312-50v11 | Precise EC-Council 312-50v11 Prep Online
Cause all that matters here is passing the EC-Council 312-50v11 exam. Cause all that you need is a high score of 312-50v11 Certified Ethical Hacker Exam (CEH v11) exam. The only one thing you need to do is downloading Examcollection 312-50v11 exam study guides now. We will not let you down with our money-back guarantee.
EC-Council 312-50v11 Free Dumps Questions Online, Read and Test Now.
NEW QUESTION 1
Which of the following is a component of a risk assessment?
- A. Administrative safeguards
- B. Physical security
- C. DMZ
- D. Logical interface
NEW QUESTION 2
These hackers have limited or no training and know how to use only basic techniques or tools. What kind of hackers are we talking about?
- A. Black-Hat Hackers A
- B. Script Kiddies
- C. White-Hat Hackers
- D. Gray-Hat Hacker
NEW QUESTION 3
Which of the following algorithms can be used to guarantee the integrity of messages being sent, in transit, or stored?
- A. symmetric algorithms
- B. asymmetric algorithms
- C. hashing algorithms
- D. integrity algorithms
NEW QUESTION 4
You are attempting to run an Nmap port scan on a web server. Which of the following commands would result in a scan of common ports with the least amount of noise in order to evade IDS?
- A. nmap -A - Pn
- B. nmap -sP -p-65535 -T5
- C. nmap -sT -O -T0
- D. nmap -A --host-timeout 99 -T1
NEW QUESTION 5
An LDAP directory can be used to store information similar to a SQL database. LDAP uses a database structure instead of SQL’s structure. Because of this, LDAP has difficulty representing many-to-one relationships.
- A. Relational, Hierarchical
- B. Strict, Abstract
- C. Hierarchical, Relational
- D. Simple, Complex
NEW QUESTION 6
This kind of password cracking method uses word lists in combination with numbers and special characters:
- A. Hybrid
- B. Linear
- C. Symmetric
- D. Brute Force
NEW QUESTION 7
A regional bank hires your company to perform a security assessment on their network after a recent data breach. The attacker was able to steal financial data from the bank by compromising only a single server. Based on this information, what should be one of your key recommendations to the bank?
- A. Place a front-end web server in a demilitarized zone that only handles external web traffic
- B. Require all employees to change their anti-virus program with a new one
- C. Move the financial data to another server on the same IP subnet
- D. Issue new certificates to the web servers from the root certificate authority
NEW QUESTION 8
Log monitoring tools performing behavioral analysis have alerted several suspicious logins on a Linux server occurring during non-business hours. After further examination of all login activities, it is noticed that none of the logins have occurred during typical work hours. A Linux administrator who is investigating this problem realizes the system time on the Linux server is wrong by more than twelve hours. What protocol used on Linux servers to synchronize the time has stopped working?
- A. Time Keeper
- B. NTP
- C. PPP
- D. OSPP
NEW QUESTION 9
You have successfully comprised a server having an IP address of 10.10.0.5. You would like to enumerate all machines in the same network quickly.
What is the best Nmap command you will use?
- A. nmap -T4 -q 10.10.0.0/24
- B. nmap -T4 -F 10.10.0.0/24
- C. nmap -T4 -r 10.10.1.0/24
- D. nmap -T4 -O 10.10.0.0/24
NEW QUESTION 10
One of your team members has asked you to analyze the following SOA record. What is the version? Rutgers.edu.SOA NS1.Rutgers.edu ipad.college.edu (200302028 3600 3600 604800 2400.) (Choose four.)
- A. 200303028
- B. 3600
- C. 604800
- D. 2400
- E. 60
- F. 4800
NEW QUESTION 11
A company's policy requires employees to perform file transfers using protocols which encrypt traffic. You suspect some employees are still performing file transfers using unencrypted protocols because the employees do not like changes. You have positioned a network sniffer to capture traffic from the laptops used by employees in the data ingest department. Using Wire shark to examine the captured traffic, which command can be used as a display filter to find unencrypted file transfers?
- A. tcp.port != 21
- B. tcp.port = 23
- C. tcp.port ==21
- D. tcp.port ==21 || tcp.port ==22
NEW QUESTION 12
The network administrator at Spears Technology, Inc has configured the default gateway Cisco router's access-list as below:
You are hired to conduct security testing on their network.
You successfully brute-force the SNMP community string using a SNMP crack tool.
The access-list configured at the router prevents you from establishing a successful connection. You want to retrieve the Cisco configuration from the router. How would you proceed?
- A. Use the Cisco's TFTP default password to connect and download the configuration file
- B. Run a network sniffer and capture the returned traffic with the configuration file from the router
- C. Run Generic Routing Encapsulation (GRE) tunneling protocol from your computer to the router masking your IP address
- D. Send a customized SNMP set request with a spoofed source IP address in the range -192.168.1.0
NEW QUESTION 13
You are trying to break into a highly classified top-secret mainframe computer with highest security system in place at Merclyn Barley Bank located in Los Angeles.
You know that conventional hacking doesn't work in this case, because organizations such as banks are generally tight and secure when it comes to protecting their systems.
In other words, you are trying to penetrate an otherwise impenetrable system. How would you proceed?
- A. Look for "zero-day" exploits at various underground hacker websites in Russia and China and buy the necessary exploits from these hackers and target the bank's network
- B. Try to hang around the local pubs or restaurants near the bank, get talking to a poorly-paid or disgruntled employee, and offer them money if they'll abuse their access privileges by providing you with sensitive information
- C. Launch DDOS attacks against Merclyn Barley Bank's routers and firewall systems using 100, 000 or more "zombies" and "bots"
- D. Try to conduct Man-in-the-Middle (MiTM) attack and divert the network traffic going to the Merclyn Barley Bank's Webserver to that of your machine using DNS Cache Poisoning techniques
NEW QUESTION 14
What is one of the advantages of using both symmetric and asymmetric cryptography in SSL/TLS?
- A. Supporting both types of algorithms allows less-powerful devices such as mobile phones to use symmetric encryption instead.
- B. Symmetric algorithms such as AES provide a failsafe when asymmetric methods fail.
- C. Symmetric encryption allows the server to security transmit the session keys out-of-band.
- D. Asymmetric cryptography is computationally expensive in compariso
- E. However, it is well-suited to securely negotiate keys for use with symmetric cryptography.
NEW QUESTION 15
Which is the first step followed by Vulnerability Scanners for scanning a network?
- A. OS Detection
- B. Firewall detection
- C. TCP/UDP Port scanning
- D. Checking if the remote host is alive
NEW QUESTION 16
Eric has discovered a fantastic package of tools named Dsniff on the Internet. He has learnt to use these tools in his lab and is now ready for real world exploitation. He was able to effectively intercept communications between the two entities and establish credentials with both sides of the connections. The two remote ends of the communication never notice that Eric is relaying the information between the two. What would you call this attack?
- A. Interceptor
- B. Man-in-the-middle
- C. ARP Proxy
- D. Poisoning Attack
NEW QUESTION 17
Which of the following incident handling process phases is responsible for defining rules, collaborating human workforce, creating a back-up plan, and testing the plans for an organization?
- A. Preparation phase
- B. Containment phase
- C. Identification phase
- D. Recovery phase
NEW QUESTION 18
Which of the following tools performs comprehensive tests against web servers, including dangerous files and CGIs?
- A. Nikto
- B. John the Ripper
- C. Dsniff
- D. Snort
NEW QUESTION 19
What is the following command used for? net use \targetipc$ "" /u:""
- A. Grabbing the etc/passwd file
- B. Grabbing the SAM
- C. Connecting to a Linux computer through Samba.
- D. This command is used to connect as a null session
- E. Enumeration of Cisco routers
NEW QUESTION 20
A company’s security policy states that all Web browsers must automatically delete their HTTP browser cookies upon terminating. What sort of security breach is this policy attempting to mitigate?
- A. Attempts by attackers to access the user and password information stored in the company’s SQL database.
- B. Attempts by attackers to access Web sites that trust the Web browser user by stealing the user’s authentication credentials.
- C. Attempts by attackers to access password stored on the user’s computer without the user’s knowledge.
- D. Attempts by attackers to determine the user’s Web browser usage patterns, including when sites were visited and for how long.
NEW QUESTION 21
Which mode of IPSec should you use to assure security and confidentiality of data within the same LAN?
- A. ESP transport mode
- B. ESP confidential
- C. AH permiscuous
- D. AH Tunnel mode
NEW QUESTION 22
Recommend!! Get the Full 312-50v11 dumps in VCE and PDF From Downloadfreepdf.net, Welcome to Download: https://www.downloadfreepdf.net/312-50v11-pdf-download.html (New 254 Q&As Version)