312-50v11 | The Secret Of EC-Council 312-50v11 Practice Test

we provide High quality EC-Council 312-50v11 practice which are the best for clearing 312-50v11 test, and to get certified by EC-Council Certified Ethical Hacker Exam (CEH v11). The 312-50v11 Questions & Answers covers all the knowledge points of the real 312-50v11 exam. Crack your EC-Council 312-50v11 Exam with latest dumps, guaranteed!

EC-Council 312-50v11 Free Dumps Questions Online, Read and Test Now.

NEW QUESTION 1
A bank stores and processes sensitive privacy information related to home loans. However, auditing has never been enabled on the system. What is the first step that the bank should take before enabling the audit feature?

  • A. Perform a vulnerability scan of the system.
  • B. Determine the impact of enabling the audit feature.
  • C. Perform a cost/benefit analysis of the audit feature.
  • D. Allocate funds for staffing of audit log review.

Answer: B

NEW QUESTION 2
During a black-box pen test you attempt to pass IRC traffic over port 80/TCP from a compromised web enabled host. The traffic gets blocked; however, outbound HTTP traffic is unimpeded. What type of firewall is inspecting outbound traffic?

  • A. Circuit
  • B. Stateful
  • C. Application
  • D. Packet Filtering

Answer: B

NEW QUESTION 3
What is the main security service a cryptographic hash provides?

  • A. Integrity and ease of computation
  • B. Message authentication and collision resistance
  • C. Integrity and collision resistance
  • D. Integrity and computational in-feasibility

Answer: D

NEW QUESTION 4
What does a firewall check to prevent particular ports and applications from getting packets into an organization?

  • A. Transport layer port numbers and application layer headers
  • B. Presentation layer headers and the session layer port numbers
  • C. Network layer headers and the session layer port numbers
  • D. Application layer port numbers and the transport layer headers

Answer: A

NEW QUESTION 5
Which of the following represents the initial two commands that an IRC client sends to join an IRC network?

  • A. USER, NICK
  • B. LOGIN, NICK
  • C. USER, PASS
  • D. LOGIN, USER

Answer: A

NEW QUESTION 6
Identify the web application attack where the attackers exploit vulnerabilities in dynamically generated web pages to inject client-side script into web pages viewed by other users.

  • A. LDAP Injection attack
  • B. Cross-Site Scripting (XSS)
  • C. SQL injection attack
  • D. Cross-Site Request Forgery (CSRF)

Answer: B

NEW QUESTION 7
_____ is a tool that can hide processes from the process list, can hide files, registry entries, and intercept keystrokes.

  • A. Trojan
  • B. RootKit
  • C. DoS tool
  • D. Scanner
  • E. Backdoor

Answer: B

NEW QUESTION 8
PGP, SSL, and IKE are all examples of which type of cryptography?

  • A. Digest
  • B. Secret Key
  • C. Public Key
  • D. Hash Algorithm

Answer: C

NEW QUESTION 9
Shellshock allowed an unauthorized user to gain access to a server. It affected many Internet-facing services, which OS did it not directly affect?

  • A. Linux
  • B. Unix
  • C. OS X
  • D. Windows

Answer: D

NEW QUESTION 10
You are programming a buffer overflow exploit and you want to create a NOP sled of 200 bytes in the program exploit.c
312-50v11 dumps exhibit
What is the hexadecimal value of NOP instruction?

  • A. 0x60
  • B. 0x80
  • C. 0x70
  • D. 0x90

Answer: D

NEW QUESTION 11
In Trojan terminology, what is a covert channel?
312-50v11 dumps exhibit

  • A. A channel that transfers information within a computer system or network in a way that violates the security policy
  • B. A legitimate communication path within a computer system or network for transfer of data
  • C. It is a kernel operation that hides boot processes and services to mask detection
  • D. It is Reverse tunneling technique that uses HTTPS protocol instead of HTTP protocol to establish connections

Answer: A

NEW QUESTION 12
A user on your Windows 2000 network has discovered that he can use L0phtcrack to sniff the SMB exchanges which carry user logons. The user is plugged into a hub with 23 other systems.
However, he is unable to capture any logons though he knows that other users are logging in. What do you think is the most likely reason behind this?

  • A. There is a NIDS present on that segment.
  • B. Kerberos is preventing it.
  • C. Windows logons cannot be sniffed.
  • D. L0phtcrack only sniffs logons to web servers.

Answer: B

NEW QUESTION 13
Within the context of Computer Security, which of the following statements describes Social Engineering best?

  • A. Social Engineering is the act of publicly disclosing information
  • B. Social Engineering is the means put in place by human resource to perform time accounting
  • C. Social Engineering is the act of getting needed information from a person rather than breaking into a system
  • D. Social Engineering is a training program within sociology studies

Answer: C

NEW QUESTION 14
Which of the following program infects the system boot sector and the executable files at the same time?

  • A. Polymorphic virus
  • B. Stealth virus
  • C. Multipartite Virus
  • D. Macro virus

Answer: C

NEW QUESTION 15
The company ABC recently contracts a new accountant. The accountant will be working with the financial statements. Those financial statements need to be approved by the CFO and then they will be sent to the accountant but the CFO is worried because he wants to be sure that the information sent to the accountant was not modified once he approved it. Which of the following options can be useful to ensure the integrity of the data?

  • A. The CFO can use a hash algorithm in the document once he approved the financial statements
  • B. The CFO can use an excel file with a password
  • C. The financial statements can be sent twice, one by email and the other delivered in USB and the accountant can compare both to be sure is the same document
  • D. The document can be sent to the accountant using an exclusive USB for that document

Answer: A

NEW QUESTION 16
What is the purpose of a demilitarized zone on a network?

  • A. To scan all traffic coming through the DMZ to the internal network
  • B. To only provide direct access to the nodes within the DMZ and protect the network behind it
  • C. To provide a place to put the honeypot
  • D. To contain the network devices you wish to protect

Answer: B

NEW QUESTION 17
You are attempting to crack LM Manager hashed from Windows 2000 SAM file. You will be using LM Brute force hacking tool for decryption. What encryption algorithm will you be decrypting?

  • A. MD4
  • B. DES
  • C. SHA
  • D. SSL

Answer: B

NEW QUESTION 18
If a tester is attempting to ping a target that exists but receives no response or a response that states the destination is unreachable, ICMP may be disabled and the network may be using TCP. Which other option could the tester use to get a response from a host using TCP?

  • A. Traceroute
  • B. Hping
  • C. TCP ping
  • D. Broadcast ping

Answer: B

NEW QUESTION 19
If a token and 4-digit personal identification number (PIN) are used to access a computer system and the token performs off-line checking for the correct PIN, what type of attack is possible?

  • A. Birthday
  • B. Brute force
  • C. Man-in-the-middle
  • D. Smurf

Answer: B

NEW QUESTION 20
Based on the following extract from the log of a compromised machine, what is the hacker really trying to steal?

  • A. har.txt
  • B. SAM file
  • C. wwwroot
  • D. Repair file

Answer: B

NEW QUESTION 21
What is the known plaintext attack used against DES which gives the result that encrypting plaintext with one DES key followed by encrypting it with a second DES key is no more secure than using a single key?

  • A. Man-in-the-middle attack
  • B. Meet-in-the-middle attack
  • C. Replay attack
  • D. Traffic analysis attack

Answer: B

NEW QUESTION 22
A network administrator discovers several unknown files in the root directory of his Linux FTP server. One of the files is a tarball, two are shell script files, and the third is a binary file is named "nc." The FTP server's access logs show that the anonymous user account logged in to the server, uploaded the files, and extracted the contents of the tarball and ran the script using a function provided by the FTP server's software. The “ps” command shows that the “nc” file is running as process, and the netstat command shows the “nc” process is listening on a network port.
What kind of vulnerability must be present to make this remote attack possible?

  • A. File system permissions
  • B. Privilege escalation
  • C. Directory traversal
  • D. Brute force login

Answer: A

NEW QUESTION 23
A penetration tester is conducting a port scan on a specific host. The tester found several ports opened that were confusing in concluding the Operating System (OS) version installed. Considering that NMAP result below, which of the following is likely to be installed on the target machine by the OS? Starting NMAP 5.21 at 2011-03-15 11:06 NMAP scan report for 172.16.40.65 Host is up (1.00s latency). Not shown: 993 closed ports PORT STATE SERVICE 21/tcp open ftp 23/tcp open telnet 80/tcp open http 139/tcp open netbios-ssn 515/tcp open 631/tcp open ipp 9100/tcp open MAC Address: 00:00:48:0D:EE:8

  • A. The host is likely a Linux machine.
  • B. The host is likely a printer.
  • C. The host is likely a router.
  • D. The host is likely a Windows machine.

Answer: B

NEW QUESTION 24
What is the proper response for a NULL scan if the port is open?

  • A. SYN
  • B. ACK
  • C. FIN
  • D. PSH
  • E. RST
  • F. No response

Answer: F

NEW QUESTION 25
......

Thanks for reading the newest 312-50v11 exam dumps! We recommend you to try the PREMIUM Thedumpscentre.com 312-50v11 dumps in VCE and PDF here: https://www.thedumpscentre.com/312-50v11-dumps/ (254 Q&As Dumps)