Exam2pass
0 items Sign In or Register
  • Home
  • IT Exams
  • Guarantee
  • FAQs
  • Reviews
  • Contact Us
  • Demo
Exam2pass > EC-COUNCIL > EC-COUNCIL Certifications > 312-50 > 312-50 Online Practice Questions and Answers

312-50 Online Practice Questions and Answers

Questions 4

Pandora is used to attack __________ network operating systems.

A. Windows

B. UNIX

C. Linux

D. Netware

E. MAC OS

Buy Now

Correct Answer: D

While there are not lots of tools available to attack Netware, Pandora is one that can be used.

Questions 5

This attack technique is used when a Web application is vulnerable to an SQL Injection but the results of the Injection are not visible to the attacker.

A. Unique SQL Injection

B. Blind SQL Injection

C. Generic SQL Injection

D. Double SQL Injection

Buy Now

Correct Answer: B

Questions 6

You are trying to compromise a Linux Machine and steal the password hashes for cracking with password brute forcing program. Where is the password file kept is Linux?

A. /etc/shadow

B. /etc/passwd

C. /bin/password

D. /bin/shadow

Buy Now

Correct Answer: A

/etc/shadow file stores actual password in encrypted format for user's account with additional properties related to user password i.e. it stores secure user account information. All fields are separated by a colon (:) symbol. It contains one entry per line for each user listed in /etc/passwd file.

Questions 7

In an attempt to secure his wireless network, Bob implements a VPN to cover the wireless communications. Immediately after the implementation, users begin complaining about how slow the wireless network is. After benchmarking the network's speed. Bob discovers that throughput has dropped by almost half even though the number of users has remained the same. Why does this happen in the VPN over wireless implementation?

A. The stronger encryption used by the VPN slows down the network.

B. Using a VPN with wireless doubles the overhead on an access point for all direct client to access point communications.

C. VPNs use larger packets then wireless networks normally do.

D. Using a VPN on wireless automatically enables WEP, which causes additional overhead.

Buy Now

Correct Answer: B

By applying VPN the access point will have to recalculate all headers destined for client and from clients twice.

Questions 8

Bob has been hired to do a web application security test. Bob notices that the site is dynamic and infers that they mist be making use of a database at the application back end. Bob wants to validate whether SQL Injection would be possible.

What is the first character that Bob should use to attempt breaking valid SQL requests?

A. Semi Column

B. Double Quote

C. Single Quote

D. Exclamation Mark

Buy Now

Correct Answer: C

In SQL single quotes are used around values in queries, by entering another single quote Bob tests if the application will submit a null value and probably returning an error.

Questions 9

A particular database threat utilizes a SQL injection technique to penetrate a target system. How would an attacker use this technique to compromise a database?

A. An attacker uses poorly designed input validation routines to create or alter SQL commands to gain access to unintended data or execute commands of the database

B. An attacker submits user input that executes an operating system command to compromise a target system

C. An attacker gains control of system to flood the target system with requests, preventing legitimate users from gaining access

D. An attacker utilizes an incorrect configuration that leads to access with higher-than-expected privilege of the database

Buy Now

Correct Answer: A

Using the poorly designed input validation to alter or steal data from a database is a SQL injection attack.

Questions 10

Which of the following buffer overflow exploits are related to Microsoft IIS web server? (Choose three)

A. Internet Printing Protocol (IPP) buffer overflow

B. Code Red Worm

C. Indexing services ISAPI extension buffer overflow

D. NeXT buffer overflow

Buy Now

Correct Answer: ABC

Both the buffer overflow in the Internet Printing Protocol and the ISAPI extension buffer overflow is explained in Microsoft Security Bulletin MS01-023. The Code Red worm was a computer worm released on the Internet on July 13, 2001. It attacked computers running Microsoft's IIS web server.

Questions 11

Windump is a Windows port of the famous TCPDump packet sniffer available on a variety of platforms. In order to use this tool on the Windows Platform you must install a packet capture library. What is the name of this library?

A. PCAP

B. NTPCAP

C. LibPCAP

D. WinPCAP

Buy Now

Correct Answer: D

WinPcap is the industry-standard tool for link-layer network access in Windows environments: it allows applications to capture and transmit network packets bypassing the protocol stack, and has additional useful features, including kernel-level packet filtering, a network statistics engine and support for remote packet capture.

Questions 12

Bob is conducting a password assessment for one of his clients. Bob suspects that password policies are not in place and weak passwords are probably the norm throughout the company he is evaluating. Bob is familiar with password weakness and key loggers. What are the means that Bob can use to get password from his client hosts and servers?

A. Hardware, Software and Sniffing

B. Hardware and Software Keyloggers

C. Software only, they are the most effective

D. Passwords are always best obtained using Hardware key loggers

Buy Now

Correct Answer: A

All loggers will work as long as he has physical access to the computers.

Questions 13

An attacker runs netcat tool to transfer a secret file between two hosts.

Machine A: netcat -l -p 1234 < secretfile Machine B: netcat 192.168.3.4 > 1234

He is worried about information being sniffed on the network. How would the attacker use netcat to encrypt the information before transmitting onto the wire?

A. Machine A: netcat -l -p -s password 1234 < testfileMachine B: netcat 1234

B. Machine A: netcat -l -e magickey -p 1234 < testfileMachine B: netcat 1234

C. Machine A: netcat -l -p 1234 < testfile -pw passwordMachine B: netcat 1234 -pw password

D. Use cryptcat instead of netcat

Buy Now

Correct Answer: D

Netcat cannot encrypt the file transfer itself but would need to use a third party application to encrypt/decrypt like openssl. Cryptcat is the standard netcat enhanced with twofish encryption.

Exam Code: 312-50
Exam Name: Certified Ethical Hacker
Last Update: Jul 08, 2026
Questions: 765

PDF (Q&A)

$45.99
ADD TO CART

VCE

$49.99
ADD TO CART

PDF + VCE

$59.99
ADD TO CART

Exam2Pass----The Most Reliable Exam Preparation Assistance

There are tens of thousands of certification exam dumps provided on the internet. And how to choose the most reliable one among them is the first problem one certification candidate should face. Exam2Pass provide a shot cut to pass the exam and get the certification. If you need help on any questions or any Exam2Pass exam PDF and VCE simulators, customer support team is ready to help at any time when required.

Home | Guarantee & Policy |  Privacy & Policy |  Terms & Conditions |  How to buy |  FAQs |  About Us |  Contact Us |  Demo |  Reviews

2026 Copyright @ exam2pass.com All trademarks are the property of their respective vendors. We are not associated with any of them.