07 March, 2022

All About 100% Correct 312-50v10 Test

Cause all that matters here is passing the EC-Council 312-50v10 exam. Cause all that you need is a high score of 312-50v10 Certified Ethical Hacker v10 exam. The only one thing you need to do is downloading Actualtests 312-50v10 exam study guides now. We will not let you down with our money-back guarantee.

EC-Council 312-50v10 Free Dumps Questions Online, Read and Test Now.

Page: 1 / 61

Total 736 questions Full Exam Access

Question 1

- (Exam Topic 1)
Which one of the following Google advanced search operators allows an attacker to restrict the results to those websites in the given domain?

[cache:]

[site:]

[inurl:]

[link:]

Question 2

- (Exam Topic 5)
Rebecca commonly sees an error on her Windows system that states that a Data Execution Prevention (DEP) error has taken place. Which of the following is most likely taking place?

A race condition is being exploited, and the operating system is containing the malicious process.

A page fault is occurring, which forces the operating system to write data from the hard drive.

Malware is executing in either ROM or a cache memory area.

Malicious code is attempting to execute instruction in a non-executable memory region.

Question 3

- (Exam Topic 6)
In IPv6 what is the major difference concerning application layer vulnerabilities compared to IPv4?

Implementing IPv4 security in a dual-stack network offers protection from IPv6 attacks too.

Vulnerabilities in the application layer are independent of the network laye

Attacks and mitigation techniques are almost identical.

Due to the extensive security measures built in IPv6, application layer vulnerabilities need not be addresses.

Vulnerabilities in the application layer are greatly different from IPv4.

Question 4

- (Exam Topic 6)
Which of the following is an NMAP script that could help detect HTTP Methods such as GET, POST, HEAD, PUT, DELETE, TRACE?

http-git

http-headers

http enum

http-methods

Question 5

- (Exam Topic 3)
The intrusion detection system at a software development company suddenly generates multiple alerts regarding attacks against the company's external webserver, VPN concentrator, and DNS servers. What should the security team do to determine which alerts to check first?

Investigate based on the maintenance schedule of the affected systems.

Investigate based on the service level agreements of the systems.

Investigate based on the potential effect of the incident.

Investigate based on the order that the alerts arrived in.

Question 6

- (Exam Topic 3)
Which NMAP feature can a tester implement or adjust while scanning for open ports to avoid detection by the network’s IDS?

Timing options to slow the speed that the port scan is conducted

Fingerprinting to identify which operating systems are running on the network

ICMP ping sweep to determine which hosts on the network are not available

Traceroute to control the path of the packets sent during the scan

Question 7

- (Exam Topic 7)
Take a look at the following attack on a Web Server using obstructed URL:
312-50v10 dumps exhibit

How would you protect from these attacks?

Configure the Web Server to deny requests involving "hex encoded" characters

Create rules in IDS to alert on strange Unicode requests

Use SSL authentication on Web Servers

Enable Active Scripts Detection at the firewall and routers

Question 8

- (Exam Topic 2)
Which of the following conditions must be given to allow a tester to exploit a Cross-Site Request Forgery (CSRF) vulnerable web application?

The victim user must open the malicious link with an Internet Explorer prior to version 8.

The session cookies generated by the application do not have the HttpOnly flag set.

The victim user must open the malicious link with a Firefox prior to version 3.

The web application should not use random tokens.

Question 9

- (Exam Topic 6)
Which of the following is the BEST approach to prevent Cross-site Scripting (XSS) flaws?

Use digital certificates to authenticate a server prior to sending data.

Verify access right before allowing access to protected information and UI controls.

Validate and escape all information sent to a server.

Question 10

- (Exam Topic 2)
A security consultant is trying to bid on a large contract that involves penetration testing and reporting. The company accepting bids wants proof of work so the consultant prints out several audits that have been performed. Which of the following is likely to occur as a result?

The consultant will ask for money on the bid because of great work.

The consultant may expose vulnerabilities of other companies.

The company accepting bids will want the same type of format of testing.

The company accepting bids will hire the consultant because of the great work performed.

Question 11

- (Exam Topic 2)
Which of the following is a hashing algorithm?

MD5

PGP

DES

ROT13

Question 12

- (Exam Topic 7)
Tremp is an IT Security Manager, and he is planning to deploy an IDS in his small company. He is looking for an IDS with the following characteristics: - Verifies success or failure of an attack - Monitors system activities Detects attacks that a network-based IDS fails to detect - Near real-time detection and response - Does not require additional hardware - Lower entry cost Which type of IDS is best suited for Tremp's requirements?

Gateway-based IDS

Network-based IDS

Host-based IDS

Open source-based

Question 13

- (Exam Topic 4)
It is a regulation that has a set of guidelines, which should be adhered to by anyone who handles any electronic medical data. These guidelines stipulate that all medical practices must ensure that all necessary measures are in place while saving, accessing, and sharing any electronic medical data to keep patient data secure.
Which of the following regulations best matches the description?

HIPAA

ISO/IEC 27002

COBIT

FISMA

Question 14

- (Exam Topic 7)
Nathan is testing some of his network devices. Nathan is using Macof to try and flood the ARP cache of these switches.
If these switches' ARP cache is successfully flooded, what will be the result?

The switches will drop into hub mode if the ARP cache is successfully flooded.

If the ARP cache is flooded, the switches will drop into pix mode making it less susceptible to attacks.

Depending on the switch manufacturer, the device will either delete every entry in its ARP cache or reroute packets to the nearest switch.

The switches will route all traffic to the broadcast address created collisions.

Question 15

- (Exam Topic 2)
Which tool can be used to silently copy files from USB devices?

USB Grabber

USB Dumper

USB Sniffer

USB Snoopy

Question 16

- (Exam Topic 1)
What is the minimum number of network connections in a multi homed firewall?

Question 17

- (Exam Topic 1)
Nedved is an IT Security Manager of a bank in his country. One day. he found out that there is a security breach to his company's email server based on analysis of a suspicious connection from the email server to an unknown IP Address.
What is the first thing that Nedved needs to do before contacting the incident response team?

Leave it as it Is and contact the incident response te3m right away

Block the connection to the suspicious IP Address from the firewall

Disconnect the email server from the network

Migrate the connection to the backup email server

Question 18

- (Exam Topic 6)
Knowing the nature of backup tapes, which of the following is the MOST RECOMMENDED way of storing backup tapes?

In a cool dry environment

Inside the data center for faster retrieval in a fireproof safe

In a climate controlled facility offsite

On a different floor in the same building

Question 19

- (Exam Topic 1)
Log monitoring tools performing behavioral analysis have alerted several suspicious logins on a Linux server occurring during non-business hours. After further examination of all login activities, it is noticed that none of the logins have occurred during typical work hours. A Linux administrator who is investigating this problem realizes the system time on the Linux server is wrong by more than twelve hours. What protocol used on Linux servers to synchronize the time has stopped working?

Time Keeper

NTP

PPP

OSPP

Question 20

- (Exam Topic 1)
What is one of the advantages of using both symmetric and asymmetric cryptography in SSL/TLS?

Symmetric algorithms such as AES provide a failsafe when asymmetric methods fail.

Asymmetric cryptography is computationally expensive in compariso

However, it is well-suited to securely negotiate keys for use with symmetric cryptography.

Symmetric encryption allows the server to securely transmit the session keys out-of-band.

Supporting both types of algorithms allows less-powerful devices such as mobile phones to use symmetric encryption instead.

Question 21

- (Exam Topic 6)
Which Type of scan sends a packets with no flags set?

Open Scan

Null Scan

Xmas Scan

Half-Open Scan

Question 22

- (Exam Topic 4)
You have successfully compromised a machine on the network and found a server that is alive on the same network. You tried to ping it but you didn't get any response back.
What is happening?

ICMP could be disabled on the target server.

The ARP is disabled on the target server.

TCP/IP doesn't support ICMP.

You need to run the ping command with root privileges.

Question 23

- (Exam Topic 7)
Study the snort rule given below and interpret the rule. alert tcp any any --> 192.168.1.0/24 111 (content:"|00 01 86 a5|"; msG. "mountd access";)

An alert is generated when a TCP packet is generated from any IP on the 192.168.1.0 subnet and destined to any IP on port 111

An alert is generated when any packet other than a TCP packet is seen on the network and destined for the 192.168.1.0 subnet

An alert is generated when a TCP packet is originated from port 111 of any IP address to the 192.168.1.0 subnet

An alert is generated when a TCP packet originating from any IP address is seen on the network and destined for any IP address on the 192.168.1.0 subnet on port 111

Question 24

- (Exam Topic 7)
Which address translation scheme would allow a single public IP address to always correspond to a single machine on an internal network, allowing "server publishing"?

Overloading Port Address Translation

Dynamic Port Address Translation

Dynamic Network Address Translation

Static Network Address Translation

Question 25

- (Exam Topic 6)
What is the approximate cost of replacement and recovery operation per year of a hard drive that has a value of $300 given that the technician who charges $10/hr would need 10 hours to restore OS and Software and needs further 4 hours to restore the database from the last backup to the new hard disk? Calculate the SLE, ARO, and ALE. Assume the EF = 1 (100%).

$440

$100

$1320

$146

Page: 1 / 61

Total 736 questions Full Exam Access