Examcollection offers free demo for 312-50v11 exam. "Certified Ethical Hacker Exam (CEH v11)", also known as 312-50v11 exam, is a EC-Council Certification. This set of posts, Passing the EC-Council 312-50v11 exam, will help you answer those questions. The 312-50v11 Questions & Answers covers all the knowledge points of the real exam. 100% real EC-Council 312-50v11 exams and revised by experts!

Free 312-50v11 Demo Online For EC-Council Certifitcation:

What type of analysis is performed when an attacker has partial knowledge of inner-workings of the application?

  • A. Black-box
  • B. Announced
  • C. White-box
  • D. Grey-box

Answer: D

Bob, a system administrator at TPNQM SA, concluded one day that a DMZ is not needed if he properly configures the firewall to allow access just to servers/ports, which can have direct internet access, and block the access to workstations.
Bob also concluded that DMZ makes sense just when a stateful firewall is available, which is not the case of TPNQM SA.
In this context, what can you say?

  • A. Bob can be right since DMZ does not make sense when combined with stateless firewalls
  • B. Bob is partially righ
  • C. He does not need to separate networks if he can create rules by destination IPs, one by one
  • D. Bob is totally wron
  • E. DMZ is always relevant when the company has internet servers and workstations
  • F. Bob is partially righ
  • G. DMZ does not make sense when a stateless firewall is available

Answer: C

What is the minimum number of network connections in a multihomed firewall?

  • A. 3
  • B. 5
  • C. 4
  • D. 2

Answer: A

Which of the following Linux commands will resolve a domain name into IP address?

  • A. >host-t a hackeddomain.com
  • B. >host-t ns hackeddomain.com
  • C. >host -t soa hackeddomain.com
  • D. >host -t AXFR hackeddomain.com

Answer: A

What is the main security service a cryptographic hash provides?

  • A. Integrity and ease of computation
  • B. Message authentication and collision resistance
  • C. Integrity and collision resistance
  • D. Integrity and computational in-feasibility

Answer: D

You are programming a buffer overflow exploit and you want to create a NOP sled of 200 bytes in the program exploit.c
312-50v11 dumps exhibit
What is the hexadecimal value of NOP instruction?

  • A. 0x60
  • B. 0x80
  • C. 0x70
  • D. 0x90

Answer: D

What is the known plaintext attack used against DES which gives the result that encrypting plaintext with one DES key followed by encrypting it with a second DES key is no more secure than using a single key?

  • A. Man-in-the-middle attack
  • B. Meet-in-the-middle attack
  • C. Replay attack
  • D. Traffic analysis attack

Answer: B

Peter extracts the SIDs list from Windows 2000 Server machine using the hacking tool "SIDExtractor". Here is the output of the SIDs:
312-50v11 dumps exhibit
From the above list identify the user account with System Administrator privileges.

  • A. John
  • B. Rebecca
  • C. Sheela
  • D. Shawn
  • E. Somia
  • F. Chang
  • G. Micah

Answer: F

Within the context of Computer Security, which of the following statements describes Social Engineering best?

  • A. Social Engineering is the act of publicly disclosing information
  • B. Social Engineering is the means put in place by human resource to perform time accounting
  • C. Social Engineering is the act of getting needed information from a person rather than breaking into a system
  • D. Social Engineering is a training program within sociology studies

Answer: C

A network administrator discovers several unknown files in the root directory of his Linux FTP server. One of the files is a tarball, two are shell script files, and the third is a binary file is named "nc." The FTP server's access logs show that the anonymous user account logged in to the server, uploaded the files, and extracted the contents of the tarball and ran the script using a function provided by the FTP server's software. The “ps” command shows that the “nc” file is running as process, and the netstat command shows the “nc” process is listening on a network port.
What kind of vulnerability must be present to make this remote attack possible?

  • A. File system permissions
  • B. Privilege escalation
  • C. Directory traversal
  • D. Brute force login

Answer: A

How is the public key distributed in an orderly, controlled fashion so that the users can be sure of the sender’s identity?

  • A. Hash value
  • B. Private key
  • C. Digital signature
  • D. Digital certificate

Answer: D

Nathan is testing some of his network devices. Nathan is using Macof to try and flood the ARP cache of these switches.
If these switches' ARP cache is successfully flooded, what will be the result?

  • A. The switches will drop into hub mode if the ARP cache is successfully flooded.
  • B. If the ARP cache is flooded, the switches will drop into pix mode making it less susceptible to attacks.
  • C. Depending on the switch manufacturer, the device will either delete every entry in its ARP cache or reroute packets to the nearest switch.
  • D. The switches will route all traffic to the broadcast address created collisions.

Answer: A

The tools which receive event logs from servers, network equipment, and applications, and perform analysis and correlation on those logs, and can generate alarms for security relevant issues, are known as what?

  • A. network Sniffer
  • B. Vulnerability Scanner
  • C. Intrusion prevention Server
  • D. Security incident and event Monitoring

Answer: D

Your company was hired by a small healthcare provider to perform a technical assessment on the network. What is the best approach for discovering vulnerabilities on a Windows-based computer?

  • A. Use the built-in Windows Update tool
  • B. Use a scan tool like Nessus
  • C. Check MITRE.org for the latest list of CVE findings
  • D. Create a disk image of a clean Windows installation

Answer: B

You have successfully logged on a Linux system. You want to now cover your trade Your login attempt may be logged on several files located in /var/log. Which file does NOT belongs to the list:

  • A. user.log
  • B. auth.fesg
  • C. wtmp
  • D. btmp

Answer: C

This TCP flag instructs the sending system to transmit all buffered data immediately.

  • A. SYN
  • B. RST
  • C. PSH
  • D. URG
  • E. FIN

Answer: C

An Intrusion Detection System (IDS) has alerted the network administrator to a possibly malicious sequence of packets sent to a Web server in the network’s external DMZ. The packet traffic was captured by the IDS and saved to a PCAP file. What type of network tool can be used to determine if these packets are genuinely malicious or simply a false positive?

  • A. Protocol analyzer
  • B. Network sniffer
  • C. Intrusion Prevention System (IPS)
  • D. Vulnerability scanner

Answer: A

Which of the following statements is FALSE with respect to Intrusion Detection Systems?

  • A. Intrusion Detection Systems can be configured to distinguish specific content in network packets
  • B. Intrusion Detection Systems can easily distinguish a malicious payload in an encrypted traffic
  • C. Intrusion Detection Systems require constant update of the signature library
  • D. Intrusion Detection Systems can examine the contents of the data n context of the network protocol

Answer: B

Which of the following tools are used for enumeration? (Choose three.)

  • A. SolarWinds
  • C. Cheops
  • E. DumpSec

Answer: BDE

While performing online banking using a Web browser, a user receives an email that contains a link to an interesting Web site. When the user clicks on the link, another Web browser session starts and displays a video of cats playing a piano. The next business day, the user receives what looks like an email from his bank, indicating that his bank account has been accessed from a foreign country. The email asks the user to call his bank and verify the authorization of a funds transfer that took place. What Web browser-based security vulnerability was exploited to compromise the user?

  • A. Clickjacking
  • B. Cross-Site Scripting
  • C. Cross-Site Request Forgery
  • D. Web form input validation

Answer: C

Jim’s company regularly performs backups of their critical servers. But the company cannot afford to send backup tapes to an off-site vendor for long-term storage and archiving. Instead, Jim’s company keeps the backup tapes in a safe in the office. Jim’s company is audited each year, and the results from this year’s audit show a risk because backup tapes are not stored off-site. The Manager of Information Technology has a plan to take the backup tapes home with him and wants to know what two things he can do to secure the backup tapes while in transit?

  • A. Encrypt the backup tapes and transport them in a lock box.
  • B. Degauss the backup tapes and transport them in a lock box.
  • C. Hash the backup tapes and transport them in a lock box.
  • D. Encrypt the backup tapes and use a courier to transport them.

Answer: A

User A is writing a sensitive email message to user B outside the local network. User A has chosen to use PKI to secure his message and ensure only user B can read the sensitive email. At what layer of the OSI layer does the encryption and decryption of the message take place?

  • A. Application
  • B. Transport
  • C. Session
  • D. Presentation

Answer: D

Peter, a Network Administrator, has come to you looking for advice on a tool that would help him perform SNMP enquires over the network.
Which of these tools would do the SNMP enumeration he is looking for? Select the best answers.

  • A. SNMPUtil
  • B. SNScan
  • C. SNMPScan
  • D. Solarwinds IP Network Browser
  • E. NMap

Answer: ABD


P.S. Downloadfreepdf.net now are offering 100% pass ensure 312-50v11 dumps! All 312-50v11 exam questions have been updated with correct answers: https://www.downloadfreepdf.net/312-50v11-pdf-download.html (254 New Questions)