C.     Brute Force Attack

D.     Hybrid Attack


Correct Answer: D




An attacker runs netcat tool to transfer a secret file between two hosts.


Ÿ   Machine A: netcat -I -p 1234 < secretfile

Ÿ   Machine B: netcat > 1234


He is worried about information being sniffed on the network. How would the attacker use netcat to encrypt the information before transmitting onto the wire?


A.     Machine A: netcat -I -p -s password 1234 < testfile

Machine B: netcat <machine A IP> 1234


B.     Machine A: netcat -I -e magickey -p 1234 < testfile

Machine B: netcat <machine A IP> 1234


C.     Machine A: netcat -I -p 1234 < testfile -pw password

Machine B: netcat <machine A IP> 1234 -pw password


D.     Use cryptcat instead of netcat


Correct Answer: D




What is GINA?


A.     Gateway Interface Network Application.

B.     GUI Installed Network Application CLASS.

C.     Global Internet National Authority (G-USA).

D.     Graphical Identification and Authentication DLL.


Correct Answer: D




Fingerprinting an Operating System helps a cracker because:


A.     It defines exactly what software you have installed.

B.     It opens a security-delayed window based on the port being scanned.

C.     It doesn’t depend on the patches that have been applied to fix existing security holes.

D.     It informs the cracker of which vulnerabilities he may be able to exploit on your system.


Correct Answer: D




In the context of Windows Security, what is a ‘null’ user?


A.     A user that has no skills.

B.     An account that has been suspended by the admin.

C.     A pseudo account that has no username and password.

D.     A pseudo account that was created for security administration purpose.


Correct Answer: C







What does the following command in netcat do?


nc -l -u -p55555 < /etc/passwd


A.     logs the incoming connections to /etc/passwd file

B.     loads the /etc/passwd file to the UDP port 55555

C.     grabs the /etc/passwd file when connected to UDP port 55555

D.     deletes the /etc/passwd file when connected to the UDP port 55555


Correct Answer: C



What hacking attack is challenge/response authentication used to prevent?


A.     Replay attacks

B.     Scanning attacks

C.     Session hijacking attacks

D.     Password cracking attacks


Correct Answer: A



Attackers can potentially intercept and modify unsigned SMB packets, modify the traffic and forward it so that the server might perform undesirable actions. Alternatively, the attacker could pose as the server or client after a legitimate authentication and gain unauthorized access to data. Which of the following is NOT a means that can be used to minimize or protect against such an attack?


A.     Timestamps

B.     SMB Signing

C.     File permissions

D.     Sequence numbers monitoring


Correct Answer: ABD


Free VCE & PDF File for ECCouncil 312-50 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in 312-50 Practice Tests (February 2016) and tagged , , , , . Bookmark the permalink.