CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. 312-50

Free 312-50 Exam Braindumps (page: 22)

Page 21 of 191
PDF with 765 Questions

Which of the following Nmap commands would be used to perform a UDP scan of the lower 1024 ports?

  1. Nmap -h -U
  2. Nmap -hU <host(s.>
  3. Nmap -sU -p 1-1024 <host(s.>
  4. Nmap -u -v -w2 <host> 1-1024
  5. Nmap -sS -O target/1024

Answer(s): C

Explanation:

Nmap -sU -p 1-1024 <hosts.> is the proper syntax. Learning Nmap and its switches are critical for successful completion of the CEH exam.



While reviewing the result of scanning run against a target network you come across the following:


Which among the following can be used to get this output?

  1. A Bo2k system query.
  2. nmap protocol scan
  3. A sniffer
  4. An SNMP walk

Answer(s): D

Explanation:

SNMP lets you "read" information from a device. You make a query of the server (generally known as the "agent"). The agent gathers the information from the host system and returns the answer to your SNMP client. It's like having a single interface for all your informative Unix commands. Output like system.sysContact.0 is called a MIB.



You are manually conducting Idle Scanning using Hping2. During your scanning you notice that almost every query increments the IPID regardless of the port being queried. One or two of the queries cause the IPID to increment by more than one value. Why do you think this occurs?

  1. The zombie you are using is not truly idle.
  2. A stateful inspection firewall is resetting your queries.
  3. Hping2 cannot be used for idle scanning.
  4. These ports are actually open on the target system.

Answer(s): A

Explanation:

If the IPID is incremented by more than the normal increment for this type of system it means that the system is interacting with some other system beside yours and has sent packets to an unknown host between the packets destined for you.



While performing ping scans into a target network you get a frantic call from the organization’s security team. They report that they are under a denial of service attack. When you stop your scan, the smurf attack event stops showing up on the organization’s IDS monitor. How can you modify your scan to prevent triggering this event in the IDS?

  1. Scan more slowly.
  2. Do not scan the broadcast IP.
  3. Spoof the source IP address.
  4. Only scan the Windows systems.

Answer(s): B

Explanation:

Scanning the broadcast address makes the scan target all IP addresses on that subnet at the same time.






Post your Comments and Discuss EC-Council 312-50 exam with other Community members:

312-50 Discussions & Posts