Exam Code: 312-50v11 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: Certified Ethical Hacker Exam (CEH v11)
Certification Provider: EC-Council
Free Today! Guaranteed Training- Pass 312-50v11 Exam.

Online EC-Council 312-50v11 free dumps demo Below:

A company’s security policy states that all Web browsers must automatically delete their HTTP browser cookies upon terminating. What sort of security breach is this policy attempting to mitigate?

  • A. Attempts by attackers to access the user and password information stored in the company’s SQL database.
  • B. Attempts by attackers to access Web sites that trust the Web browser user by stealing the user’s authentication credentials.
  • C. Attempts by attackers to access password stored on the user’s computer without the user’s knowledge.
  • D. Attempts by attackers to determine the user’s Web browser usage patterns, including when sites were visited and for how long.

Answer: B

PGP, SSL, and IKE are all examples of which type of cryptography?

  • A. Digest
  • B. Secret Key
  • C. Public Key
  • D. Hash Algorithm

Answer: C

What tool can crack Windows SMB passwords simply by listening to network traffic?

  • A. This is not possible
  • B. Netbus
  • D. L0phtcrack

Answer: D

The company ABC recently contracts a new accountant. The accountant will be working with the financial statements. Those financial statements need to be approved by the CFO and then they will be sent to the accountant but the CFO is worried because he wants to be sure that the information sent to the accountant was not modified once he approved it. Which of the following options can be useful to ensure the integrity of the data?

  • A. The CFO can use a hash algorithm in the document once he approved the financial statements
  • B. The CFO can use an excel file with a password
  • C. The financial statements can be sent twice, one by email and the other delivered in USB and the accountant can compare both to be sure is the same document
  • D. The document can be sent to the accountant using an exclusive USB for that document

Answer: A

One of your team members has asked you to analyze the following SOA record. What is the version? Rutgers.edu.SOA NS1.Rutgers.edu ipad.college.edu (200302028 3600 3600 604800 2400.) (Choose four.)

  • A. 200303028
  • B. 3600
  • C. 604800
  • D. 2400
  • E. 60
  • F. 4800

Answer: A

Todd has been asked by the security officer to purchase a counter-based authentication system. Which of the following best describes this type of system?

  • A. A biometric system that bases authentication decisions on behavioral attributes.
  • B. A biometric system that bases authentication decisions on physical attributes.
  • C. An authentication system that creates one-time passwords that are encrypted with secret keys.
  • D. An authentication system that uses passphrases that are converted into virtual passwords.

Answer: C

Which of the following steps for risk assessment methodology refers to vulnerability identification?

  • A. Determines if any flaws exist in systems, policies, or procedures
  • B. Assigns values to risk probabilities; Impact values.
  • C. Determines risk probability that vulnerability will be exploited (Hig
  • D. Medium, Low)
  • E. Identifies sources of harm to an IT syste
  • F. (Natural, Huma
  • G. Environmental)

Answer: C

A penetration tester is conducting a port scan on a specific host. The tester found several ports opened that were confusing in concluding the Operating System (OS) version installed. Considering that NMAP result below, which of the following is likely to be installed on the target machine by the OS? Starting NMAP 5.21 at 2011-03-15 11:06 NMAP scan report for Host is up (1.00s latency). Not shown: 993 closed ports PORT STATE SERVICE 21/tcp open ftp 23/tcp open telnet 80/tcp open http 139/tcp open netbios-ssn 515/tcp open 631/tcp open ipp 9100/tcp open MAC Address: 00:00:48:0D:EE:8

  • A. The host is likely a Linux machine.
  • B. The host is likely a printer.
  • C. The host is likely a router.
  • D. The host is likely a Windows machine.

Answer: B

A user on your Windows 2000 network has discovered that he can use L0phtcrack to sniff the SMB exchanges which carry user logons. The user is plugged into a hub with 23 other systems.
However, he is unable to capture any logons though he knows that other users are logging in. What do you think is the most likely reason behind this?

  • A. There is a NIDS present on that segment.
  • B. Kerberos is preventing it.
  • C. Windows logons cannot be sniffed.
  • D. L0phtcrack only sniffs logons to web servers.

Answer: B

These hackers have limited or no training and know how to use only basic techniques or tools. What kind of hackers are we talking about?

  • A. Black-Hat Hackers A
  • B. Script Kiddies
  • C. White-Hat Hackers
  • D. Gray-Hat Hacker

Answer: C

A technician is resolving an issue where a computer is unable to connect to the Internet using a wireless access point. The computer is able to transfer files locally to other machines, but cannot successfully reach the Internet. When the technician examines the IP address and default gateway they are both on the Which of the following has occurred?

  • A. The computer is not using a private IP address.
  • B. The gateway is not routing to a public IP address.
  • C. The gateway and the computer are not on the same network.
  • D. The computer is using an invalid IP address.

Answer: B

Bob is going to perform an active session hijack against Brownies Inc. He has found a target that allows session oriented connections (Telnet) and performs the sequence prediction on the target operating system. He manages to find an active session due to the high level of traffic on the network. What is Bob supposed to do next?

  • A. Take over the session
  • B. Reverse sequence prediction
  • C. Guess the sequence numbers
  • D. Take one of the parties offline

Answer: C

A network administrator discovers several unknown files in the root directory of his Linux FTP server. One of the files is a tarball, two are shell script files, and the third is a binary file is named "nc." The FTP server's access logs show that the anonymous user account logged in to the server, uploaded the files, and extracted the contents of the tarball and ran the script using a function provided by the FTP server's software. The “ps” command shows that the “nc” file is running as process, and the netstat command shows the “nc” process is listening on a network port.
What kind of vulnerability must be present to make this remote attack possible?

  • A. File system permissions
  • B. Privilege escalation
  • C. Directory traversal
  • D. Brute force login

Answer: A

What is the following command used for? net use \targetipc$ "" /u:""

  • A. Grabbing the etc/passwd file
  • B. Grabbing the SAM
  • C. Connecting to a Linux computer through Samba.
  • D. This command is used to connect as a null session
  • E. Enumeration of Cisco routers

Answer: D

A company's policy requires employees to perform file transfers using protocols which encrypt traffic. You suspect some employees are still performing file transfers using unencrypted protocols because the employees do not like changes. You have positioned a network sniffer to capture traffic from the laptops used by employees in the data ingest department. Using Wire shark to examine the captured traffic, which command can be used as a display filter to find unencrypted file transfers?

  • A. tcp.port != 21
  • B. tcp.port = 23
  • C. tcp.port ==21
  • D. tcp.port ==21 || tcp.port ==22

Answer: D

is a set of extensions to DNS that provide the origin authentication of DNS data to DNS clients (resolvers) so as to reduce the threat of DNS poisoning, spoofing, and similar types of attacks.

  • B. Resource records
  • C. Resource transfer
  • D. Zone transfer

Answer: A

Which command can be used to show the current TCP/IP connections?

  • A. Netsh
  • B. Netstat
  • C. Net use connection
  • D. Net use

Answer: A

During a recent security assessment, you discover the organization has one Domain Name Server (DNS) in a Demilitarized Zone (DMZ) and a second DNS server on the internal network.
What is this type of DNS configuration commonly called?

  • A. DynDNS
  • B. DNS Scheme
  • D. Split DNS

Answer: D

Bob, a network administrator at BigUniversity, realized that some students are connecting their notebooks in the wired network to have Internet access. In the university campus, there are many Ethernet ports available for professors and authorized visitors but not for students.
He identified this when the IDS alerted for malware activities in the network. What should Bob do to avoid this problem?

  • A. Disable unused ports in the switches
  • B. Separate students in a different VLAN
  • C. Use the 802.1x protocol
  • D. Ask students to use the wireless network

Answer: C

What is the proper response for a NULL scan if the port is open?

  • A. SYN
  • B. ACK
  • C. FIN
  • D. PSH
  • E. RST
  • F. No response

Answer: F

Which of the following is a command line packet analyzer similar to GUI-based Wireshark?

  • A. nessus
  • B. tcpdump
  • C. ethereal
  • D. jack the ripper

Answer: B

What is the role of test automation in security testing?

  • A. It is an option but it tends to be very expensive.
  • B. It should be used exclusivel
  • C. Manual testing is outdated because of low speed and possible test setup inconsistencies.
  • D. Test automation is not usable in security due to the complexity of the tests.
  • E. It can accelerate benchmark tests and repeat them with a consistent test setu
  • F. But it cannot replace manual testing completely.

Answer: D


P.S. Surepassexam now are offering 100% pass ensure 312-50v11 dumps! All 312-50v11 exam questions have been updated with correct answers: https://www.surepassexam.com/312-50v11-exam-dumps.html (254 New Questions)