The Most Up-to-date Guide To 312-50v11 Test Questions

we provide Precise EC-Council 312-50v11 free practice questions which are the best for clearing 312-50v11 test, and to get certified by EC-Council Certified Ethical Hacker Exam (CEH v11). The 312-50v11 Questions & Answers covers all the knowledge points of the real 312-50v11 exam. Crack your EC-Council 312-50v11 Exam with latest dumps, guaranteed!

Online 312-50v11 free questions and answers of New Version:

NEW QUESTION 1
Under what conditions does a secondary name server request a zone transfer from a primary name server?

  • A. When a primary SOA is higher that a secondary SOA
  • B. When a secondary SOA is higher that a primary SOA
  • C. When a primary name server has had its service restarted
  • D. When a secondary name server has had its service restarted
  • E. When the TTL falls to zero

Answer: A

NEW QUESTION 2
What is the BEST alternative if you discover that a rootkit has been installed on one of your computers?

  • A. Copy the system files from a known good system
  • B. Perform a trap and trace
  • C. Delete the files and try to determine the source
  • D. Reload from a previous backup
  • E. Reload from known good media

Answer: E

NEW QUESTION 3
What is the purpose of a demilitarized zone on a network?

  • A. To scan all traffic coming through the DMZ to the internal network
  • B. To only provide direct access to the nodes within the DMZ and protect the network behind it
  • C. To provide a place to put the honeypot
  • D. To contain the network devices you wish to protect

Answer: B

NEW QUESTION 4
Within the context of Computer Security, which of the following statements describes Social Engineering best?

  • A. Social Engineering is the act of publicly disclosing information
  • B. Social Engineering is the means put in place by human resource to perform time accounting
  • C. Social Engineering is the act of getting needed information from a person rather than breaking into a system
  • D. Social Engineering is a training program within sociology studies

Answer: C

NEW QUESTION 5
What is one of the advantages of using both symmetric and asymmetric cryptography in SSL/TLS?

  • A. Symmetric algorithms such as AES provide a failsafe when asymmetric methods fail.
  • B. Asymmetric cryptography is computationally expensive in compariso
  • C. However, it is well-suited to securely negotiate keys for use with symmetric cryptography.
  • D. Symmetric encryption allows the server to securely transmit the session keys out-of-band.
  • E. Supporting both types of algorithms allows less-powerful devices such as mobile phones to use symmetric encryption instead.

Answer: D

NEW QUESTION 6
A large mobile telephony and data network operator has a data center that houses network elements. These are essentially large computers running on Linux. The perimeter of the data center is secured with firewalls and IPS systems.
What is the best security policy concerning this setup?

  • A. Network elements must be hardened with user ids and strong password
  • B. Regular security tests and audits should be performed.
  • C. As long as the physical access to the network elements is restricted, there is no need for additional measures.
  • D. There is no need for specific security measures on the network elements as long as firewalls and IPS systems exist.
  • E. The operator knows that attacks and down time are inevitable and should have a backup site.

Answer: A

NEW QUESTION 7
Which of the following LM hashes represent a password of less than 8 characters? (Choose two.)

  • A. BA810DBA98995F1817306D272A9441BB
  • B. 44EFCE164AB921CQAAD3B435B51404EE
  • C. 0182BD0BD4444BF836077A718CCDF409
  • D. CEC52EB9C8E3455DC2265B23734E0DAC
  • E. B757BF5C0D87772FAAD3B435B51404EE
  • F. E52CAC67419A9A224A3B108F3FA6CB6D

Answer: BE

NEW QUESTION 8
How does a denial-of-service attack work?

  • A. A hacker prevents a legitimate user (or group of users) from accessing a service
  • B. A hacker uses every character, word, or letter he or she can think of to defeat authentication
  • C. A hacker tries to decipher a password by using a system, which subsequently crashes the network
  • D. A hacker attempts to imitate a legitimate user by confusing a computer or even another person

Answer: A

NEW QUESTION 9
John the Ripper is a technical assessment tool used to test the weakness of which of the following?

  • A. Passwords
  • B. File permissions
  • C. Firewall rulesets
  • D. Usernames

Answer: A

NEW QUESTION 10
Todd has been asked by the security officer to purchase a counter-based authentication system. Which of the following best describes this type of system?

  • A. A biometric system that bases authentication decisions on behavioral attributes.
  • B. A biometric system that bases authentication decisions on physical attributes.
  • C. An authentication system that creates one-time passwords that are encrypted with secret keys.
  • D. An authentication system that uses passphrases that are converted into virtual passwords.

Answer: C

NEW QUESTION 11
An attacker, using a rogue wireless AP, performed an MITM attack and injected an HTML code to embed a malicious applet in all HTTP connections.
When users accessed any page, the applet ran and exploited many machines. Which one of the following tools the hacker probably used to inject HTML code?

  • A. Wireshark
  • B. Ettercap
  • C. Aircrack-ng
  • D. Tcpdump

Answer: B

NEW QUESTION 12
Which of the following is the structure designed to verify and authenticate the identity of individuals within the enterprise taking part in a data exchange?

  • A. SOA
  • B. biometrics
  • C. single sign on
  • D. PKI

Answer: D

NEW QUESTION 13
Study the snort rule given below:
312-50v11 dumps exhibit
From the options below, choose the exploit against which this rule applies.

  • A. WebDav
  • B. SQL Slammer
  • C. MS Blaster
  • D. MyDoom

Answer: C

NEW QUESTION 14
An Intrusion Detection System (IDS) has alerted the network administrator to a possibly malicious sequence of packets sent to a Web server in the network’s external DMZ. The packet traffic was captured by the IDS and saved to a PCAP file. What type of network tool can be used to determine if these packets are genuinely malicious or simply a false positive?

  • A. Protocol analyzer
  • B. Network sniffer
  • C. Intrusion Prevention System (IPS)
  • D. Vulnerability scanner

Answer: A

NEW QUESTION 15
Eric has discovered a fantastic package of tools named Dsniff on the Internet. He has learnt to use these tools in his lab and is now ready for real world exploitation. He was able to effectively intercept communications between the two entities and establish credentials with both sides of the connections. The two remote ends of the communication never notice that Eric is relaying the information between the two. What would you call this attack?

  • A. Interceptor
  • B. Man-in-the-middle
  • C. ARP Proxy
  • D. Poisoning Attack

Answer: B

NEW QUESTION 16
You have the SOA presented below in your Zone.
Your secondary servers have not been able to contact your primary server to synchronize information. How long will the secondary servers attempt to contact the primary server before it considers that zone is dead and stops responding to queries?
collegae.edu.SOA, cikkye.edu ipad.college.edu. (200302028 3600 3600 604800 3600)

  • A. One day
  • B. One hour
  • C. One week
  • D. One month

Answer: C

NEW QUESTION 17
Which of the following tools is used to analyze the files produced by several packet-capture programs such as tcpdump, WinDump, Wireshark, and EtherPeek?

  • A. tcptrace
  • B. Nessus
  • C. OpenVAS
  • D. tcptraceroute

Answer: A

NEW QUESTION 18
Which of the following program infects the system boot sector and the executable files at the same time?

  • A. Polymorphic virus
  • B. Stealth virus
  • C. Multipartite Virus
  • D. Macro virus

Answer: C

NEW QUESTION 19
Which address translation scheme would allow a single public IP address to always correspond to a single machine on an internal network, allowing "server publishing"?

  • A. Overloading Port Address Translation
  • B. Dynamic Port Address Translation
  • C. Dynamic Network Address Translation
  • D. Static Network Address Translation

Answer: D

NEW QUESTION 20
Bob, a system administrator at TPNQM SA, concluded one day that a DMZ is not needed if he properly configures the firewall to allow access just to servers/ports, which can have direct internet access, and block the access to workstations.
Bob also concluded that DMZ makes sense just when a stateful firewall is available, which is not the case of TPNQM SA.
In this context, what can you say?

  • A. Bob can be right since DMZ does not make sense when combined with stateless firewalls
  • B. Bob is partially righ
  • C. He does not need to separate networks if he can create rules by destination IPs, one by one
  • D. Bob is totally wron
  • E. DMZ is always relevant when the company has internet servers and workstations
  • F. Bob is partially righ
  • G. DMZ does not make sense when a stateless firewall is available

Answer: C

NEW QUESTION 21
What is the minimum number of network connections in a multi homed firewall?

  • A. 3
  • B. 5
  • C. 4
  • D. 2

Answer: A

NEW QUESTION 22
You are working as a Security Analyst in a company XYZ that owns the whole subnet range of 23.0.0.0/8 and 192.168.0.0/8.
While monitoring the data, you find a high number of outbound connections. You see that IP’s owned by XYZ (Internal) and private IP’s are communicating to a Single Public IP. Therefore, the Internal IP’s are sending data to the Public IP.
After further analysis, you find out that this Public IP is a blacklisted IP, and the internal communicating devices are compromised.
What kind of attack does the above scenario depict?

  • A. Botnet Attack
  • B. Spear Phishing Attack
  • C. Advanced Persistent Threats
  • D. Rootkit Attack

Answer: A

NEW QUESTION 23
Bob is going to perform an active session hijack against Brownies Inc. He has found a target that allows session oriented connections (Telnet) and performs the sequence prediction on the target operating system. He manages to find an active session due to the high level of traffic on the network. What is Bob supposed to do next?

  • A. Take over the session
  • B. Reverse sequence prediction
  • C. Guess the sequence numbers
  • D. Take one of the parties offline

Answer: C

NEW QUESTION 24
You are trying to break into a highly classified top-secret mainframe computer with highest security system in place at Merclyn Barley Bank located in Los Angeles.
You know that conventional hacking doesn't work in this case, because organizations such as banks are generally tight and secure when it comes to protecting their systems.
In other words, you are trying to penetrate an otherwise impenetrable system. How would you proceed?

  • A. Look for "zero-day" exploits at various underground hacker websites in Russia and China and buy the necessary exploits from these hackers and target the bank's network
  • B. Try to hang around the local pubs or restaurants near the bank, get talking to a poorly-paid or disgruntled employee, and offer them money if they'll abuse their access privileges by providing you with sensitive information
  • C. Launch DDOS attacks against Merclyn Barley Bank's routers and firewall systems using 100, 000 or more "zombies" and "bots"
  • D. Try to conduct Man-in-the-Middle (MiTM) attack and divert the network traffic going to the Merclyn Barley Bank's Webserver to that of your machine using DNS Cache Poisoning techniques

Answer: B

NEW QUESTION 25
......

P.S. Easily pass 312-50v11 Exam with 254 Q&As Dumps-hub.com Dumps & pdf Version, Welcome to Download the Newest Dumps-hub.com 312-50v11 Dumps: https://www.dumps-hub.com/312-50v11-dumps.html (254 New Questions)