It is impossible to pass EC-Council 312-50v11 exam without any help in the short term. Come to Pass4sure soon and find the most advanced, correct and guaranteed EC-Council 312-50v11 practice questions. You will get a surprising result by our Improved Certified Ethical Hacker Exam (CEH v11) practice guides.

Free 312-50v11 Demo Online For EC-Council Certifitcation:

A company's policy requires employees to perform file transfers using protocols which encrypt traffic. You suspect some employees are still performing file transfers using unencrypted protocols because the employees do not like changes. You have positioned a network sniffer to capture traffic from the laptops used by employees in the data ingest department. Using Wire shark to examine the captured traffic, which command can be used as a display filter to find unencrypted file transfers?

  • A. tcp.port != 21
  • B. tcp.port = 23
  • C. tcp.port ==21
  • D. tcp.port ==21 || tcp.port ==22

Answer: D

What port number is used by LDAP protocol?

  • A. 110
  • B. 389
  • C. 464
  • D. 445

Answer: B

Eric has discovered a fantastic package of tools named Dsniff on the Internet. He has learnt to use these tools in his lab and is now ready for real world exploitation. He was able to effectively intercept communications between the two entities and establish credentials with both sides of the connections. The two remote ends of the communication never notice that Eric is relaying the information between the two. What would you call this attack?

  • A. Interceptor
  • B. Man-in-the-middle
  • C. ARP Proxy
  • D. Poisoning Attack

Answer: B

CompanyXYZ has asked you to assess the security of their perimeter email gateway. From your office in New York, you craft a specially formatted email message and send it across the Internet to an employee of CompanyXYZ. The employee of CompanyXYZ is aware of your test. Your email message looks like this:
To: Subject: Test message Date: 4/3/2017 14:37
The employee of CompanyXYZ receives your email message.
This proves that CompanyXYZ’s email gateway doesn’t prevent what?

  • A. Email Masquerading
  • B. Email Harvesting
  • C. Email Phishing
  • D. Email Spoofing

Answer: D

Vlady works in a fishing company where the majority of the employees have very little understanding of IT let alone IT Security. Several information security issues that Vlady often found includes, employees sharing password, writing his/her password on a post it note and stick it to his/her desk, leaving the computer unlocked, didn’t log out from emails or other social media accounts, and etc.
After discussing with his boss, Vlady decided to make some changes to improve the security environment in his company. The first thing that Vlady wanted to do is to make the employees understand the importance of keeping confidential information, such as password, a secret and they should not share it with other persons.
Which of the following steps should be the first thing that Vlady should do to make the employees in his company understand to importance of keeping confidential information a secret?

  • A. Warning to those who write password on a post it note and put it on his/her desk
  • B. Developing a strict information security policy
  • C. Information security awareness training
  • D. Conducting a one to one discussion with the other employees about the importance of information security

Answer: A

John the Ripper is a technical assessment tool used to test the weakness of which of the following?

  • A. Passwords
  • B. File permissions
  • C. Firewall rulesets
  • D. Usernames

Answer: A

Although FTP traffic is not encrypted by default, which layer 3 protocol would allow for end-to-end encryption of the connection?

  • A. SFTP
  • B. Ipsec
  • C. SSL
  • D. FTPS

Answer: B

Which of the following represents the initial two commands that an IRC client sends to join an IRC network?


Answer: A

What is the proper response for a NULL scan if the port is closed?

  • A. SYN
  • B. ACK
  • C. FIN
  • D. PSH
  • E. RST
  • F. No response

Answer: E

Bob, a network administrator at BigUniversity, realized that some students are connecting their notebooks in the wired network to have Internet access. In the university campus, there are many Ethernet ports available for professors and authorized visitors but not for students.
He identified this when the IDS alerted for malware activities in the network. What should Bob do to avoid this problem?

  • A. Disable unused ports in the switches
  • B. Separate students in a different VLAN
  • C. Use the 802.1x protocol
  • D. Ask students to use the wireless network

Answer: C

Gavin owns a white-hat firm and is performing a website security audit for one of his clients. He begins by running a scan which looks for common misconfigurations and outdated software versions. Which of the following tools is he most likely using?

  • A. Nikto
  • B. Nmap
  • C. Metasploit
  • D. Armitage

Answer: B

Which of the following programming languages is most susceptible to buffer overflow attacks, due to its lack of a built-in bounds checking mechanism?
#include <string.h> int main(){char buffer[8];
strcpy(buffer, ““11111111111111111111111111111””);} Output: Segmentation fault

  • A. C#
  • B. Python
  • C. Java
  • D. C++

Answer: D

Bob, a system administrator at TPNQM SA, concluded one day that a DMZ is not needed if he properly configures the firewall to allow access just to servers/ports, which can have direct internet access, and block the access to workstations.
Bob also concluded that DMZ makes sense just when a stateful firewall is available, which is not the case of TPNQM SA.
In this context, what can you say?

  • A. Bob can be right since DMZ does not make sense when combined with stateless firewalls
  • B. Bob is partially righ
  • C. He does not need to separate networks if he can create rules by destination IPs, one by one
  • D. Bob is totally wron
  • E. DMZ is always relevant when the company has internet servers and workstations
  • F. Bob is partially righ
  • G. DMZ does not make sense when a stateless firewall is available

Answer: C

Which of the following programs is usually targeted at Microsoft Office products?

  • A. Polymorphic virus
  • B. Multipart virus
  • C. Macro virus
  • D. Stealth virus

Answer: C

You have the SOA presented below in your Zone.
Your secondary servers have not been able to contact your primary server to synchronize information. How long will the secondary servers attempt to contact the primary server before it considers that zone is dead and stops responding to queries?, (200302028 3600 3600 604800 3600)

  • A. One day
  • B. One hour
  • C. One week
  • D. One month

Answer: C

To reach a bank web site, the traffic from workstations must pass through a firewall. You have been asked to review the firewall configuration to ensure that workstations in network can only reach the bank web site using https. Which of the following firewall rules meets this requirement?

  • A. If (source matches and destination matches and port matches 443) then permit
  • B. If (source matches and destination matches and port matches 80 or 443) then permit
  • C. If (source matches and destination matches and port matches 443) then permit
  • D. If (source matches and destination matches and port matches 443) then permit

Answer: A

The change of a hard drive failure is once every three years. The cost to buy a new hard drive is $300. It will require 10 hours to restore the OS and software to the new hard disk. It will require a further 4 hours to restore the database from the last backup to the new hard disk. The recovery person earns $10/hour. Calculate the SLE, ARO, and ALE. Assume the EF = 1(100%). What is the closest approximate cost of this replacement and recovery operation per year?

  • A. $1320
  • B. $440
  • C. $100
  • D. $146

Answer: D

You are tasked to perform a penetration test. While you are performing information gathering, you find an employee list in Google. You find the receptionist’s email, and you send her an email changing the source email to her boss’s email (boss@company). In this email, you ask for a pdf with information. She reads your email and sends back a pdf with links. You exchange the pdf links with your malicious links (these links contain malware) and send back the modified pdf, saying that the links don’t work. She reads your email, opens the links, and her machine gets infected. You now have access to the company network. What testing method did you use?

  • A. Social engineering
  • B. Piggybacking
  • C. Tailgating
  • D. Eavesdropping

Answer: A

Which method of password cracking takes the most time and effort?

  • A. Dictionary attack
  • B. Shoulder surfing
  • C. Rainbow tables
  • D. Brute force

Answer: D

You just set up a security system in your network. In what kind of system would you find the following string of characters used as a rule within its configuration? alert tcp any any -> 21 (msg: ““FTP on the network!””;)

  • A. A firewall IPTable
  • B. FTP Server rule
  • C. A Router IPTable
  • D. An Intrusion Detection System

Answer: D


100% Valid and Newest Version 312-50v11 Questions & Answers shared by Certleader, Get Full Dumps HERE: (New 254 Q&As)