Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. 312-50

EC-Council 312-50 Exam Questions
Ethical Hacker Certified (Page 7 )

Updated On: 17-Feb-2026
Page 7 of 154
PDF with 765 Questions

NSLookup is a good tool to use to gain additional information about a target network. What does the following command accomplish?
nslookup
> server <ipaddress>
> set type =any
> ls -d <target.com>

  1. Enables DNS spoofing
  2. Loads bogus entries into the DNS table
  3. Verifies zone security
  4. Performs a zone transfer
  5. Resets the DNS cache

Answer(s): D

Explanation:

If DNS has not been properly secured, the command sequence displayed above will perform a zone transfer.



While footprinting a network, what port/service should you look for to attempt a zone transfer?

  1. 53 UDP
  2. 53 TCP
  3. 25 UDP
  4. 25 TCP
  5. 161 UDP
  6. 22 TCP
  7. 60 TCP

Answer(s): B

Explanation:

IF TCP port 53 is detected, the opportunity to attempt a zone transfer is there.



Your lab partner is trying to find out more information about a competitors web site. The site has a .com extension. She has decided to use some online whois tools and look in one of the regional Internet registrys. Which one would you suggest she looks in first?

  1. LACNIC
  2. ARIN
  3. APNIC
  4. RIPE
  5. AfriNIC

Answer(s): B

Explanation:

Regional registries maintain records from the areas from which they govern. ARIN is responsible for domains served within North and South America and therefore, would be a good starting point for a .com domain.



Network Administrator Patricia is doing an audit of the network. Below are some of her findings concerning DNS. Which of these would be a cause for alarm?
Select the best answer.

  1. There are two external DNS Servers for Internet domains. Both are AD integrated.
  2. All external DNS is done by an ISP.
  3. Internal AD Integrated DNS servers are using private DNS names that are
  4. unregistered.
  5. Private IP addresses are used on the internal network and are registered with the internal AD integrated DNS server.

Answer(s): A

Explanation:

A) There are two external DNS Servers for Internet domains. Both are AD integrated. This is the correct answer. Having an AD integrated DNS external server is a serious cause for alarm. There is no need for this and it causes vulnerability on the network.
B) All external DNS is done by an ISP.
This is not the correct answer. This would not be a cause for alarm. This would actually reduce the company's network risk as it is offloaded onto the ISP.

C) Internal AD Integrated DNS servers are using private DNS names that are unregistered. This is not the correct answer. This would not be a cause for alarm. This would actually reduce the company's network risk.

D) Private IP addresses are used on the internal network and are registered with the internal AD integrated DNS server.
This is not the correct answer. This would not be a cause for alarm. This would actually reduce the company's network risk.



The terrorist organizations are increasingly blocking all traffic from North America or from Internet Protocol addresses that point to users who rely on the English Language.
Hackers sometimes set a number of criteria for accessing their website. This information is shared among the co-hackers. For example, if you are using a machine with the Linux

Operating System and the Netscape browser then you will have access to their website in a convert way. When federal investigators using PCs running windows and using Internet Explorer visited the hacker’s shared site, the hacker’s system immediately mounted a distributed denial-of-service attack against the federal system.
Companies today are engaging in tracking competitor’s through reverse IP address lookup sites like whois.com, which provide an IP address’s domain. When the competitor visits the companies website they are directed to a products page without discount and prices are marked higher for their product. When normal users visit the website, they are directed to a page with full-blown product details along with attractive discounts. This is based on IPbased blocking, where certain addresses are barred from accessing a site.
What is this masking technique called?

  1. Website Cloaking
  2. Website Filtering
  3. IP Access Blockade
  4. Mirrored WebSite

Answer(s): A

Explanation:

Website Cloaking travels under a variety of alias including Stealth, Stealth scripts, IP delivery, Food Script, and Phantom page technology. It’s hot- due to its ability to manipulate those elusive top-ranking results from spider search engines.






Post your Comments and Discuss EC-Council 312-50 exam dumps with other Community members:

Join the 312-50 Discussion