Latest 312-50v12 Practice Tests with Actual Questions

Get Complete pool of questions with Premium PDF and Test Engine

Exam Code : 312-50v12
Exam Name : Certified Ethical Hacker Exam (CEHv12)
Vendor Name :
"EC-Council"

Download Full Version of 312-50v12

---

312-50v12 Dumps

312-50v12 Braindumps 312-50v12 Real Questions 312-50v12 Practice Test

312-50v12 Actual Questions

killexams.com

EC-Council

312-50v12

Certified Ethical Hacker Exam (CEHv12)

https://killexams.com/pass4sure/exam-detail/312-50v12

Question: 120

DHCP snooping is a great solution to prevent rogue DHCP servers on your network.

Which security feature on switchers leverages the DHCP snooping database to help prevent man-in-the-middle attacks?

1. Spanning tree

2. Dynamic ARP Inspection (DAI)

   Layer 2 Attack Prevention Protocol (LAPP)

   
   

   r: B ation:

   ic ARP inspection (DAI) protects switching devices against Address Resolution Protocol (ARP) packet spoofing (also known as ARP poisoning or ARP cache poisoning). DAI inspects ARPs on the LAN and uses th

   ation in the DHCP snooping database on the switch to validate ARP packets and to protect against ARP

   g. ARP requests and replies are compared against entries in the DHCP snooping database, and filtering ns are made based on the results of those comparisons. When an attacker tries to use a forged ARP pack

   address, the switch compares the address with entries in the database. If the media access control (MA or IP address in the ARP packet does not match a valid entry in the DHCP snooping database, the pack

   dropped.

   
   

   on: 121

   cker with access to the inside network of a small company launches a successful STP manipulation attac ill he do next?

   ill create a SPAN entry on the spoofed root bridge and redirect traffic to his computer.

   ill activate OSPF on the spoofed root bridge.

   ill repeat this action so that it escalates to a DoS attack.

   ill repeat the same attack against all L2 switches of the network.

3. Port security D.

Answe

Explan

Dynam

e inform

spoofin

decisio et to

spoof an C)

address et is

Questi

An atta k.

What w

1. He w

2. He w

3. He w

4. He w

Answer: A

Question: 122

In the field of cryptanalysis, what is meant by a “rubber-hose” attack?

1. Forcing the targeted keystream through a hardware-accelerated device such as an ASIC.

2. A backdoor placed into a cryptographic algorithm by its creator.

3. Extraction of cryptographic secrets through coercion or torture.

4. Attempting to decrypt ciphertext by making logical assumptions about the contents of the original plaintext.

Answer: C
Explanation:

A powerful and often the most effective cryptanalysis method in which the attack is directed at the most vulnerable link in the cryptosystem

– the person. In this attack, the cryptanalyst uses blackmail, threats, torture, extortion, bribery, etc. This method’s main advantage is the decryption time’s fundamental independence from the volume of secret information, the length of the key, and the cipher’s mathematical strength.

ot considered in its practical part.

on: 123

ve successfully comprised a server having an IP address of 10.10.0.5. You would like to enumerate all es in the same network quickly.

the best Nmap command you will use?

-T4 -q 10.10.0.0/24

-T4 -F 10.10.0.0/24

-T4 -r 10.10.1.0/24

-T4 -O 10.10.0.0/24

r: B ation:

nmap.org/book/man-port-specification.html

In my opinion, this is an absolutely wrong statement of the question. But you may come across a questi similar wording on the exam.

oes "fast" mean? If we want to increase the speed and intensity of the scan we can select the mode usin 1/2/3/4/5). At high -T values, we will sacrifice stealth and gain speed, but we will not limit functionality

T4 -F 10.10.0.0/24» This option is "correct" because of the -F flag. -F (Fast (limited port) scan)

The method can reduce the time to guess a password, for example, for AES, to an acceptable level; however, it requires special authorization from the relevant regulatory authorities. Therefore, it is outside the scope of this course and is n

Questi

You ha machin

What is

1. nmap

2. nmap

3. nmap

4. nmap

Answe Explan https://

NOTE: on with

a

What d g the -T

flag (0/ .

«nmap -

Specifies that you wish to scan fewer ports than the default. Normally Nmap scans the most common 1,000 ports for each scanned protocol. With -F, this is reduced to 100. Technically, scanning will be faster, but just because we have reduced the number of ports by 10 times, we are just doing 10 times less work, not faster.

Question: 124

An incident investigator asks to receive a copy of the event logs from all firewalls, proxy servers, and Intrusion Detection Systems (IDS) on the network of an organization that has experienced a possible breach of security. When the investigator attempts to correlate the information in all of the logs, the sequence of many of the logged events do not match up.

What is the most likely cause?

1. The network devices are not all synchronized.

2. Proper chain of custody was not observed while collecting the logs.

3. The attacker altered or erased events from the logs.

4. The security breach was a false positive.

Answer: A
Explanation:

ime changes are forgotten. Sure, there are many more pressing security issues to deal with, but not ensu time on network devices is synchronized can cause problems. And these problems often only come to li ecurity incident.

uspect a hacker is accessing your network, for example, you will want to analyze your log files to look ous activity. If your network’s security devices do not have synchronized times, the timestamps’ inaccur

impossible to correlate log files from different sources. Not only will you have difficulty in tracking ev will also find it difficult to use such evidence in court; you won’t be able to illustrate a smooth progres s they occurred throughout your network.

on: 125

hould the security analyst disable/remove unnecessary ISAPI filters? efend against social engineering attacks

efend against webserver attacks efend against jailbreaking efend against wireless attacks

r: B

on: 126

s the first step followed by Vulnerability Scanners for scanning a network? etection

wall detection

/UDP Port scanning

cking if the remote host is alive

Many network and system administrators don’t pay enough attention to system clock accuracy and time synchronization. Computer clocks can run faster or slower over time, batteries and power sources die, or daylight- saving t ring

that the ght

after a s

If you s for any

suspici acy

makes it ents,

but you sion of

events a

Questi

Why s

1. To d

2. To d

3. To d

4. To d

Answe

Questi

Which i

1. OS D

2. Fire

3. TCP

4. Che

Answer: D
Explanation:

Vulnerability scanning solutions perform vulnerability penetration tests on the organizational network in three steps:

Question: 127

Tess King is using the nslookup command to craft queries to list all DNS information (such as Name Servers, host

names, MX records, CNAME records, glue records (delegation for child Domains), zone serial number, TimeToLive (TTL) records, etc) for a Domain.

What do you think Tess King is trying to accomplish? Select the best answer.

1. A zone harvesting

2. A zone transfer

3. A zone update

4. A zone estimate

Answer: B

on: 128

not a PCI compliance recommendation?

a firewall between the public network and the payment card data.

ncryption to protect all transmission of card holder data over any public network.

te employees handling credit card transactions on a yearly basis to different departments. access to card holder data to as few individuals as possible.

r: C ation:

www.pcisecuritystandards.org/pci_security/maintaining_payment_security Build and Maintain a Secure Network

on: 129

not a PCI compliance recommendation?

a firewall between the public network and the payment card data.

ncryption to protect all transmission of card holder data over any public network.

te employees handling credit card transactions on a yearly basis to different departments. access to card holder data to as few individuals as possible.

r: C

Questi

What is

1. Use

2. Use e

3. Rota

4. Limit

Answe Explan https://

Questi

What is

1. Use

2. Use e

3. Rota

4. Limit

Answe

Explanation:

https://www.pcisecuritystandards.org/pci_security/maintaining_payment_security Build and Maintain a Secure Network

Question: 130

The Heartbleed bug was discovered in 2014 and is widely referred to under MITRE’s Common Vulnerabilities and Exposures (CVE) as CVE-2014-0160. This bug affects the OpenSSL implementation of the Transport Layer Security (TLS) protocols defined in RFC6520.

What type of key does this bug leave exposed to the Internet making exploitation of any compromised system very

easy?

1. Public

2. Private

3. Shared

4. Root

Answer: B

Question: 131

craft a specially formatted email message and send it across the Internet to an employee of CompanyXYZ. ee of CompanyXYZ is aware of your test. Your email message looks like this:

email protected]

mail protected] Subject: Test message

/3/2017 14:37

ployee of CompanyXYZ receives your email message.

oves that CompanyXYZ’s email gateway doesn’t prevent what? il Masquerading

Email Harvesting Email Phishing

il Spoofing

r: D ation:

poofing is the fabrication of an email header in the hopes of duping the recipient into thinking the email ted from someone or somewhere other than the intended source. Because core email protocols do not ha method of authentication, it is common for spam and phishing emails to use said spoofing to trick the r sting the origin of the message.

imate goal of email spoofing is to get recipients to open, and possibly even respond to, a solicitation. Al

CompanyXYZ has asked you to assess the security of their perimeter email gateway. From your office in New York, you The

employ

From: [

To: [e

Date: 4 The em

This pr

A. Ema B.

C.

D. Ema

Answe Explan Email s

origina ve a

built-in ecipient

into tru

The ult though

the spoofed messages are usually just a nuisance requiring little action besides removal, the more malicious varieties can cause significant problems and sometimes pose a real security threat.

Question: 132

Which is the first step followed by Vulnerability Scanners for scanning a network?

1. OS Detection

2. Firewall detection

3. TCP/UDP Port scanning

4. Checking if the remote host is alive

Answer: D
Explanation:

Vulnerability scanning solutions perform vulnerability penetration tests on the organizational network in three steps:

Question: 133

nication link or by phishing, which involves setting up a fraudulent web site and luring people there.”

he blank with appropriate choice.

Twin Attack hole Attack ision Attack

al Jamming Attack

r: A ation:

en.wikipedia.org/wiki/Evil_twin_(wireless_networks)

twin attack is a hack attack in which a hacker sets up a fake Wi-Fi network that looks like a legitimate steal victims’ sensitive details. Most often, the victims of such attacks are ordinary people like you and

ack can be performed as a man-in-the-middle (MITM) attack. The fake Wi-Fi access point is used to ea and steal their login credentials or other sensitive information. Because the hacker owns the equipment

he victim will have no idea that the hacker might be intercepting things like bank transactions.

twin access point can also be used in a phishing scam. In this type of attack, victims will connect to the and will be lured to a phishing site. It will prompt them to enter their sensitive data, such as their login det

f course, will be sent straight to the hacker. Once the hacker gets them, they might simply disconnect t nd show that the server is temporarily unavailable.

TION: It may not seem obvious what happened. The problem is in the question statement. The attackers

“……..is an attack type for a rogue Wi-Fi access point that appears to be a legitimate one offered on the premises, but actually has been set up to eavesdrop on wireless communications. It is the wireless version of the phishing scam. An attacker fools wireless users into connecting a laptop or mobile phone to a tainted hot-spot by posing as a legitimate provider. This type of attack may be used to steal the passwords of unsuspecting users by either snooping the

commu

Fill in t

1. Evil

2. Sink

3. Coll

4. Sign

Answe Explan https://

An evil access

point to me.

The att vesdrop

on users being

used, t

An evil evil

twin ails.

These, o he

victim a

ADDI were

not Alice and John, who were able to connect to the network without a password, but on the contrary, they were attacked and forced to connect to a fake network, and not to the real network belonging to Jane.

User: Ahmad***** The practice tests provided by killexams.com were beneficial to me, as the questions and answers were rich with statistics, and they helped me build self-confidence to take the 312-50v12 exam. The practice tests provided by killexams.com were close to the actual exam questions, and I managed to finish the exam within 95 minutes, even though I am a non-native English speaker. Thank you, killexams.com, for your invaluable help.

User: Tassiana***** Despite numerous attempts to pass the 312-50V12 exam by studying from books, I failed. It was only after my friend recommended using Killexams questions and answers that I finally succeeded. The contents were easy to understand and memorize, enabling me to answer the questions in just 180 minutes. Thanks to Killexams and my friend.

User: Songya***** With killexams.com, I was able to prepare for the 312-50V12 exam in just one day and achieved great success. The preparation pack included real exam questions, the latest updates, and more, which helped me focus on what I needed to know and not waste my time on unnecessary things.

User: Tassa***** I was recommended to use Killexams practice tests as a reference for my exam, and they did an excellent job. The short-duration answers were easy to understand, and I scored 80% marks by dealing with 98% of the questions. Despite not contributing much time to prepare for this exam, I found it to be a noteworthy challenge for my IT profession.

User: Revekka***** I highly recommend Killexams.com to anyone considering purchasing their training materials. This is a valid and reliable tool for those who cannot afford full-time courses, which can be a waste of time and money. If you have been considering taking the 312-50v12 exam, the questions in the Killexams.com material are actual and will help you prepare effectively.

---