Download of 312-50v10 real exam materials and vce for EC-Council certification for IT engineers, Real Success Guaranteed with Updated 312-50v10 pdf dumps vce Materials. 100% PASS Certified Ethical Hacker v10 exam Today!

P.S. Download 312-50v10 vce are available on Google Drive, GET MORE: https://drive.google.com/open?id=1Eru4mEcUV0ULWTU_25JjeXA4U_MAK122


New EC-Council 312-50v10 Exam Dumps Collection (Question 1 - Question 10)

Question No: 1

What is attempting an injection attack on a web server based on responses to True/False questions called?

A. DMS-specific SQLi

B. Compound SQLi

C. Blind SQLi

D. Classic SQLi

Answer: C



Question No: 2

In cryptanalysis and computer security, 'pass the hash' is a hacking technique that allows an attacker to authenticate to a remote server/service by using the underlying NTLM and/or LanMan hash of a user's password, instead of requiring the associated plaintext password as is normally the case.

Metasploit Framework has a module for this technique: psexec. The psexec module is often used by penetration testers to obtain access to a given system whose credentials are known. It was written by

sysinternals and has been integrated within the framework. The penetration testers successfully gain access to a system through some exploit, use meterpreter to grab the passwords or other methods like fgdump, pwdump, or cachedump and then utilize rainbowtables to crack those hash values.

Which of the following is true hash type and sort order that is used in the psexec module's 'smbpass' option?

A. LM:NT

B. NTLM:LM

C. NT:LM

D. LM:NTLM

Answer: A



Question No: 3

Alice encrypts her data using her public key PK and stores the encrypted data in the cloud. Which of the following attack scenarios will compromise the privacy of her data?

A. None of these scenarios compromise the privacy of Aliceu2021s data

B. Agent Andrew subpoenas Alice, forcing her to reveal her private key. However, the cloud server successfully resists Andrewu2021s attempt to access the stored data

C. Hacker Harry breaks into the cloud server and steals the encrypted data

D. Alice also stores her private key in the cloud, and Harry breaks into the cloud server as before

Answer: D



Question No: 4

PGP, SSL, and IKE are all examples of which type of cryptography?

A. Hash Algorithm

B. Digest

C. Secret Key

D. Public Key

Answer: D



Question No: 5

Bob, a system administrator at TPNQM SA, concluded one day that a DMZ is not needed if he properly configures the firewall to allow access just to servers/ports, which can have direct internet access, and block the access to workstations.

Bob also concluded that DMZ makes sense just when a stateful firewall is available, which is not the case of TPNQM SA.

In this context, what can you say?

A. Bob can be right since DMZ does not make sense when combined with stateless firewalls

B. Bob is partially right. He does not need to separate networks if he can create rules by destination IPs, one by one

C. Bob is totally wrong. DMZ is always relevant when the company has internet servers and workstations

D. Bob is partially right. DMZ does not make sense when a stateless firewall is available

Answer: C



Question No: 6

Which of the following will perform an Xmas scan using NMAP?

A. nmap -sA 192.168.1.254

B. nmap -sP 192.168.1.254

C. nmap -sX 192.168.1.254

D. nmap -sV 192.168.1.254

Answer: C



Question No: 7

What is the purpose of a demilitarized zone on a network?

A. To scan all traffic coming through the DMZ to the internal network

B. To only provide direct access to the nodes within the DMZ and protect the network behind it

C. To provide a place to put the honeypot

D. To contain the network devices you wish to protect

Answer: B



Question No: 8

Assume a business-crucial web-site of some company that is used to sell handsets to the customers worldwide. All the developed components are reviewed by the security team on a monthly basis. In order to drive business further, the web-site developers decided to add some 3rd party marketing tools on it. The tools are written in JavaScript and can track the customeru2021s activity on the site. These tools are located on the servers of the marketing company.

What is the main security risk associated with this scenario?

A. External script contents could be maliciously modified without the security team knowledge

B. External scripts have direct access to the company servers and can steal the data from there

C. There is no risk at all as the marketing services are trustworthy

D. External scripts increase the outbound company data traffic which leads greater financial losses

Answer: A



Question No: 9

You are the Network Admin, and you get a compliant that some of the websites are no longer accessible. You try to ping the servers and find them to be reachable. Then you type the IP address and then you try on the browser, and find it to be accessible. But they are not accessible when you try using the URL.

What may be the problem?

A. Traffic is Blocked on UDP Port 53

B. Traffic is Blocked on UDP Port 80

C. Traffic is Blocked on UDP Port 54

D. Traffic is Blocked on UDP Port 80

Answer: A



Question No: 10

You need a tool that can do network intrusion prevention and intrusion detection, function as a network sniffer, and record network activity. What tool would you most likely select?

A. Snort

B. Nmap

C. Cain & Abel

D. Nessus

Answer: A



100% Abreast of the times EC-Council 312-50v10 Questions & Answers shared by Allfreedumps, Get HERE: https://www.allfreedumps.com/312-50v10-dumps.html (New Q&As)