312-50v11 | All About Precise 312-50v11 Exam Engine

Certleader offers free demo for 312-50v11 exam. "Certified Ethical Hacker Exam (CEH v11)", also known as 312-50v11 exam, is a EC-Council Certification. This set of posts, Passing the EC-Council 312-50v11 exam, will help you answer those questions. The 312-50v11 Questions & Answers covers all the knowledge points of the real exam. 100% real EC-Council 312-50v11 exams and revised by experts!

Also have 312-50v11 free dumps questions for you:

NEW QUESTION 1
Which of the following is not a Bluetooth attack?

  • A. Bluedriving
  • B. Bluesmacking
  • C. Bluejacking
  • D. Bluesnarfing

Answer: A

NEW QUESTION 2
As a securing consultant, what are some of the things you would recommend to a company to ensure DNS security?

  • A. Use the same machines for DNS and other applications
  • B. Harden DNS servers
  • C. Use split-horizon operation for DNS servers
  • D. Restrict Zone transfers
  • E. Have subnet diversity between DNS servers

Answer: BCDE

NEW QUESTION 3
Which of the following viruses tries to hide from anti-virus programs by actively altering and corrupting the chosen service call interruptions when they are being run?

  • A. Macro virus
  • B. Stealth/Tunneling virus
  • C. Cavity virus
  • D. Polymorphic virus

Answer: B

NEW QUESTION 4
This kind of password cracking method uses word lists in combination with numbers and special characters:

  • A. Hybrid
  • B. Linear
  • C. Symmetric
  • D. Brute Force

Answer: A

NEW QUESTION 5
An attacker attaches a rogue router in a network. He wants to redirect traffic to a LAN attached to his router as part of a man-in-the-middle attack. What measure on behalf of the legitimate admin can mitigate this attack?

  • A. Make sure that legitimate network routers are configured to run routing protocols with authentication.
  • B. Disable all routing protocols and only use static routes
  • C. Only using OSPFv3 will mitigate this risk.
  • D. Redirection of the traffic cannot happen unless the admin allows it explicitly.

Answer: A

NEW QUESTION 6
While using your bank’s online servicing you notice the following string in the URL bar:
“http: // www. MyPersonalBank. com/ account?id=368940911028389&Damount=10980&Camount=21”
You observe that if you modify the Damount & Camount values and submit the request, that data on the web page reflects the changes.
Which type of vulnerability is present on this site?

  • A. Cookie Tampering
  • B. SQL Injection
  • C. Web Parameter Tampering
  • D. XSS Reflection

Answer: C

NEW QUESTION 7
One of your team members has asked you to analyze the following SOA record.
What is the TTL? Rutgers.edu.SOA NS1.Rutgers.edu ipad.college.edu (200302028 3600 3600 604800 2400.)

  • A. 200303028
  • B. 3600
  • C. 604800
  • D. 2400
  • E. 60
  • F. 4800

Answer: D

NEW QUESTION 8
What does the –oX flag do in an Nmap scan?

  • A. Perform an eXpress scan
  • B. Output the results in truncated format to the screen
  • C. Output the results in XML format to a file
  • D. Perform an Xmas scan

Answer: C

NEW QUESTION 9
You have successfully logged on a Linux system. You want to now cover your trade Your login attempt may be logged on several files located in /var/log. Which file does NOT belongs to the list:

  • A. user.log
  • B. auth.fesg
  • C. wtmp
  • D. btmp

Answer: C

NEW QUESTION 10
Let's imagine three companies (A, B and C), all competing in a challenging global environment. Company A and B are working together in developing a product that will generate a major competitive advantage for them. Company A has a secure DNS server while company B has a DNS server vulnerable to spoofing. With a spoofing attack on the DNS server of company B, company C gains access to outgoing e-mails from company B. How do you prevent DNS spoofing?

  • A. Install DNS logger and track vulnerable packets
  • B. Disable DNS timeouts
  • C. Install DNS Anti-spoofing
  • D. Disable DNS Zone Transfer

Answer: C

NEW QUESTION 11
A network admin contacts you. He is concerned that ARP spoofing or poisoning might occur on his network. What are some things he can do to prevent it? Select the best answers.

  • A. Use port security on his switches.
  • B. Use a tool like ARPwatch to monitor for strange ARP activity.
  • C. Use a firewall between all LAN segments.
  • D. If you have a small network, use static ARP entries.
  • E. Use only static IP addresses on all PC's.

Answer: ABD

NEW QUESTION 12
Tremp is an IT Security Manager, and he is planning to deploy an IDS in his small company. He is looking for an IDS with the following characteristics: - Verifies success or failure of an attack - Monitors system activities Detects attacks that a network-based IDS fails to detect - Near real-time detection and response - Does not require additional hardware - Lower entry cost Which type of IDS is best suited for Tremp's requirements?

  • A. Gateway-based IDS
  • B. Network-based IDS
  • C. Host-based IDS
  • D. Open source-based

Answer: C

NEW QUESTION 13
A pen tester is configuring a Windows laptop for a test. In setting up Wireshark, what river and library are required to allow the NIC to work in promiscuous mode?

  • A. Libpcap
  • B. Awinpcap
  • C. Winprom
  • D. Winpcap

Answer: D

NEW QUESTION 14
What is the minimum number of network connections in a multihomed firewall?

  • A. 3
  • B. 5
  • C. 4
  • D. 2

Answer: A

NEW QUESTION 15
To reach a bank web site, the traffic from workstations must pass through a firewall. You have been asked to review the firewall configuration to ensure that workstations in network 10.10.10.0/24 can only reach the bank web site 10.20.20.1 using https. Which of the following firewall rules meets this requirement?

  • A. If (source matches 10.10.10.0/24 and destination matches 10.20.20.1 and port matches 443) then permit
  • B. If (source matches 10.10.10.0/24 and destination matches 10.20.20.1 and port matches 80 or 443) then permit
  • C. If (source matches 10.20.20.1 and destination matches 10.10.10.0/24 and port matches 443) then permit
  • D. If (source matches 10.10.10.0 and destination matches 10.20.20.1 and port matches 443) then permit

Answer: A

NEW QUESTION 16
A new wireless client is configured to join a 802.11 network. This client uses the same hardware and software as many of the other clients on the network. The client can see the network, but cannot connect. A wireless packet sniffer shows that the Wireless Access Point (WAP) is not responding to the association requests being sent by the wireless client. What is a possible source of this problem?

  • A. The WAP does not recognize the client’s MAC address
  • B. The client cannot see the SSID of the wireless network
  • C. Client is configured for the wrong channel
  • D. The wireless client is not configured to use DHCP

Answer: A

NEW QUESTION 17
What is one of the advantages of using both symmetric and asymmetric cryptography in SSL/TLS?

  • A. Supporting both types of algorithms allows less-powerful devices such as mobile phones to use symmetric encryption instead.
  • B. Symmetric algorithms such as AES provide a failsafe when asymmetric methods fail.
  • C. Symmetric encryption allows the server to security transmit the session keys out-of-band.
  • D. Asymmetric cryptography is computationally expensive in compariso
  • E. However, it is well-suited to securely negotiate keys for use with symmetric cryptography.

Answer: A

NEW QUESTION 18
You need to deploy a new web-based software package for your organization. The package requires three separate servers and needs to be available on the Internet. What is the recommended architecture in terms of server placement?

  • A. All three servers need to be placed internally
  • B. A web server facing the Internet, an application server on the internal network, a database server on the internal network
  • C. A web server and the database server facing the Internet, an application server on the internal network
  • D. All three servers need to face the Internet so that they can communicate between themselves

Answer: B

NEW QUESTION 19
What two conditions must a digital signature meet?

  • A. Has to be the same number of characters as a physical signature and must be unique.
  • B. Has to be unforgeable, and has to be authentic.
  • C. Must be unique and have special characters.
  • D. Has to be legible and neat.

Answer: B

NEW QUESTION 20
Peter is surfing the internet looking for information about DX Company. Which hacking process is Peter doing?

  • A. Scanning
  • B. Footprinting
  • C. Enumeration
  • D. System Hacking

Answer: B

NEW QUESTION 21
Bob is acknowledged as a hacker of repute and is popular among visitors of "underground" sites.
Bob is willing to share his knowledge with those who are willing to learn, and many have expressed their interest in learning from him. However, this knowledge has a risk associated with it, as it can be used for malevolent attacks as well.
In this context, what would be the most effective method to bridge the knowledge gap between the "black" hats or crackers and the "white" hats or computer security professionals? (Choose the test answer.)

  • A. Educate everyone with books, articles and training on risk analysis, vulnerabilities and safeguards.
  • B. Hire more computer security monitoring personnel to monitor computer systems and networks.
  • C. Make obtaining either a computer security certification or accreditation easier to achieve so more individuals feel that they are a part of something larger than life.
  • D. Train more National Guard and reservist in the art of computer security to help out in times of emergency or crises.

Answer: A

NEW QUESTION 22
What type of analysis is performed when an attacker has partial knowledge of inner-workings of the application?

  • A. Black-box
  • B. Announced
  • C. White-box
  • D. Grey-box

Answer: D

NEW QUESTION 23
Which of the following tools can be used for passive OS fingerprinting?

  • A. nmap
  • B. tcpdump
  • C. tracert
  • D. ping

Answer: B

NEW QUESTION 24
When discussing passwords, what is considered a brute force attack?

  • A. You attempt every single possibility until you exhaust all possible combinations or discover the password
  • B. You threaten to use the rubber hose on someone unless they reveal their password
  • C. You load a dictionary of words into your cracking program
  • D. You create hashes of a large number of words and compare it with the encrypted passwords
  • E. You wait until the password expires

Answer: A

NEW QUESTION 25
......

P.S. Easily pass 312-50v11 Exam with 254 Q&As Certleader Dumps & pdf Version, Welcome to Download the Newest Certleader 312-50v11 Dumps: https://www.certleader.com/312-50v11-dumps.html (254 New Questions)