Accurate of 312-50v9 test engine materials and testing software for EC-Council certification for candidates, Real Success Guaranteed with Updated 312-50v9 pdf dumps vce Materials. 100% PASS EC-Council Certified Ethical Hacker v9 exam Today!
Q22. You have compromised a server and successfully gained a root access. You want to pivot and pass traffic undetected over the network and evade any possible Intrusion Detection System.
What is the best approach?
A. Install and use Telnet to encrypt all outgoing traffic from this server.
B. Install Cryptcat and encrypt outgoing packets from this server
C. Use Alternate Data Streams to hide the outgoing packets from this server.
D. Use HTTP so that all traffic can be routed via a browser, thus evading the internal Intrusion Detection Systems.
Answer: A
Q23. The configuration allows a wired or wireless network interface controller to pass all trafice it receives to thecentral processing unit (CPU), rather than passing only the frames that the controller is intended to receive.
Which of the following is being described?
A. WEM
B. Multi-cast mode
C. Promiscuous mode
D. Port forwarding
Answer: B
Q24. While using your bank’s online servicing you notice the following stringin the URL bar: “http://www.MyPersonalBank/Account?
Id=368940911028389&Damount=10980&Camount=21”
You observe that if you modify the Damount & Camount values and submit the request, that data on the web page reflect the changes.
What type of vulnerability is present on this site?
A. SQL injection
B. XSS Reflection
C. Web Parameter Tampering
D. Cookie Tampering
Answer: C
Q25. What term describes the amount of risk that remains after the vulnerabilities are classified and the countermeasures have been deployed?
A. Inherent Risk
B. ResidualRisk
A. C. Deferred Risk
D. Impact Risk
Answer: B
Q26. It is a short-range wireless communication technology intended to replace the cables connecting portables of fixed deviceswhile maintaining high levels of security. It allows mobile phones, computers and other devices to connect and communicate using a short- range wireless connection.
Which of the following terms best matches the definition?
A. Bluetooth
B. Radio-Frequency Identification
C. WLAN
D. InfraRed
Answer: A
Q27. Which of the following isthe greatest threat posed by backups?
A. An un-encrypted backup can be misplaced or stolen
B. A back is incomplete because no verification was performed.
C. A backup is the source of Malware or illicit information.
D. A backup is unavailable duringdisaster recovery.
Answer: A
Q28. You have successfully gained access to your client’s internal network and successfully comprised a linux server which is part of the internal IP network. You want to know which
Microsoft Windows workstation have the sharing enabled.
Which port would you see listeningon these Windows machines in the network?
A. 1443
B. 3389
C. 161
D. 445
Answer: D
Q29. When you return to your desk after a lunch break, you notice a strange email in your inbox. The senders is someone you did business with recently but the subject line has strange characters in it.
What should you do?
A. Forward the message to your company’s security response team and permanently delete the message from your computer.
B. Delete the email and pretend nothing happened.
C. Forward the message to your supervisor andask for her opinion on how to handle the situation.
D. Reply to the sender and ask them for more information about the message contents.
Answer: A
Q30. It is a regulation that has a set if guideline,which should be adhered to by anyone who handles any electronic medical data. These guidelines stipulate that all medical practices must ensure that all necessary measures are in place while saving, accessing, and sharing any electronic medical data to keep patient data secure.
Which of the following regulations best matches the description?
A. HIPAA
B. COBIT
C. ISO/IEC 27002
D. FISMA
Answer: A
Q31. You have successfully gained access to a linux server and would like to ensure that the succeeding outgoing traffic from the server will not be caught by a Network Based Intrusion Detection System (NIDS).
Which is the best way to evade the NIDS?
A. Out of band signaling
B. Encryption
C. Alternate Data Streams
D. Protocol Isolation
Answer: B
Q32. You have successfully comprised a server having an IP address of 10.10.0.5. You would like to enumerate all machines in the same network quickly.
What is the best nmap command you will use?
A. Nmap –T4 –F 10.10.0.0/24
B. Nmap –T4 –q 10.10.0.0/24
C. Nmap –T4 –O 10.10.0.0/24
D. Nmap –T4 –r 10.10.0.0/24
Answer: A
Q33. Which of the following parameters describe LM Hash: I – The maximum password length is 14 characters.
II – There are no distinctions between uppercase and lowercase.
III – It’s a simple algorithm, so 10,000,000 hashes can be generated per second.
A. I
B. I and II
C. II
D. I, II and III
Answer: D
Q34. Which of the following is not a Bluetooth attack?
A. Bluejacking
B. Bluedriving
C. Bluesnarfing
D. Bluesmaking
Answer: B
Q35. It isan entity or event with the potential to adversely impact a system through unauthorized access destruction disclosures denial of service or modification of data.
Which of the following terms best matches this definition?
A. Threat
B. Attack
C. Risk
D. Vulnerability
Answer: A
Q36. You are attempting to man-in-the-middle a session. Which protocol will allow you to guess a sequence number?
A. ICMP
B. TCP
C. UDP
D. UPX
Answer: B
Q37. An incident investigator asks to receive a copy of the event from all firewalls, prosy servers, and Intrusion Detection Systems (IDS) on the network of an organization that has experienced a possible breach of security. When the investigator attempts to correlate the information in all of the logs the sequence of many of the logged events do not match up.
What is the most likely cause?
A. The network devices are not all synchronized
B. The securitybreach was a false positive.
C. The attack altered or erased events from the logs.
D. Proper chain of custody was not observed while collecting the logs.
Answer: C
Q38. An Internet Service Provider (ISP) has a need to authenticate users connecting using analog modems, digital Subscriber Line (DSL), wireless data services, and virtual Private Networks (VPN) over a Frame Relay network.
Which AAA protocol is most likely able to handle this requirement?
A. DIAMETER
B. Kerberos
C. RADIUS
A. D. TACACS+
Answer: D
Q39. Which of the following is a command line packet analyzer similar to GUI-based Wireshark?
A. Jack the ripper
B. nessus
C. tcpdump
D. ethereal
Answer: C
Q40. As a Certified Ethical hacker, you were contracted by aprivate firm to conduct an external security assessment through penetration testing.
What document describes the specified of the testing, the associated violations, and essentially protects both the organization’s interest and your li abilities as a tester?
A. Term of Engagement
B. Non-Disclosure Agreement
C. Project Scope
D. Service Level Agreement
Answer: B
Q41. PGP, SSL, and IKE are all examples of which type of cryptography?
A. Hash Algorithm
B. Secret Key
C. Public Key
D. Digest
Answer:: C
Q42. How does the Address Resolution Protocol (ARP) work?
A. It sends a reply packet for a specific IP, asking for the MAC address.
B. It sends a reply packet to all the network elements, asking for the MAC address from a specific IP.
C. It sends a request packet to all the network elements, asking for the domainname from a specific IP.
D. It sends a request packet to all the network elements, asking for the MAC address from a specific IP.
Answer: D