312-50v11 | All About Realistic 312-50v11 Testing Bible
Proper study guides for Replace EC-Council Certified Ethical Hacker Exam (CEH v11) certified begins with EC-Council 312-50v11 preparation products which designed to deliver the Top Quality 312-50v11 questions by making you pass the 312-50v11 test at your first time. Try the free 312-50v11 demo right now.
Online EC-Council 312-50v11 free dumps demo Below:
NEW QUESTION 1
is a set of extensions to DNS that provide the origin authentication of DNS data to DNS clients (resolvers) so as to reduce the threat of DNS poisoning, spoofing, and similar types of attacks.
- A. DNSSEC
- B. Resource records
- C. Resource transfer
- D. Zone transfer
NEW QUESTION 2
“........is an attack type for a rogue Wi-Fi access point that appears to be a legitimate one offered on the premises, but actually has been set up to eavesdrop on wireless communications. It is the wireless version of the phishing scam. An attacker fools wireless users into connecting a laptop or mobile phone to a tainted hot-spot by posing as a legitimate provider. This type of attack may be used to steal the passwords of
unsuspecting users by either snooping the communication link or by phishing, which involves setting up a fraudulent web site and luring people there.”
Fill in the blank with appropriate choice.
- A. Evil Twin Attack
- B. Sinkhole Attack
- C. Collision Attack
- D. Signal Jamming Attack
NEW QUESTION 3
Which of the following is an extremely common IDS evasion technique in the web world?
- A. Spyware
- B. Subnetting
- C. Unicode Characters
- D. Port Knocking
NEW QUESTION 4
What is the role of test automation in security testing?
- A. It is an option but it tends to be very expensive.
- B. It should be used exclusivel
- C. Manual testing is outdated because of low speed and possible test setup inconsistencies.
- D. Test automation is not usable in security due to the complexity of the tests.
- E. It can accelerate benchmark tests and repeat them with a consistent test setu
- F. But it cannot replace manual testing completely.
NEW QUESTION 5
Bob is doing a password assessment for one of his clients. Bob suspects that security policies are not in place. He also suspects that weak passwords are probably the norm throughout the company he is evaluating. Bob is familiar with password weaknesses and key loggers.
Which of the following options best represents the means that Bob can adopt to retrieve passwords from his clients hosts and servers?
- A. Hardware, Software, and Sniffing.
- B. Hardware and Software Keyloggers.
- C. Passwords are always best obtained using Hardware key loggers.
- D. Software only, they are the most effective.
NEW QUESTION 6
As a Certified Ethical Hacker, you were contracted by a private firm to conduct an external security assessment through penetration testing.
What document describes the specifics of the testing, the associated violations, and essentially protects both the organization’s interest and your liabilities as a tester?
- A. Service Level Agreement
- B. Project Scope
- C. Rules of Engagement
- D. Non-Disclosure Agreement
NEW QUESTION 7
Windows LAN Manager (LM) hashes are known to be weak.
Which of the following are known weaknesses of LM? (Choose three.)
- A. Converts passwords to uppercase.
- B. Hashes are sent in clear text over the network.
- C. Makes use of only 32-bit encryption.
- D. Effective length is 7 characters.
NEW QUESTION 8
Which type of security feature stops vehicles from crashing through the doors of a building?
- A. Bollards
- B. Receptionist
- C. Mantrap
- D. Turnstile
NEW QUESTION 9
Which of the following are well known password-cracking programs?
- A. L0phtcrack
- B. NetCat
- C. Jack the Ripper
- D. Netbus
- E. John the Ripper
NEW QUESTION 10
What is the BEST alternative if you discover that a rootkit has been installed on one of your computers?
- A. Copy the system files from a known good system
- B. Perform a trap and trace
- C. Delete the files and try to determine the source
- D. Reload from a previous backup
- E. Reload from known good media
NEW QUESTION 11
What is the minimum number of network connections in a multihomed firewall?
- A. 3
- B. 5
- C. 4
- D. 2
NEW QUESTION 12
When you are getting information about a web server, it is very important to know the HTTP Methods (GET, POST, HEAD, PUT, DELETE, TRACE) that are available because there are two critical methods (PUT and DELETE). PUT can upload a file to the server and DELETE can delete a file from the server. You can detect all these methods (GET, POST, HEAD, DELETE, PUT, TRACE) using NMAP script engine. What Nmap script will help you with this task?
- A. http-methods
- B. http enum
- C. http-headers
- D. http-git
NEW QUESTION 13
During a recent security assessment, you discover the organization has one Domain Name Server (DNS) in a Demilitarized Zone (DMZ) and a second DNS server on the internal network.
What is this type of DNS configuration commonly called?
- A. DynDNS
- B. DNS Scheme
- C. DNSSEC
- D. Split DNS
NEW QUESTION 14
What did the following commands determine?
- A. That the Joe account has a SID of 500
- B. These commands demonstrate that the guest account has NOT been disabled
- C. These commands demonstrate that the guest account has been disabled
- D. That the true administrator is Joe
- E. Issued alone, these commands prove nothing
NEW QUESTION 15
Which DNS resource record can indicate how long any "DNS poisoning" could last?
- A. MX
- B. SOA
- C. NS
- D. TIMEOUT
NEW QUESTION 16
Which of the following is not a Bluetooth attack?
- A. Bluedriving
- B. Bluesmacking
- C. Bluejacking
- D. Bluesnarfing
NEW QUESTION 17
You are tasked to perform a penetration test. While you are performing information gathering, you find an employee list in Google. You find the receptionist’s email, and you send her an email changing the source email to her boss’s email (boss@company). In this email, you ask for a pdf with information. She reads your email and sends back a pdf with links. You exchange the pdf links with your malicious links (these links contain malware) and send back the modified pdf, saying that the links don’t work. She reads your email, opens the links, and her machine gets infected. You now have access to the company network. What testing method did you use?
- A. Social engineering
- B. Piggybacking
- C. Tailgating
- D. Eavesdropping
NEW QUESTION 18
A penetration tester is conducting a port scan on a specific host. The tester found several ports opened that were confusing in concluding the Operating System (OS) version installed. Considering that NMAP result below, which of the following is likely to be installed on the target machine by the OS? Starting NMAP 5.21 at 2011-03-15 11:06 NMAP scan report for 172.16.40.65 Host is up (1.00s latency). Not shown: 993 closed ports PORT STATE SERVICE 21/tcp open ftp 23/tcp open telnet 80/tcp open http 139/tcp open netbios-ssn 515/tcp open 631/tcp open ipp 9100/tcp open MAC Address: 00:00:48:0D:EE:8
- A. The host is likely a Linux machine.
- B. The host is likely a printer.
- C. The host is likely a router.
- D. The host is likely a Windows machine.
NEW QUESTION 19
An Intrusion Detection System (IDS) has alerted the network administrator to a possibly malicious sequence of packets sent to a Web server in the network’s external DMZ. The packet traffic was captured by the IDS and saved to a PCAP file. What type of network tool can be used to determine if these packets are genuinely malicious or simply a false positive?
- A. Protocol analyzer
- B. Network sniffer
- C. Intrusion Prevention System (IPS)
- D. Vulnerability scanner
NEW QUESTION 20
What ports should be blocked on the firewall to prevent NetBIOS traffic from not coming through the firewall if your network is comprised of Windows NT, 2000, and XP?
- A. 110
- B. 135
- C. 139
- D. 161
- E. 445
- F. 1024
NEW QUESTION 21
PGP, SSL, and IKE are all examples of which type of cryptography?
- A. Digest
- B. Secret Key
- C. Public Key
- D. Hash Algorithm
NEW QUESTION 22
100% Valid and Newest Version 312-50v11 Questions & Answers shared by 2passeasy, Get Full Dumps HERE: https://www.2passeasy.com/dumps/312-50v11/ (New 254 Q&As)