1. Home
  2. ECCouncil
  3. Certified Ethical Hacker
  4. 312-50
  5. Ethical Hacking and Countermeasures Questions and Answers

Pass the ECCouncil Certified Ethical Hacker 312-50 Questions and answers with CertsForce

 ECCouncil Exams      Go to Exam Detail      Get Premium Access
Viewing page 5 out of 12 pages
Viewing questions 41-50 out of questions
Questions # 41:

Which cipher encrypts the plain text digit (bit or byte) one by one?

Options:
A.

Classical cipher

B.

Block cipher

C.

Modern cipher

D.

Stream cipher

Expert Solution
Questions # 42:

Which of the following descriptions is true about a static NAT?

Options:
A.

A static NAT uses a many-to-many mapping.

B.

A static NAT uses a one-to-many mapping.

C.

A static NAT uses a many-to-one mapping.

D.

A static NAT uses a one-to-one mapping.

Expert Solution
Questions # 43:

Employees in a company are no longer able to access Internet web sites on their computers. The network administrator is able to successfully ping IP address of web servers on the Internet and is able to open web sites by using an IP address in place of the URL. The administrator runs the nslookup command for www.eccouncil.org and receives an error message stating there is no response from the server. What should the administrator do next?

Options:
A.

Configure the firewall to allow traffic on TCP ports 53 and UDP port 53.

B.

Configure the firewall to allow traffic on TCP ports 80 and UDP port 443.

C.

Configure the firewall to allow traffic on TCP port 53.

D.

Configure the firewall to allow traffic on TCP port 8080.

Expert Solution
Questions # 44:

Which NMAP feature can a tester implement or adjust while scanning for open ports to avoid detection by the network’s IDS?

Options:
A.

Timing options to slow the speed that the port scan is conducted

B.

Fingerprinting to identify which operating systems are running on the network

C.

ICMP ping sweep to determine which hosts on the network are not available

D.

Traceroute to control the path of the packets sent during the scan

Expert Solution
Questions # 45:

When comparing the testing methodologies of Open Web Application Security Project (OWASP) and Open Source Security Testing Methodology Manual (OSSTMM) the main difference is

Options:
A.

OWASP is for web applications and OSSTMM does not include web applications.

B.

OSSTMM is gray box testing and OWASP is black box testing.

C.

OWASP addresses controls and OSSTMM does not.

D.

OSSTMM addresses controls and OWASP does not.

Expert Solution
Questions # 46:

Which of the following network attacks takes advantage of weaknesses in the fragment reassembly functionality of the TCP/IP protocol stack?

Options:
A.

Teardrop

B.

SYN flood

C.

Smurf attack

D.

Ping of death

Expert Solution
Questions # 47:

An ethical hacker for a large security research firm performs penetration tests, vulnerability tests, and risk assessments. A friend recently started a company and asks the hacker to perform a penetration test and vulnerability assessment of the new company as a favor. What should the hacker's next step be before starting work on this job?

Options:
A.

Start by foot printing the network and mapping out a plan of attack.

B.

Ask the employer for authorization to perform the work outside the company.

C.

Begin the reconnaissance phase with passive information gathering and then move into active information gathering.

D.

Use social engineering techniques on the friend's employees to help identify areas that may be susceptible to attack.

Expert Solution
Questions # 48:

A certified ethical hacker (CEH) completed a penetration test of the main headquarters of a company almost two months ago, but has yet to get paid. The customer is suffering from financial problems, and the CEH is worried that the company will go out of business and end up not paying. What actions should the CEH take?

Options:
A.

Threaten to publish the penetration test results if not paid.

B.

Follow proper legal procedures against the company to request payment.

C.

Tell other customers of the financial problems with payments from this company.

D.

Exploit some of the vulnerabilities found on the company webserver to deface it.

Expert Solution
Questions # 49:

A consultant has been hired by the V.P. of a large financial organization to assess the company's security posture. During the security testing, the consultant comes across child pornography on the V.P.'s computer. What is the consultant's obligation to the financial organization?

Options:
A.

Say nothing and continue with the security testing.

B.

Stop work immediately and contact the authorities.

C.

Delete the pornography, say nothing, and continue security testing.

D.

Bring the discovery to the financial organization's human resource department.

Expert Solution
Questions # 50:

A computer technician is using a new version of a word processing software package when it is discovered that a special sequence of characters causes the entire computer to crash. The technician researches the bug and discovers that no one else experienced the problem. What is the appropriate next step?

Options:
A.

Ignore the problem completely and let someone else deal with it.

B.

Create a document that will crash the computer when opened and send it to friends.

C.

Find an underground bulletin board and attempt to sell the bug to the highest bidder.

D.

Notify the vendor of the bug and do not disclose it until the vendor gets a chance to issue a fix.

Expert Solution
Viewing page 5 out of 12 pages
Viewing questions 41-50 out of questions