CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. 312-50

Free 312-50 Exam Braindumps (page: 10)

Page 10 of 191
PDF with 765 Questions

While performing a ping sweep of a subnet you receive an ICMP reply of Code 3/Type 13 for all the pings sent out. What is the most likely cause behind this response?

  1. The firewall is dropping the packets.
  2. An in-line IDS is dropping the packets.
  3. A router is blocking ICMP.
  4. The host does not respond to ICMP packets.

Answer(s): C

Explanation:

Type 3 message = Destination Unreachable [RFC792], Code 13 (cause) = Communication Administratively Prohibited [RFC1812]



The following excerpt is taken from a honeyput log. The log captures activities across three days. There are several intrusion attempts; however, a few are successful. Study the log given below and answer the following questions:
(Note: The objective of this question is to test whether the student has learnt about
passive OS fingerprinting (which should tell them the OS from log captures): can they tell a SQL injection attack signature; can they infer if a user ID has been created by an attacker and whether they can read plain source – destination entries from log entries.)


What can you infer from the above log?

  1. The system is a windows system which is being scanned unsuccessfully.
  2. The system is a web application server compromised through SQL injection.
  3. The system has been compromised and backdoored by the attacker.
  4. The actual IP of the successful attacker is 24.9.255.53.

Answer(s): A



Bob has been hired to perform a penetration test on ABC.com. He begins by looking at IP address ranges owned by the company and details of domain name registration. He then goes to News Groups and financial web sites to see if they are leaking any sensitive information of have any technical details online.
Within the context of penetration testing methodology, what phase is Bob involved with?

  1. Passive information gathering
  2. Active information gathering
  3. Attack phase
  4. Vulnerability Mapping

Answer(s): A

Explanation:

He is gathering information and as long as he doesn’t make contact with any of the targets systems, he is considered gathering this information in a passive mode.



Which of the following would be the best reason for sending a single SMTP message to an address that does not exist within the target company?

  1. To create a denial of service attack.
  2. To verify information about the mail administrator and his address.
  3. To gather information about internal hosts used in email treatment.
  4. To gather information about procedures that are in place to deal with such messages.

Answer(s): C

Explanation:

The replay from the email server that states that there is no such recipient will also give you some information about the name of the email server, versions used and so on.



Page 10 of 191



Post your Comments and Discuss EC-Council 312-50 exam with other Community members:

Comeru commented on October 15, 2024
You pass this exam with these questions. But you need to get the full version.
UNITED STATES
upvote

ribrahim commented on June 29, 2023
Done the purchase downloaded successfully thanks!
SINGAPORE
upvote

Drew commented on March 08, 2018
need step 3 download activated
UNITED STATES
upvote

Josh commented on September 18, 2017
Just paid for it ... seamless experience ... looking forward to using the program to study for the CEH and pass it with flying colors!
UNITED STATES
upvote