getcertified4sure.com

312-50v11 Exam

The Up To Date Guide To 312-50v11 Question




It is impossible to pass EC-Council 312-50v11 exam without any help in the short term. Come to Testking soon and find the most advanced, correct and guaranteed EC-Council 312-50v11 practice questions. You will get a surprising result by our Most recent Certified Ethical Hacker Exam (CEH v11) practice guides.

Check 312-50v11 free dumps before getting the full version:

NEW QUESTION 1
You receive an e-mail like the one shown below. When you click on the link contained in the mail, you are redirected to a website seeking you to download free Anti-Virus software.
Dear valued customers,
We are pleased to announce the newest version of Antivirus 2010 for Windows which will probe you with total security against the latest spyware, malware, viruses, Trojans and other online threats. Simply visit the link below and enter your antivirus code:
312-50v11 dumps exhibit
or you may contact us at the following address: Media Internet Consultants, Edif. Neptuno, Planta
Baja, Ave. Ricardo J. Alfaro, Tumba Muerto, n/a Panama
How will you determine if this is Real Anti-Virus or Fake Anti-Virus website?

  • A. Look at the website design, if it looks professional then it is a Real Anti-Virus website
  • B. Connect to the site using SSL, if you are successful then the website is genuine
  • C. Search using the URL and Anti-Virus product name into Google and lookout for suspicious warnings against this site
  • D. Download and install Anti-Virus software from this suspicious looking site, your Windows 7 will prompt you and stop the installation if the downloaded file is a malware
  • E. Download and install Anti-Virus software from this suspicious looking site, your Windows 7 will prompt you and stop the installation if the downloaded file is a malware

Answer: C

NEW QUESTION 2
While performing online banking using a Web browser, a user receives an email that contains a link to an interesting Web site. When the user clicks on the link, another Web browser session starts and displays a video of cats playing a piano. The next business day, the user receives what looks like an email from his bank, indicating that his bank account has been accessed from a foreign country. The email asks the user to call his bank and verify the authorization of a funds transfer that took place. What Web browser-based security vulnerability was exploited to compromise the user?

  • A. Clickjacking
  • B. Cross-Site Scripting
  • C. Cross-Site Request Forgery
  • D. Web form input validation

Answer: C

NEW QUESTION 3
A large company intends to use Blackberry for corporate mobile phones and a security analyst is assigned to evaluate the possible threats. The analyst will use the Blackjacking attack method to demonstrate how an attacker could circumvent perimeter defenses and gain access to the Prometric Online Testing – Reports https://ibt1.prometric.com/users/custom/report_queue/rq_str... corporate network. What tool should the analyst use to perform a Blackjacking attack?

  • A. Paros Proxy
  • B. BBProxy
  • C. Blooover
  • D. BBCrack

Answer: B

NEW QUESTION 4
You work for Acme Corporation as Sales Manager. The company has tight network security restrictions. You are trying to steal data from the company's Sales database (Sales.xls) and transfer them to your home computer. Your company filters and monitors traffic that leaves from the internal network to the Internet. How will you achieve this without raising suspicion?

  • A. Encrypt the Sales.xls using PGP and e-mail it to your personal gmail account
  • B. Package the Sales.xls using Trojan wrappers and telnet them back your home computer
  • C. You can conceal the Sales.xls database in another file like photo.jpg or other files and send it out in an innocent looking email or file transfer using Steganography techniques
  • D. Change the extension of Sales.xls to sales.txt and upload them as attachment to your hotmail account

Answer: C

NEW QUESTION 5
What two conditions must a digital signature meet?

  • A. Has to be the same number of characters as a physical signature and must be unique.
  • B. Has to be unforgeable, and has to be authentic.
  • C. Must be unique and have special characters.
  • D. Has to be legible and neat.

Answer: B

NEW QUESTION 6
Eve is spending her day scanning the library computers. She notices that Alice is using a computer whose port 445 is active and listening. Eve uses the ENUM tool to enumerate Alice machine. From the command prompt, she types the following command.
312-50v11 dumps exhibit
What is Eve trying to do?

  • A. Eve is trying to connect as a user with Administrator privileges
  • B. Eve is trying to enumerate all users with Administrative privileges
  • C. Eve is trying to carry out a password crack for user Administrator
  • D. Eve is trying to escalate privilege of the null user to that of Administrator

Answer: C

NEW QUESTION 7
During the process of encryption and decryption, what keys are shared? During the process of encryption and decryption, what keys are shared?

  • A. Private keys
  • B. User passwords
  • C. Public keys
  • D. Public and private keys

Answer: C

NEW QUESTION 8
A network administrator discovers several unknown files in the root directory of his Linux FTP server. One of the files is a tarball, two are shell script files, and the third is a binary file is named "nc." The FTP server's access logs show that the anonymous user account logged in to the server, uploaded the files, and extracted the contents of the tarball and ran the script using a function provided by the FTP server's software. The “ps” command shows that the “nc” file is running as process, and the netstat command shows the “nc” process is listening on a network port.
What kind of vulnerability must be present to make this remote attack possible?

  • A. File system permissions
  • B. Privilege escalation
  • C. Directory traversal
  • D. Brute force login

Answer: A

NEW QUESTION 9
You are tasked to perform a penetration test. While you are performing information gathering, you find an employee list in Google. You find the receptionist’s email, and you send her an email changing the source email to her boss’s email (boss@company). In this email, you ask for a pdf with information. She reads your email and sends back a pdf with links. You exchange the pdf links with your malicious links (these links contain malware) and send back the modified pdf, saying that the links don’t work. She reads your email, opens the links, and her machine gets infected. You now have access to the company network. What testing method did you use?

  • A. Social engineering
  • B. Piggybacking
  • C. Tailgating
  • D. Eavesdropping

Answer: A

NEW QUESTION 10
In this attack, a victim receives an e-mail claiming from PayPal stating that their account has been disabled and confirmation is required before activation. The attackers then scam to collect not one but two credit card numbers, ATM PIN number and other personal details. Ignorant users usually fall prey to this scam. Which of the following statement is incorrect related to this attack?

  • A. Do not reply to email messages or popup ads asking for personal or financial information
  • B. Do not trust telephone numbers in e-mails or popup ads
  • C. Review credit card and bank account statements regularly
  • D. Antivirus, anti-spyware, and firewall software can very easily detect these type of attacks
  • E. Do not send credit card numbers, and personal or financial information via e-mail

Answer: D

NEW QUESTION 11
Which of the following is a component of a risk assessment?

  • A. Administrative safeguards
  • B. Physical security
  • C. DMZ
  • D. Logical interface

Answer: A

NEW QUESTION 12
Peter, a Network Administrator, has come to you looking for advice on a tool that would help him perform SNMP enquires over the network.
Which of these tools would do the SNMP enumeration he is looking for? Select the best answers.

  • A. SNMPUtil
  • B. SNScan
  • C. SNMPScan
  • D. Solarwinds IP Network Browser
  • E. NMap

Answer: ABD

NEW QUESTION 13
As a securing consultant, what are some of the things you would recommend to a company to ensure DNS security?

  • A. Use the same machines for DNS and other applications
  • B. Harden DNS servers
  • C. Use split-horizon operation for DNS servers
  • D. Restrict Zone transfers
  • E. Have subnet diversity between DNS servers

Answer: BCDE

NEW QUESTION 14
Identify the web application attack where the attackers exploit vulnerabilities in dynamically generated web pages to inject client-side script into web pages viewed by other users.

  • A. LDAP Injection attack
  • B. Cross-Site Scripting (XSS)
  • C. SQL injection attack
  • D. Cross-Site Request Forgery (CSRF)

Answer: B

NEW QUESTION 15
Jim’s company regularly performs backups of their critical servers. But the company cannot afford to send backup tapes to an off-site vendor for long-term storage and archiving. Instead, Jim’s company keeps the backup tapes in a safe in the office. Jim’s company is audited each year, and the results from this year’s audit show a risk because backup tapes are not stored off-site. The Manager of Information Technology has a plan to take the backup tapes home with him and wants to know what two things he can do to secure the backup tapes while in transit?

  • A. Encrypt the backup tapes and transport them in a lock box.
  • B. Degauss the backup tapes and transport them in a lock box.
  • C. Hash the backup tapes and transport them in a lock box.
  • D. Encrypt the backup tapes and use a courier to transport them.

Answer: A

NEW QUESTION 16
You are attempting to crack LM Manager hashed from Windows 2000 SAM file. You will be using LM Brute force hacking tool for decryption. What encryption algorithm will you be decrypting?

  • A. MD4
  • B. DES
  • C. SHA
  • D. SSL

Answer: B

NEW QUESTION 17
You have gained physical access to a Windows 2008 R2 server which has an accessible disc drive. When you attempt to boot the server and log in, you are unable to guess the password. In your toolkit, you have an Ubuntu 9.10 Linux LiveCD. Which Linux-based tool can change any user’s password or activate disabled Windows accounts?

  • A. John the Ripper
  • B. SET
  • C. CHNTPW
  • D. Cain & Abel

Answer: C

NEW QUESTION 18
What does the following command in netcat do? nc -l -u -p55555 < /etc/passwd

  • A. logs the incoming connections to /etc/passwd file
  • B. loads the /etc/passwd file to the UDP port 55555
  • C. grabs the /etc/passwd file when connected to UDP port 55555
  • D. deletes the /etc/passwd file when connected to the UDP port 55555

Answer: C

NEW QUESTION 19
Gavin owns a white-hat firm and is performing a website security audit for one of his clients. He begins by running a scan which looks for common misconfigurations and outdated software versions. Which of the following tools is he most likely using?

  • A. Nikto
  • B. Nmap
  • C. Metasploit
  • D. Armitage

Answer: B

NEW QUESTION 20
You are attempting to run an Nmap port scan on a web server. Which of the following commands would result in a scan of common ports with the least amount of noise in order to evade IDS?

  • A. nmap -A - Pn
  • B. nmap -sP -p-65535 -T5
  • C. nmap -sT -O -T0
  • D. nmap -A --host-timeout 99 -T1

Answer: C

NEW QUESTION 21
What is a NULL scan?

  • A. A scan in which all flags are turned off
  • B. A scan in which certain flags are off
  • C. A scan in which all flags are on
  • D. A scan in which the packet size is set to zero
  • E. A scan with an illegal packet size

Answer: A

NEW QUESTION 22
......

100% Valid and Newest Version 312-50v11 Questions & Answers shared by Surepassexam, Get Full Dumps HERE: https://www.surepassexam.com/312-50v11-exam-dumps.html (New 254 Q&As)