• Home
  • Articles
  • [Aug-2021] 312-50v10 Dumps Full Questions - Certified Ethical Hacker Exam Study Guide [Q280-Q297]

[Aug-2021] 312-50v10 Dumps Full Questions - Certified Ethical Hacker Exam Study Guide [Q280-Q297]

Share

[Aug-2021] 312-50v10 Dumps Full Questions - Certified Ethical Hacker Exam Study Guide

Exam Questions and Answers for  312-50v10 Study Guide

NEW QUESTION 280
Peter extracts the SIDs list from Windows 2000 Server machine using the hacking tool "SIDExtractor". Here is the output of the SIDs:

From the above list identify the user account with System Administrator privileges.

  • A. Sheela
  • B. John
  • C. Chang
  • D. Micah
  • E. Rebecca
  • F. Somia
  • G. Shawn

Answer: C

 

NEW QUESTION 281
Which of the following provides a security professional with most information about the system's security posture?

  • A. Social engineering, company site browsing, tailgating
  • B. Wardriving, warchalking, social engineering
  • C. Phishing, spamming, sending trojans
  • D. Port scanning, banner grabbing, service identification

Answer: D

 

NEW QUESTION 282
Jimmy is standing outside a secure entrance to a facility. He is pretending to have a tense conversation on his cell phone as an authorized employee badges in. Jimmy, while still on the phone, grabs the door as it begins to close.
What just happened?

  • A. Masquerading
  • B. Whaling
  • C. Tailgating
  • D. Phishing

Answer: C

 

NEW QUESTION 283
The security administrator of ABC needs to permit Internet traffic in the host 10.0.0.2 and UDP traffic in the host 10.0.0.3. He also needs to permit all FTP traffic to the rest of the network and deny all other traffic. After he applied his ACL configuration in the router, nobody can access to the ftp, and the permitted hosts cannot access the Internet. According to the next configuration, what is happening in the network?

  • A. The first ACL is denying all TCP traffic and the other ACLs are being ignored by the router
  • B. The ACL 110 needs to be changed to port 80
  • C. The ACL 104 needs to be first because is UDP
  • D. The ACL for FTP must be before the ACL 110

Answer: A

 

NEW QUESTION 284
An attacker changes the profile information of a particular user (victim) on the target website. The attacker
uses this string to update the victim's profile to a text file and then submit the data to the attacker's
database.
<iframe src=""http://www.vulnweb.com/updateif.php"" style=""display:none""></iframe>
What is this type of attack (that can use either HTTP GET or HTTP POST) called?

  • A. Cross-Site Scripting
  • B. SQL Injection
  • C. Cross-Site Request Forgery
  • D. Browser Hacking

Answer: C

 

NEW QUESTION 285
Which of the following levels of algorithms does Public Key Infrastructure (PKI) use?

  • A. RSA 1024 bit strength
  • B. RSA 512 bit strength
  • C. AES 512 bit strength
  • D. AES 1024 bit strength

Answer: A

 

NEW QUESTION 286
Which tool allows analysts and pen testers to examine links between data using graphs and link analysis?

  • A. Metasploit
  • B. Maltego
  • C. Wireshark
  • D. Cain & Abel

Answer: B

Explanation:
Maltego is proprietary software used for open-source intelligence and forensics, developed by Paterva. Maltego focuses on providing a library of transforms for discovery of data from open sources, and visualizing that information in a graph format, suitable for link analysis and data mining.
References: https://en.wikipedia.org/wiki/Maltego

 

NEW QUESTION 287
Which mode of IPSec should you use to assure security and confidentiality of data within the same LAN?

  • A. AH permiscuous
  • B. ESP transport mode
  • C. ESP confidential
  • D. AH Tunnel mode

Answer: B

 

NEW QUESTION 288
A hacker has successfully infected an internet-facing server which he will then use to send junk mail, take part in coordinated attacks, or host junk email content.
Which sort of trojan infects this server?

  • A. Ransomware Trojans
  • B. Banking Trojans
  • C. Botnet Trojan
  • D. Turtle Trojans

Answer: C

Explanation:
Explanation
In computer science, a zombie is a computer connected to the Internet that has been compromised by a hacker, computer virus or trojan horse and can be used to perform malicious tasks of one sort or another under remote direction. Botnets of zombie computers are often used to spread e-mail spam and launch denial-of-service attacks. Most owners of zombie computers are unaware that their system is being used in this way. Because the owner tends to be unaware, these computers are metaphorically compared to zombies. A coordinated DDoS attack by multiple botnet machines also resembles a zombie horde attack.

 

NEW QUESTION 289
Bob, a network administrator at BigUniversity, realized that some students are connecting their notebooks
in the wired network to have Internet access. In the university campus, there are many Ethernet ports
available for professors and authorized visitors but not for students.
He identified this when the IDS alerted for malware activities in the network.
What should Bob do to avoid this problem?

  • A. Separate students in a different VLAN
  • B. Ask students to use the wireless network
  • C. Disable unused ports in the switches
  • D. Use the 802.1x protocol

Answer: D

 

NEW QUESTION 290
During a recent security assessment, you discover the organization has one Domain Name Server (DNS) in a Demilitarized Zone (DMZ) and a second DNS server on the internal network.
What is this type of DNS configuration commonly called?

  • A. DynDNS
  • B. DNSSEC
  • C. Split DNS
  • D. DNS Scheme

Answer: C

Explanation:
Explanation
In a split DNS infrastructure, you create two zones for the same domain, one to be used by the internal network, the other used by the external network. Split DNS directs internal hosts to an internal domain name server for name resolution and external hosts are directed to an external domain name server for name resolution.
References:
http://www.webopedia.com/TERM/S/split_DNS.html

 

NEW QUESTION 291
A hacker has managed to gain access to a Linux host and stolen the password file from
/etc/passwd. How can he use it?

  • A. He can open it and read the user ids and corresponding passwords.
  • B. The file reveals the passwords to the root user only.
  • C. He cannot read it because it is encrypted.
  • D. The password file does not contain the passwords themselves.

Answer: D

 

NEW QUESTION 292
An attacker changes the profile information of a particular user (victim) on the target website. The attacker uses this string to update the victim's profile to a text file and then submit the data to the attacker's database.
<iframe src=""http://www.vulnweb.com/updateif.php"" style=""display:none""></iframe> What is this type of attack (that can use either HTTP GET or HTTP POST) called?

  • A. Cross-Site Scripting
  • B. SQL Injection
  • C. Cross-Site Request Forgery
  • D. Browser Hacking

Answer: C

 

NEW QUESTION 293
This phase will increase the odds of success in later phases of the penetration test. It is also the very first step in Information Gathering and it will tell you the "landscape" looks like. What is the most important phase of ethical hacking in which you need to spend a considerable amount of time?

  • A. footprinting
  • B. network mapping
  • C. gaining access
  • D. escalating privileges

Answer: A

 

NEW QUESTION 294
Which of the following tools are used for enumeration? (Choose three.)

  • A. SID2USER
  • B. DumpSec
  • C. Cheops
  • D. SolarWinds
  • E. USER2SID

Answer: A,B,E

 

NEW QUESTION 295
(Note: the student is being tested on concepts learnt during passive OS fingerprinting, basic TCP/IP connection concepts and the ability to read packet signatures from a sniff dump.). Snort has been used to capture packets on the network. On studying the packets, the penetration tester finds it to be abnormal. If you were the penetration tester, why would you find this abnormal?
What is odd about this attack? Choose the best answer.

  • A. These packets were crafted by a tool, they were not created by a standard IP stack.
  • B. The attacker wants to avoid creating a sub-carries connection that is not normally valid.
  • C. This is not a spoofed packet as the IP stack has increasing numbers for the three flags.
  • D. This is back orifice activity as the scan comes from port 31337.

Answer: D

 

NEW QUESTION 296
Which mode of IPSec should you use to assure security and confidentiality of data within the same LAN?

  • A. AH permiscuous
  • B. ESP transport mode
  • C. ESP confidential
  • D. AH Tunnel mode

Answer: B

Explanation:
When transport mode is used, IPSec encrypts only the IP payload. Transport mode provides the protection of an IP payload through an AH or ESP header. Encapsulating Security Payload (ESP) provides confidentiality (in addition to authentication, integrity, and anti-replay protection) for the IP payload.

 

NEW QUESTION 297
......

Certified Ethical Hacker Exam (CEH v10) Free Update With 100% Exam Passing Guarantee: https://www.dumpstillvalid.com/312-50v10-prep4sure-review.html

Real Exam Questions & Answers - EC-COUNCIL 312-50v10 Dump is Ready: https://drive.google.com/open?id=1ssym7S2DToKLhchXoLz5rSBduEVcU9D7

Related Articles

more
EC-COUNCIL 312-50v10 Certification Practice Exam

All the exam dumps and exam training material of DumpStillValid are valid and reliable. DumpStillValid provides you with the up to date exam dumps and keeps the latest information for you. Dumps are still valid, to make your decision.

Contact Us

Our Working Time: ( GMT 0:00-15:00 )   From Monday to Saturday

Contact now

Copyright © 2026 DumpStillValid NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy