Top Tips Of Renew 312-50v11 Free Dumps

Master the 312-50v11 Certified Ethical Hacker Exam (CEH v11) content and be ready for exam day success quickly with this Pass4sure 312-50v11 actual test. We guarantee it!We make it a reality and give you real 312-50v11 questions in our EC-Council 312-50v11 braindumps.Latest 100% VALID EC-Council 312-50v11 Exam Questions Dumps at below page. You can use our EC-Council 312-50v11 braindumps and pass your exam.

Free 312-50v11 Demo Online For EC-Council Certifitcation:

is a set of extensions to DNS that provide the origin authentication of DNS data to DNS clients (resolvers) so as to reduce the threat of DNS poisoning, spoofing, and similar types of attacks.

  • B. Resource records
  • C. Resource transfer
  • D. Zone transfer

Answer: A

Your company performs penetration tests and security assessments for small and medium-sized business in the local area. During a routine security assessment, you discover information that suggests your client is involved with human trafficking.
What should you do?

  • A. Confront the client in a respectful manner and ask her about the data.
  • B. Copy the data to removable media and keep it in case you need it.
  • C. Ignore the data and continue the assessment until completed as agreed.
  • D. Immediately stop work and contact the proper legal authorities.

Answer: D

Which of the following is not a Bluetooth attack?

  • A. Bluedriving
  • B. Bluesmacking
  • C. Bluejacking
  • D. Bluesnarfing

Answer: A

What is the minimum number of network connections in a multi homed firewall?

  • A. 3
  • B. 5
  • C. 4
  • D. 2

Answer: A

Although FTP traffic is not encrypted by default, which layer 3 protocol would allow for end-to-end encryption of the connection?

  • A. SFTP
  • B. Ipsec
  • C. SSL
  • D. FTPS

Answer: B

Which definition among those given below best describes a covert channel?

  • A. A server program using a port that is not well known.
  • B. Making use of a protocol in a way it is not intended to be used.
  • C. It is the multiplexing taking place on a communication link.
  • D. It is one of the weak channels used by WEP which makes it insecure

Answer: B

Why should the security analyst disable/remove unnecessary ISAPI filters?

  • A. To defend against social engineering attacks
  • B. To defend against webserver attacks
  • C. To defend against jailbreaking
  • D. To defend against wireless attacks

Answer: B

A user on your Windows 2000 network has discovered that he can use L0phtcrack to sniff the SMB exchanges which carry user logons. The user is plugged into a hub with 23 other systems.
However, he is unable to capture any logons though he knows that other users are logging in. What do you think is the most likely reason behind this?

  • A. There is a NIDS present on that segment.
  • B. Kerberos is preventing it.
  • C. Windows logons cannot be sniffed.
  • D. L0phtcrack only sniffs logons to web servers.

Answer: B

How does a denial-of-service attack work?

  • A. A hacker prevents a legitimate user (or group of users) from accessing a service
  • B. A hacker uses every character, word, or letter he or she can think of to defeat authentication
  • C. A hacker tries to decipher a password by using a system, which subsequently crashes the network
  • D. A hacker attempts to imitate a legitimate user by confusing a computer or even another person

Answer: A

A hacker is an intelligent individual with excellent computer skills and the ability to explore a computer’s software and hardware without the owner’s permission. Their intention can either be to simply gain knowledge or to illegally make changes.
Which of the following class of hacker refers to an individual who works both offensively and defensively at various times?

  • A. White Hat
  • B. Suicide Hacker
  • C. Gray Hat
  • D. Black Hat

Answer: C

You need a tool that can do network intrusion prevention and intrusion detection, function as a network sniffer, and record network activity, what tool would you most likely select?

  • A. Nmap
  • B. Cain & Abel
  • C. Nessus
  • D. Snort

Answer: D

Windows LAN Manager (LM) hashes are known to be weak.
Which of the following are known weaknesses of LM? (Choose three.)

  • A. Converts passwords to uppercase.
  • B. Hashes are sent in clear text over the network.
  • C. Makes use of only 32-bit encryption.
  • D. Effective length is 7 characters.

Answer: ABD

Gavin owns a white-hat firm and is performing a website security audit for one of his clients. He begins by running a scan which looks for common misconfigurations and outdated software versions. Which of the following tools is he most likely using?

  • A. Nikto
  • B. Nmap
  • C. Metasploit
  • D. Armitage

Answer: B

Which service in a PKI will vouch for the identity of an individual or company?

  • A. KDC
  • B. CR
  • C. CBC
  • D. CA

Answer: D

Which of the following statements is FALSE with respect to Intrusion Detection Systems?

  • A. Intrusion Detection Systems can be configured to distinguish specific content in network packets
  • B. Intrusion Detection Systems can easily distinguish a malicious payload in an encrypted traffic
  • C. Intrusion Detection Systems require constant update of the signature library
  • D. Intrusion Detection Systems can examine the contents of the data n context of the network protocol

Answer: B

What term describes the amount of risk that remains after the vulnerabilities are classified and the countermeasures have been deployed?

  • A. Residual risk
  • B. Impact risk
  • C. Deferred risk
  • D. Inherent risk

Answer: A

Bob received this text message on his mobile phone: “Hello, this is Scott Smelby from the Yahoo Bank. Kindly contact me for a vital transaction on:”. Which statement below is true?

  • A. This is a scam as everybody can get a @yahoo address, not the Yahoo customer service employees.
  • B. This is a scam because Bob does not know Scott.
  • C. Bob should write to to verify the identity of Scott.
  • D. This is probably a legitimate message as it comes from a respectable organization.

Answer: A

Fingerprinting an Operating System helps a cracker because:

  • A. It defines exactly what software you have installed
  • B. It opens a security-delayed window based on the port being scanned
  • C. It doesn't depend on the patches that have been applied to fix existing security holes
  • D. It informs the cracker of which vulnerabilities he may be able to exploit on your system

Answer: D

When purchasing a biometric system, one of the considerations that should be reviewed is the processing speed. Which of the following best describes what it is meant by processing?

  • A. The amount of time and resources that are necessary to maintain a biometric system
  • B. How long it takes to setup individual user accounts
  • C. The amount of time it takes to be either accepted or rejected from when an individual provides identification and authentication information
  • D. The amount of time it takes to convert biometric data into a template on a smart card

Answer: C

To reach a bank web site, the traffic from workstations must pass through a firewall. You have been asked to review the firewall configuration to ensure that workstations in network can only reach the bank web site using https. Which of the following firewall rules meets this requirement?

  • A. If (source matches and destination matches and port matches 443) then permit
  • B. If (source matches and destination matches and port matches 80 or 443) then permit
  • C. If (source matches and destination matches and port matches 443) then permit
  • D. If (source matches and destination matches and port matches 443) then permit

Answer: A

John the Ripper is a technical assessment tool used to test the weakness of which of the following?

  • A. Passwords
  • B. File permissions
  • C. Firewall rulesets
  • D. Usernames

Answer: A

A network administrator discovers several unknown files in the root directory of his Linux FTP server. One of the files is a tarball, two are shell script files, and the third is a binary file is named "nc." The FTP server's access logs show that the anonymous user account logged in to the server, uploaded the files, and extracted the contents of the tarball and ran the script using a function provided by the FTP server's software. The “ps” command shows that the “nc” file is running as process, and the netstat command shows the “nc” process is listening on a network port.
What kind of vulnerability must be present to make this remote attack possible?

  • A. File system permissions
  • B. Privilege escalation
  • C. Directory traversal
  • D. Brute force login

Answer: A

The company ABC recently contracts a new accountant. The accountant will be working with the financial statements. Those financial statements need to be approved by the CFO and then they will be sent to the accountant but the CFO is worried because he wants to be sure that the information sent to the accountant was not modified once he approved it. Which of the following options can be useful to ensure the integrity of the data?

  • A. The CFO can use a hash algorithm in the document once he approved the financial statements
  • B. The CFO can use an excel file with a password
  • C. The financial statements can be sent twice, one by email and the other delivered in USB and the accountant can compare both to be sure is the same document
  • D. The document can be sent to the accountant using an exclusive USB for that document

Answer: A

Suppose your company has just passed a security risk assessment exercise. The results display that the risk of the breach in the main company application is 50%. Security staff has taken some measures and
implemented the necessary controls. After that, another security risk assessment was performed showing that risk has decreased to 10%. The risk threshold for the application is 20%. Which of the following risk decisions will be the best for the project in terms of its successful continuation with the most business profit?

  • A. Accept the risk
  • B. Introduce more controls to bring risk to 0%
  • C. Mitigate the risk
  • D. Avoid the risk

Answer: A

Which of the following describes the characteristics of a Boot Sector Virus?

  • A. Modifies directory table entries so that directory entries point to the virus code instead of the actual program.
  • B. Moves the MBR to another location on the RAM and copies itself to the original location of the MBR.
  • C. Moves the MBR to another location on the hard disk and copies itself to the original location of the MBR.
  • D. Overwrites the original MBR and only executes the new virus code.

Answer: C


Thanks for reading the newest 312-50v11 exam dumps! We recommend you to try the PREMIUM 2passeasy 312-50v11 dumps in VCE and PDF here: (254 Q&As Dumps)