Title | ECCouncil.Premium CEH version 11 312-50 questions and answers |
---|---|
Author | osama soliman |
Course | 312-75 Exam Dumps - PDF Questions with Right Answers |
Institution | University of London |
Pages | 18 |
File Size | 519 KB |
File Type | |
Total Downloads | 29 |
Total Views | 127 |
pdf questions and answers for ECCouncil.Premium CEH version 11 312-50 questions and answers
please feel free to use it...
ECCouncil.Premium.312-50v10.by.VCEplus.127q Number:312-50v10VCEplus PassingScore:800 TimeLimit:120min FileVersion:1.2
Exam Code: 312-50v10 Exam Name: Certified Ethical Hacker v10 Exam Certification Provider: ECCouncil Corresponding Certification: CEH Website: www.vceplus.com Free Exam: https://vceplus.com/exam-312-50-v10/ Questions&AnswersExamEngineisrigorouslycheckedbeforebeingputupforsale.Wemakesurethereisnothingirrelevantin312-50examproductsandyou getlatestquestions.Westrivetodeliverthebest312-50examproductfortopgradesinyourfirstattempt.
VCE to PDF Converter :https://vceplus.com/vce-to-pdf/ Facebook:https://www.facebook.com/VCE.For.All.VN/ Twitter :https://twitter.com/VCE_Plus Google+ :https://plus.google.com/+Vcepluscom LinkedIn :https://www.linkedin.com/company/vceplus
www.vceplus.com - Download A+ VCE (latest) free Open VCE Exams - VCE to PDF Converter - VCE Exam Simulator - VCE Onlin
QUESTION 1 Shellshockallowedanunauthorizedusertogainaccesstoaserver.ItaffectedmanyInternet-facingservices,whichOSdiditnotdirectlyaffect? A. B. C. D.
Linux Unix OSX Windows
Correct Answer: D Section: (none) Explanation Explanation/Reference: QUESTION 2 Whatdoestheoption*indicate?
A. s B. t C. n
www.vceplus.com - Download A+ VCE (latest) free Open VCE Exams - VCE to PDF Converter - VCE Exam Simulator - VCE Onlin
D. a Correct Answer: C Section: (none) Explanation Explanation/Reference: QUESTION 3 Sophiatravelsalotandworriesthatherlaptopcontainingconfidentialdocumentsmightbestolen.Whatisthebestprotectionthatwillworkforher? A. B. C. D.
Diskencryption BIOSpassword Hiddenfolders Passwordprotectedfiles
Correct Answer: A Section: (none) Explanation Explanation/Reference: QUESTION 4 Ahackerisanintelligentindividualwithexcellentcomputerskillsandtheabilitytoexploreacomputer’ssoftwareandhardwarewithouttheowner'spermission. Theirintentioncaneitherbetosimplygainknowledgeortoillegallymakechanges. Whichofthefollowingclassofhackerreferstoanindividualwhoworksbothoffensivelyanddefensivelyatvarioustimes? A. B. C. D.
WhiteHat SuicideHacker GrayHat BlackHat
Correct Answer: C Section: (none) Explanation Explanation/Reference:
www.vceplus.com - Download A+ VCE (latest) free Open VCE Exams - VCE to PDF Converter - VCE Exam Simulator - VCE Onlin
QUESTION 5 WhichofthefollowingSecureHashingAlgorithm(SHA)producesa160-bitdigestfromamessagewithamaximumlengthof(264-1)bitsandresemblestheMD5 algorithm? A. B. C. D.
SHA-2 SHA-3 SHA-1 SHA-0
Correct Answer: C Section: (none) Explanation Explanation/Reference: QUESTION 6 AhackernamedJackistryingtocompromiseabank'scompu Whatprocesswouldhelphim? A. B. C. D.
atingsystemofthatcomputertolaunchfurtherattacks.
BannerGrabbing IDLE/IPIDScanning SSDPScanning UDPScanning
Correct Answer: A Section: (none) Explanation Explanation/Reference: QUESTION 7 WhichregulationdefinessecurityandprivacycontrolsforFederalinformationsystemsandorganizations? A. HIPAA B. EUSafeHarbor
www.vceplus.com - Download A+ VCE (latest) free Open VCE Exams - VCE to PDF Converter - VCE Exam Simulator - VCE Onlin
C. PCI-DSS D. NIST-800-53 Correct Answer: D Section: (none) Explanation Explanation/Reference: QUESTION 8 Ithasbeenreportedtoyouthatsomeonehascausedaninformationspillageontheircomputer.Yougotothecomputer,disconnectitfromthenetwork,remove thekeyboardandmouse,andpoweritdown.Whatstepinincidenthandlingdidyoujustcomplete? A. B. C. D.
Discovery Recovery Containment Eradication
Correct Answer: C Section: (none) Explanation Explanation/Reference: QUESTION 9 Whichofthefollowingtypesofjailbreakingallowsuser-levelaccessbutdoesnotallowiboot-levelaccess? A. B. C. D.
BootromExploit iBootExploit SandboxExploit UserlandExploit
Correct Answer: D Section: (none) Explanation Explanation/Reference:
www.vceplus.com - Download A+ VCE (latest) free Open VCE Exams - VCE to PDF Converter - VCE Exam Simulator - VCE Onlin
QUESTION 10 Incryptanalysisandcomputersecurity,'passthehash'isahackingtechniquethatallowsanattackertoauthenticatetoaremoteserver/servicebyusingthe underlyingNTLMand/orLanManhashofauser’spassword,insteadofrequiringtheassociatedplaintextpasswordasisnormallythecase. MetasploitFrameworkhasamoduleforthistechnique:psexec.Thepsexecmoduleisoftenusedbypenetrationtesterstoobtainaccesstoagivensystemwhose credentialsareknown.Itwaswrittenbysysinternalsandhasbeenintegratedwithintheframework.Thepenetrationtesterssuccessfullygainaccesstoasystem throughsomeexploit,usemeterpretertograbthepasswordsorothermethodslikefgdump,pwdump,orcachedumpandthenutilizerainbowtablestocrackthose hashvalues. Whichofthefollowingistruehashtypeandsortorderthatisusedinthepsexecmodule's'smbpass'option? A. B. C. D.
LM:NT NTLM:LM NT:LM LMNTLM
Correct Answer: A Section: (none) Explanation Explanation/Reference: QUESTION 11 YouhavesuccessfullycomprisedaserverhavinganIPaddressof10.10.0.5.Youwouldliketoenumerateallmachinesinthesamenetworkquickly. Whatisthebestnmapcommandyouwilluse? A. B. C. D.
nmap-T4-q10.10.0.0/24 nmap-T4-F10.10.0.0/24 nmap-T4-r10.10.1.0/24 nmap-T4-O10.10.0.0/24
Correct Answer: B Section: (none) Explanation Explanation/Reference: QUESTION 12
www.vceplus.com - Download A+ VCE (latest) free Open VCE Exams - VCE to PDF Converter - VCE Exam Simulator - VCE Onlin
ThesecurityadministratorofABCneedstopermitInternettrafficinthehost10.0.0.2andUDPtrafficinthehost10.0.0.3.HealsoneedstopermitallFTPtrafficto therestofthenetworkanddenyallothertraffic.AfterheappliedhisACLconfigurationintherouter,nobodycanaccesstotheftp,andthepermittedhostscannot accesstheInternet.Accordingtothenextconfiguration,whatishappeninginthenetwork?
A. B. C. D.
TheACL104needstobefirstbecauseisUDP TheACL110needstobechangedtoport80 TheACLforFTPmustbebeforetheACL110 ThefirstACLisdenyingallTCPtrafficandtheotherACLsarebeingignoredbytherouter
Correct Answer: D Section: (none) Explanation Explanation/Reference: QUESTION 13 Thistoolisan802.11WEPandWPA-PSKkeyscrackingprogramthatcanrecoverkeysonceenoughdatapacketshavebeencaptured.Itimplementsthe standardFMSattackalongwithsomeoptimizationslikeKoreKattacks,aswellasthePTWattack,thusmakingtheattackmuchfastercomparedtootherWEP crackingtools. Whichofthefollowingtoolsisbeingdescribed? A. B. C. D.
wificracker Airguard WLAN-crack Aircrack-ng
Correct Answer: D Section: (none) Explanation Explanation/Reference: QUESTION 14
www.vceplus.com - Download A+ VCE (latest) free Open VCE Exams - VCE to PDF Converter - VCE Exam Simulator - VCE Onlin
Whichtoolallowsanalystsandpentesterstoexaminelinksbetweendatausinggraphsandlinkanalysis? A. B. C. D.
Metasploit Cain&Abel Maltego Wireshark
Correct Answer: C Section: (none) Explanation Explanation/Reference: QUESTION 15 Inwhichofthefollowingpasswordprotectiontechnique,randomstringsofcharactersareaddedtothepasswordbeforecalculatingtheirhashes? A. B. C. D.
KeyedHashing KeyStretching Salting DoubleHashing
Correct Answer: C Section: (none) Explanation Explanation/Reference: QUESTION 16 Youneedtodeployanewweb-basedsoftwarepackageforyourorganization.Thepackagerequiresthreeseparateserversandneedstobeavailableonthe Internet.Whatistherecommendedarchitectureintermsofserverplacement? A. B. C. D.
Allthreeserversneedtobeplacedinternally AwebserverfacingtheInternet,anapplicationserverontheinternalnetwork,adatabaseserverontheinternalnetwork AwebserverandthedatabaseserverfacingtheInternet,anapplicationserverontheinternalnetwork AllthreeserversneedtofacetheInternetsothattheycancommunicatebetweenthemselves
Correct Answer: B
www.vceplus.com - Download A+ VCE (latest) free Open VCE Exams - VCE to PDF Converter - VCE Exam Simulator - VCE Onlin
Section: (none) Explanation Explanation/Reference: QUESTION 17 Duringarecentsecurityassessment,youdiscovertheorganizationhasoneDomainNameServer(DNS)inaDemilitarizedZone(DMZ)andasecondDNSserver ontheinternalnetwork. WhatisthistypeofDNSconfigurationcommonlycalled? A. B. C. D.
DynDNS DNSScheme DNSSEC SplitDNS
Correct Answer: D Section: (none) Explanation Explanation/Reference: QUESTION 18 Avirusthatattemptstoinstallitselfinsidethefileitisinfectingiscalled? A. B. C. D.
Tunnelingvirus Cavityvirus Polymorphicvirus Stealthvirus
Correct Answer: B Section: (none) Explanation Explanation/Reference: QUESTION 19
www.vceplus.com - Download A+ VCE (latest) free Open VCE Exams - VCE to PDF Converter - VCE Exam Simulator - VCE Onlin
Bob,anetworkadministratoratBigUniversity,realizedthatsomestudentsareconnectingtheirnotebooksinthewirednetworktohaveInternetaccess.Inthe universitycampus,therearemanyEthernetportsavailableforprofessorsandauthorizedvisitorsbutnotforstudents. HeidentifiedthiswhentheIDSalertedformalwareactivitiesinthenetwork. WhatshouldBobdotoavoidthisproblem? A. B. C. D.
Disableunusedportsintheswitches SeparatestudentsinadifferentVLAN Usethe802.1xprotocol Askstudentstousethewirelessnetwork
Correct Answer: C Section: (none) Explanation Explanation/Reference: QUESTION 20 YouaretheNetworkAdmin,andyougetacompliantthatsomeofthewebsitesarenolongeraccessible.Youtrytopingtheserversandfindthemtobereachable. ThenyoutypetheIPaddressandthenyoutryonthebrowser, enotaccessiblewhenyoutryusingtheURL. Whatmaybetheproblem? A. B. C. D.
TrafficisBlockedonUDPPort53 TrafficisBlockedonUDPPort80 TrafficisBlockedonUDPPort54 TrafficisBlockedonUDPPort80
Correct Answer: A Section: (none) Explanation Explanation/Reference: QUESTION 21 Whichofthefollowingantennasiscommonlyusedincommunicationsforafrequencybandof10MHztoVHFandUHF? A. Omnidirectionalantenna B. Dipoleantenna
www.vceplus.com - Download A+ VCE (latest) free Open VCE Exams - VCE to PDF Converter - VCE Exam Simulator - VCE Onlin
C. Yagiantenna D. Parabolicgridantenna Correct Answer: C Section: (none) Explanation Explanation/Reference: QUESTION 22 Fromthefollowingtable,identifythewronganswerintermsofRange(ft).
A. B. C. D.
802.11b 802.11g 802.16(WiMax) 802.11a
Correct Answer: D Section: (none) Explanation Explanation/Reference: QUESTION 23 Whattermdescribestheamountofriskthatremainsafterthevulnerabilitiesareclassifiedandthecountermeasureshavebeendeployed? A. Deferredrisk B. Impactrisk C. Inherentrisk
www.vceplus.com - Download A+ VCE (latest) free Open VCE Exams - VCE to PDF Converter - VCE Exam Simulator - VCE Onlin
D. Residualrisk Correct Answer: D Section: (none) Explanation Explanation/Reference: QUESTION 24 Todetermineifasoftwareprogramproperlyhandlesawiderangeofinvalidinput,aformofautomatedtestingcanbeusedtorandomlygenerateinvalidinputinan attempttocrashtheprogram. Whattermiscommonlyusedwhenreferringtothistypeoftesting? A. B. C. D.
Randomizing Bounding Mutating Fuzzing
Correct Answer: D Section: (none) Explanation Explanation/Reference: QUESTION 25 WhichofthefollowingsecuritypoliciesdefinestheuseofVPNforgainingaccesstoaninternalcorporatenetwork? A. B. C. D.
Networksecuritypolicy Informationprotectionpolicy Accesscontrolpolicy Remoteaccesspolicy
Correct Answer: D Section: (none) Explanation Explanation/Reference:
www.vceplus.com - Download A+ VCE (latest) free Open VCE Exams - VCE to PDF Converter - VCE Exam Simulator - VCE Onlin
QUESTION 26 Youperformascanofyourcompany'snetworkanddiscoverthatTCPport123isopen.WhatservicesbydefaultrunonTCPport123? A. B. C. D.
Telnet POP3 NetworkTimeProtocol DNS
Correct Answer: C Section: (none) Explanation Explanation/Reference: QUESTION 27 YouhavesuccessfullygainedaccesstoaLinuxserverandwouldliketoensurethatthesucceedingoutgoingtrafficfromthisserverwillnotbecaughtbyNetworkBasedIntrusionDetectionSystems(NIDS). WhatisthebestwaytoevadetheNIDS? A. B. C. D.
Outofbandsignaling ProtocolIsolation Encryption AlternateDataStreams
Correct Answer: C Section: (none) Explanation Explanation/Reference: QUESTION 28 WhichisthefirststepfollowedbyVulnerabilityScannersforscanninganetwork? A. TCP/UDPPortscanning B. Firewalldetection
www.vceplus.com - Download A+ VCE (latest) free Open VCE Exams - VCE to PDF Converter - VCE Exam Simulator - VCE Onlin
C. OSDetection D. Checkingiftheremotehostisalive Correct Answer: D Section: (none) Explanation Explanation/Reference: QUESTION 29 Samisworkingasspen-testerinanorganizationinHouston.HeperformspenetrationtestingonIDSinordertofindthedifferentwaysanattackerusestoevade theIDS.SamsendsalargeamountofpacketstothetargetIDSthatgeneratesalerts,whichenableSamtohidetherealtraffic.WhattypeofmethodisSamusing toevadeIDS? A. B. C. D.
Denial-of-Service FalsePositiveGeneration InsertionAttack Obfuscating
Correct Answer: B Section: (none) Explanation Explanation/Reference: QUESTION 30 Anattackerscansahostwiththebelowcommand.Whichthreeflagsareset?(Choosethree.)#nmap-sXhost.domain.com A. B. C. D.
ThisisACKscan.ACKflagisset ThisisXmasscan.SYNandACKflagsareset ThisisXmasscan.URG,PUSHandFINareset ThisisSYNscan.SYNflagisset
Correct Answer: C Section: (none) Explanation
www.vceplus.com - Download A+ VCE (latest) free Open VCE Exams - VCE to PDF Converter - VCE Exam Simulator - VCE Onlin
Explanation/Reference: QUESTION 31 Whichofthefollowingprograminfectsthesystembootsectorandtheexecutablefilesatthesametime? A. B. C. D.
Stealthvirus Polymorphicvirus Macrovirus MultipartiteVirus
Correct Answer: D Section: (none) Explanation Explanation/Reference: QUESTION 32 Whattwoconditionsmustadigitalsignaturemeet? A. B. C. D.
Hastobelegibleandneat. Hastobeunforgeable,andhastobeauthentic. Mustbeuniqueandhavespecialcharacters. Hastobethesamenumberofcharactersasaphysicalsignatureandmustbeunique
Correct Answer: B Section: (none) Explanation Explanation/Reference: QUESTION 33 AnITemployeegotacallfromoneofourbestcustomers.Thecallerwantedtoknowaboutthecompany'snetworkinfrastructure,systems,andteam.New opportunitiesofintegrationareinsightforbothcompanyandcustomer.Whatshouldthisemployeedo? A. Theemployeescannotprovideanyinformation;but,anyway,he/shewillprovidethenameofthepersonincharge. B. Sincethecompany'spolicyisallaboutCustomerService,he/shewillprovideinformation.
www.vceplus.com - Download A+ VCE (latest) free Open VCE Exams - VCE to PDF Converter - VCE Exam Simulator - VCE Onlin
C. Disregardingthecall,theemployeeshouldhangup. D. Theemployeeshouldnotprovideanyinformationwithoutpreviousmanagementauthorization. Correct Answer: D Section: (none) Explanation Explanation/Reference: QUESTION 34 Yourcompanyperformspenetrationtestsandsecurityassessmentsforsmallandmedium-sizedbusinessinthelocalarea.Duringaroutinesecurityassessment, youdiscoverinformationthatsuggestsyourclientisinvolvedwithhumantrafficking. Whatshouldyoudo? A. B. C. D.
Confronttheclientinarespectfulmannerandaskheraboutthedata. Copythedatatoremovablemediaandkeepitincaseyouneedit. Ignorethedataandcontinuetheassessmentuntilcompletedasagreed. Immediatelystopworkandcontacttheproperlegalauthorities.
Correct Answer: D Section: (none) Explanation Explanation/Reference: QUESTION 35 IdentifytheUDPportthatNetworkTimeProtocol(NTP)usesasitsprimarymeansofcommunication? A. B. C. D.
123 161 69 113
Correct Answer: A Section: (none) Explanation
www.vceplus.com - Download A+ VCE (latest) free Open VCE Exams - VCE to PDF Converter - VCE Exam Simulator - VCE Onlin
Explanation/Reference: QUESTION 36 Duringtheprocessofencryptionanddecryption,whatkeysareshared? A. B. C. D.
Privatekeys Userpasswords Publickeys Publicandprivatekeys
Correct Answer: C Section: (none) Explanation Explanation/Reference: QUESTION 37 Whatisthepurposeofademilitarizedzoneonanetwork? A. B. C. D.
ToscanalltrafficcomingthroughtheDMZtotheinternalnetwork ToonlyprovidedirectaccesstothenodeswithintheDMZandprotectthenetworkbehindit Toprovideaplacetoputthehoneypot Tocontainthenetworkdevicesyouwishtoprotect
Correct Answer: B Section: (none) Explanation Explanation/Reference: QUESTION 38 Inwhichofthefollowingcryptographyattackmethods,theattackermakesaseriesofinteractivequeries,choosingsubsequentplaintextsbasedontheinformation fromthepreviousencryptions? A. Chosen-plaintextattack B. Ciphertext-onlyattack
www.vceplus.com - Download A+ VCE (latest) free Open VCE Exams - VCE to PDF Converter - VCE Exam Simulator - VCE Onlin
C. Adaptivechosen-plaintextattack D. Known-plaintextattack Correct Answer: A Section: (none) Explanation Explanation/Reference: QUESTION 39 Whyshouldthesecurityanalystdisable/removeunnecessaryISAPIfilters? A. B. C. D.
Todefendagainstsocialengineeringattacks Todefendagainstwebserverattacks Todefendagainstjailbreaking Todefendagainstwirelessattacks
Correct Answer: B Section: (none) Explanation Explanation/Reference: QUESTION 40 AnattackerhasinstalledaRATonahost.Theattackerwantstoensurethatwhenauserattemptstogoto''www.MyPersonalBank.com',thattheuserisdirected toaphishingsite. Whichfiledoestheattackerneedtomodify? A. B. C. D.
Boot.ini Sudoers Networks Hosts
Correct Answer: D Section: (none) Explanation
www.vceplus.com - Download A+ VCE (latest) free Open VCE Exams - VCE to PDF Converter - VCE Exam Simulator - VCE Onlin...