EC-Council 312-50v12 Real Exam Questions
The questions for 312-50v12 were last updated at Dec 19,2024.
- Exam Code: 312-50v12
- Exam Name: Certified Ethical Hacker Exam (CEHv12)
- Certification Provider: EC-Council
- Latest update: Dec 19,2024
Your company was hired by a small healthcare provider to perform a technical assessment on the network.
What is the best approach for discovering vulnerabilities on a Windows-based computer?
- A . Use the built-in Windows Update tool
- B . Use a scan tool like Nessus
- C . Check MITRE.org for the latest list of CVE findings
- D . Create a disk image of a clean Windows installation
A large company intends to use Blackberry for corporate mobile phones and a security analyst is assigned to evaluate the possible threats. The analyst will use the Blackjacking attack method to demonstrate how an attacker could circumvent perimeter defenses and gain access to the Prometric Online Testing C Reports https://ibt1.prometric.com/users/custom/report_queue/rq_str… corporate network.
What tool should the analyst use to perform a Blackjacking attack?
- A . Paros Proxy
- B . BBProxy
- C . Blooover
- D . BBCrack
Todd has been asked by the security officer to purchase a counter-based authentication system.
Which of the following best describes this type of system?
- A . A biometric system that bases authentication decisions on behavioral attributes.
- B . A biometric system that bases authentication decisions on physical attributes.
- C . An authentication system that creates one-time passwords that are encrypted with secret keys.
- D . An authentication system that uses passphrases that are converted into virtual passwords.
During a black-box pen test you attempt to pass IRC traffic over port 80/TCP from a compromised web enabled host. The traffic gets blocked; however, outbound HTTP traffic is unimpeded.
What type of firewall is inspecting outbound traffic?
- A . Circuit
- B . Stateful
- C . Application
- D . Packet Filtering
Which of the following tools can be used to perform a zone transfer?
- A . NSLookup
- B . Finger
- C . Dig
- D . Sam Spade
- E . Host
- F . Netcat
- G . Neotrace
Bob received this text message on his mobile phone: “Hello, this is Scott Smelby from the
Yahoo Bank. Kindly contact me for a vital transaction on: [email protected]”.
Which
statement below is true?
- A . This is a scam as everybody can get a @yahoo address, not the Yahoo customer service employees.
- B . This is a scam because Bob does not know Scott.
- C . Bob should write to [email protected] to verify the identity of Scott.
- D . This is probably a legitimate message as it comes from a respectable organization.
Which of the following tools are used for enumeration? (Choose three.)
- A . SolarWinds
- B . USER2SID
- C . Cheops
- D . SID2USER
- E . DumpSec
Let’s imagine three companies (A, B and C), all competing in a challenging global environment. Company A and B are working together in developing a product that will generate a major competitive advantage for them. Company A has a secure DNS server while company B has a DNS server vulnerable to spoofing. With a spoofing attack on the DNS server of company B, company C gains access to outgoing e-mails from company B.
How do you prevent DNS spoofing?
- A . Install DNS logger and track vulnerable packets
- B . Disable DNS timeouts
- C . Install DNS Anti-spoofing
- D . Disable DNS Zone Transfer
Let’s imagine three companies (A, B and C), all competing in a challenging global environment. Company A and B are working together in developing a product that will generate a major competitive advantage for them. Company A has a secure DNS server while company B has a DNS server vulnerable to spoofing. With a spoofing attack on the DNS server of company B, company C gains access to outgoing e-mails from company B.
How do you prevent DNS spoofing?
- A . Install DNS logger and track vulnerable packets
- B . Disable DNS timeouts
- C . Install DNS Anti-spoofing
- D . Disable DNS Zone Transfer
When analyzing the IDS logs, the system administrator noticed an alert was logged when the external router was accessed from the administrator’s Computer to update the router configuration.
What type of an alert is this?
- A . False negative
- B . True negative
- C . True positive
- D . False positive