Updated EC-Council CEH 312-50v8 PDF & VCE Free Download Now (21-30)

QUESTION 21
Ursula is a college student at a University in Amsterdam. Ursula originally went to college to study engineering but later changed to marine biology after spending a month at sea with her friends. These friends frequently go out to sea to follow and harass fishing fleets that illegally fish in foreign waters. Ursula eventually wants to put companies practicing illegal fishing out of business. Ursula decides to hack into the parent company’s computers and destroy critical data knowing fully well that, if caught, she probably would be sent to jail for a very long time. What would Ursula be considered?

A.    Ursula would be considered a gray hat since she is performing an act against illegal activities.
B.    She would be considered a suicide hacker.
C.    She would be called a cracker.
D.    Ursula would be considered a black hat.

Answer: B

QUESTION 22
Attacking well-known system defaults is one of the most common hacker attacks. Most software is shipped with a default configuration that makes it easy to install and setup the application. You should change the default settings to secure the system. Which of the following is NOT an example of default installation?

A.    Many systems come with default user accounts with well-known passwords that administrators
forget to change
B.    Often, the default location of installation files can be exploited which allows a hacker to retrieve
a file from the system
C.    Many software packages come with “samples” that can be exploited, such as the sample programs
on IIS web services
D.    Enabling firewall and anti-virus software on the local system

Answer: D

QUESTION 23
This tool is widely used for ARP Poisoning attack. Name the tool.

A.    Cain and Able
B.    Beat Infector
C.    Poison Ivy
D.    Webarp Infector

Answer: A

QUESTION 24
BankerFox is a Trojan that is designed to steal users’ banking data related to certain banking entities. When they access any website of the affected banks through the vulnerable Firefox 3.5 browser, the Trojan is activated and logs the information entered by the user. All the information entered in that website will be logged by the Trojan and transmitted to the attacker’s machine using covert channel. BankerFox does not spread automatically using its own means. It needs an attacking user’s intervention in order to reach the affected computer.

What is the most efficient way an attacker located in remote location to infect this banking Trojan on a victim’s machine?

A.    Physical access – the attacker can simply copy a Trojan horse to a victim’s hard disk infecting the
machine via Firefox add-on extensions
B.    Custom packaging – the attacker can create a custom Trojan horse that mimics the appearance of
a program that is unique to that particular computer
C.    Custom packaging – the attacker can create a custom Trojan horse that mimics the appearance of
a program that is unique to that particular computer
D.    Custom packaging – the attacker can create a custom Trojan horse that mimics the appearance of
a program that is unique to that particular computer
E.    Downloading software from a website? An attacker can offer free software, such as shareware programs
and pirated mp3 files

Answer: E

QUESTION 25
In the context of password security: a simple dictionary attack involves loading a dictionary file (a text file full of dictionary words) into a cracking application such as L0phtCrack or John the Ripper, and running it against user accounts located by the application. The larger the word and word fragment selection, the more effective the dictionary attack is. The brute force method is the most inclusive – though slow. Usually, it tries every possible letter and number combination in its automated exploration. If you would use both brute force and dictionary combined together to have variations of words, what would you call such an attack?

A.    Full Blown Attack
B.    Thorough Attack
C.    Hybrid Attack
D.    BruteDict Attack

Answer: C

QUESTION 26
You receive an e-mail with the following text message. “Microsoft and HP today warned all customers that a new, highly dangerous virus has been discovered which will erase all your files at midnight. If there’s a file called hidserv.exe on your computer, you have been infected and your computer is now running a hidden server that allows hackers to access your computer. Delete the file immediately. Please also pass this message to all your friends and colleagues as soon as possible.” You launch your antivirus software and scan the suspicious looking file hidserv.exe located in c:\windows directory and the AV comes out clean meaning the file is not infected. You view the file signature and confirm that it is a legitimate Windows system file “Human Interface Device Service”. What category of virus is this?

A.    Virus hoax
B.    Spooky Virus
C.    Stealth Virus
D.    Polymorphic Virus

Answer: A

QUESTION 27
Choose one of the following pseudo codes to describe this statement:

“If we have written 200 characters to the buffer variable, the stack should stop because it cannot hold any more data.”

A.    If (I > 200) then exit (1)
B.    If (I < 200) then exit (1)
C.    If (I <= 200) then exit (1)
D.    If (I >= 200) then exit (1)

Answer: D

QUESTION 28
One of the effective DoS/DDoS countermeasures is ‘Throttling’. Which statement correctly defines this term?

A.    Set up routers that access a server with logic to adjust incoming traffic to levels that will be safe
for the server to process
B.    Providers can increase the bandwidth on critical connections to prevent them from going down in
the event of an attack
C.    Replicating servers that can provide additional failsafe protection
D.    Load balance each server in a multiple-server architecture

Answer: A

QUESTION 29
Attackers footprint target Websites using Google Hacking techniques. Google hacking is a term that refers to the art of creating complex search engine queries. It detects websites that are vulnerable to numerous exploits and vulnerabilities. Google operators are used to locate specific strings of text within the search results. The configuration file contains both a username and a password for an SQL database. Most sites with forums run a PHP message base. This file gives you the keys to that forum, including FULL ADMIN access to the database. WordPress uses config.php that stores the database Username and Password. Which of the below Google search string brings up sites with “config.php” files?

A.    Search:index config/php
B.    WordPress:index config.php
C.    intitle:index.of config.php
D.    Config.php:index list

Answer: C

QUESTION 30
Which of the following tool would be considered as Signature Integrity Verifier (SIV)?

A.    Nmap
B.    SNORT
C.    VirusSCAN
D.    Tripwire

Answer: D

If you want to pass the EC-Council CEH 312-50v8 exam sucessfully, recommend to read latest EC-Council CEH 312-50v8 Exam Questions full version.