Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. 312-50

EC-Council 312-50 Exam Questions
Ethical Hacker Certified (Page 19 )

Updated On: 10-Mar-2026
Page 19 of 154
PDF with 765 Questions

You are performing a port scan with nmap. You are in hurry and conducting the scans at the fastest possible speed. However, you don't want to sacrifice reliability for speed. If stealth is not an issue, what type of scan should you run to get very reliable results?

  1. XMAS scan
  2. Stealth scan
  3. Connect scan
  4. Fragmented packet scan

Answer(s): C

Explanation:

A TCP Connect scan, named after the Unix connect() system call is the most accurate scanning method. If a port is open the operating system completes the TCP three-way handshake, and the port scanner immediately closes the connection.



Neil notices that a single address is generating traffic from its port 500 to port 500 of several other machines on the network. This scan is eating up most of the network bandwidth and Neil is concerned. As a security professional, what would you infer from this scan?

  1. It is a network fault and the originating machine is in a network loop
  2. It is a worm that is malfunctioning or hardcoded to scan on port 500
  3. The attacker is trying to detect machines on the network which have SSL enabled
  4. The attacker is trying to determine the type of VPN implementation and checking for IPSec

Answer(s): D

Explanation:

Port 500 is used by IKE (Internet Key Exchange). This is typically used for IPSECbased VPN software, such as Freeswan, PGPnet, and various vendors of in-a-box VPN solutions such as Cisco. IKE is used to set up the session keys. The actual session is usually sent with ESP (Encapsulated Security Payload) packets, IP protocol 50 (but some in-a-box VPN's such as Cisco are capable of negotiating to send the encrypted tunnel over a UDP channel, which is useful for use across firewalls that block IP protocols other than TCP or UDP).



A distributed port scan operates by:

  1. Blocking access to the scanning clients by the targeted host
  2. Using denial-of-service software against a range of TCP ports
  3. Blocking access to the targeted host by each of the distributed scanning clients
  4. Having multiple computers each scan a small number of ports, then correlating the results

Answer(s): D

Explanation:

Think of dDoS (distributed Denial of Service) where you use a large number of computers to create simultaneous traffic against a victim in order to shut them down.



You want to know whether a packet filter is in front of 192.168.1.10. Pings to 192.168.1.10 don't get answered. A basic nmap scan of 192.168.1.10 seems to hang without returning any information. What should you do next?

  1. Use NetScan Tools Pro to conduct the scan
  2. Run nmap XMAS scan against 192.168.1.10
  3. Run NULL TCP hping2 against 192.168.1.10
  4. The firewall is blocking all the scans to 192.168.1.10

Answer(s): C



What does ICMP (type 11, code 0) denote?

  1. Unknown Type
  2. Time Exceeded
  3. Source Quench
  4. Destination Unreachable

Answer(s): B

Explanation:

An ICMP Type 11, Code 0 means Time Exceeded [RFC792], Code 0 = Time to Live exceeded in Transit and Code 1 = Fragment Reassembly Time Exceeded.



Viewing page 19 of 154
Viewing questions 91 - 95 out of 765 questions



Post your Comments and Discuss EC-Council 312-50 exam dumps with other Community members:

312-50 Exam Discussions & Posts

AI Tutor