Latest Certified Success Dumps Download

312-50 Latest Exam (Sep 2017)

[Free] 2017(Sep) EnsurePass Testinsides ECCouncil 312-50 Dumps with VCE and PDF 81-90

September 22, 2017

2017 Sep ECCouncil Official New Released 312-50
100% Free Download! 100% Pass Guaranteed!

Ethical Hacking and Countermeasures

Question No: 81 – (Topic 3)

An nmap command that includes the host specification of 202.176.56-57.* will scan

number of hosts.

A. 2 B. 256 C. 512

D. Over 10,000

Answer: C

Explanation: The hosts with IP address amp; will be scanned (256 256=512)

Question No: 82 – (Topic 3)

What does an ICMP (Code 13) message normally indicates?

  1. It indicates that the destination host is unreachable

  2. It indicates to the host that the datagram which triggered the source quench message will need to be re-sent

  3. It indicates that the packet has been administratively dropped in transit

  4. It is a request to the host to cut back the rate at which it is sending traffic to the Internet destination

Answer: C

Explanation: CODE 13 and type 3 is destination unreachable due to communication administratively prohibited by filtering hence maybe they meant quot;code 13quot;, therefore would be C).

Note:A – Type 3B – Type 4C – Type 3 Code 13D – Typ4 4

Question No: 83 – (Topic 3)

Ensurepass 2017 PDF and VCE

Which of the following nmap command in Linux procedures the above output?

A. sudo nmap -sP B. root nmap -sA C. run nmap -TX

D. launch nmap -PP

Answer: A

Explanation: This is an output from a ping scan. The option -sP will give you a ping scan of the network.

Question No: 84 – (Topic 3)

What is the proper response for a FIN scan if the port is closed?

  1. SYN

  2. ACK

  3. FIN

  4. PSH

  5. RST

Answer: E

Explanation: Closed ports respond to a FIN scan with a RST.

Question No: 85 – (Topic 3)

Name two software tools used for OS guessing.(Choose two.

  1. Nmap

  2. Snadboy

  3. Queso

  4. UserInfo

  5. NetBus

Answer: A,C

Explanation: Nmap and Queso are the two best-known OS guessing programs. OS guessing software has the ability to look at peculiarities in the way that each vendor implements the RFC#39;s. These differences are compared with its database of known OS fingerprints. Then a best guess of the OS is provided to the user.

Question No: 86 – (Topic 3)


Ensurepass 2017 PDF and VCE

Please study the exhibit carefully.

Which Protocol maintains the communication on that way?

  1. UDP

  2. IP

  3. TCP

  4. ARP

  5. RARP

Answer: C

Explanation: A TCP connection is always initiated with the 3-way handshake, which establishes and negotiates the actual connection over which data will be sent.

Question No: 87 – (Topic 3)

Which of the following systems would not respond correctly to an nmap XMAS scan?

  1. Windows 2000 Server running IIS 5

  2. Any Solaris version running SAMBA Server

  3. Any version of IRIX

  4. RedHat Linux 8.0 running Apache Web Server

Answer: A

Explanation: When running a XMAS Scan, if a RST packet is received, the port is considered closed, while no response means it is open|filtered. The big downside is that not all systems follow RFC 793 to the letter. A number of systems send RST responses to the probes regardless of whether the port is open or not. This causes all of the ports to be labeled closed. Major operating systems that do this are Microsoft Windows, many Cisco devices, BSDI, and IBM OS/400.

Question No: 88 – (Topic 3)

Destination unreachable administratively prohibited messages can inform the hacker to what?

  1. That a circuit level proxy has been installed and is filtering traffic

  2. That his/her scans are being blocked by a honeypot or jail

  3. That the packets are being malformed by the scanning software

  4. That a router or other packet-filtering device is blocking traffic

  5. That the network is functioning normally

Answer: D

Explanation: Destination unreachable administratively prohibited messages are a good way to discover that a router or other low-level packet device is filtering traffic. Analysis of the ICMP message will reveal the IP address of the blocking device and the filtered port. This further adds the to the network map and information being discovered about the network and hosts.

Question No: 89 – (Topic 3)

Bob is a Junior Administrator at is searching the port number of POP3 in a file. The partial output of the file is look like:

Ensurepass 2017 PDF and VCE

In which file he is searching?

  1. services

  2. protocols

  3. hosts

  4. resolve.conf

Answer: A

Explanation: The port numbers on which certain standard services are offered are defined in the RFC 1700 Assigned Numbers. The /etc/services file enables server and client programs to convert service names to these numbers -ports. The list is kept on each host and it is stored in the file /etc/services.

Question No: 90 – (Topic 3)

What port scanning method is the most reliable but also the most detectable?

  1. Null Scanning

  2. Connect Scanning

  3. ICMP Scanning

  4. Idlescan Scanning

  5. Half Scanning

  6. Verbose Scanning

Answer: B

Explanation: A TCP Connect scan, named after the Unix connect() system call is the most accurate scanning method. If a port is open the operating system completes the TCP three- way handshake, and the port scanner immediately closes the connection.

100% Free Download!
Download Free Demo:312-50 Demo PDF
100% Pass Guaranteed!
Download 2017 EnsurePass 312-50 Full Exam PDF and VCE

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 EnsurePass IT Certification PDF and VCE