All About Tested 312-50v11 Simulations

Ucertify 312-50v11 Questions are updated and all 312-50v11 answers are verified by experts. Once you have completely prepared with our 312-50v11 exam prep kits you will be ready for the real 312-50v11 exam without a problem. We have Renew EC-Council 312-50v11 dumps study guide. PASSED 312-50v11 First attempt! Here What I Did.

EC-Council 312-50v11 Free Dumps Questions Online, Read and Test Now.

NEW QUESTION 1
You are attempting to crack LM Manager hashed from Windows 2000 SAM file. You will be using LM Brute force hacking tool for decryption. What encryption algorithm will you be decrypting?

  • A. MD4
  • B. DES
  • C. SHA
  • D. SSL

Answer: B

NEW QUESTION 2
You just set up a security system in your network. In what kind of system would you find the following string of characters used as a rule within its configuration? alert tcp any any -> 192.168.100.0/24 21 (msg: ““FTP on the network!””;)

  • A. A firewall IPTable
  • B. FTP Server rule
  • C. A Router IPTable
  • D. An Intrusion Detection System

Answer: D

NEW QUESTION 3
Jim’s company regularly performs backups of their critical servers. But the company cannot afford to send backup tapes to an off-site vendor for long-term storage and archiving. Instead, Jim’s company keeps the backup tapes in a safe in the office. Jim’s company is audited each year, and the results from this year’s audit show a risk because backup tapes are not stored off-site. The Manager of Information Technology has a plan to take the backup tapes home with him and wants to know what two things he can do to secure the backup tapes while in transit?

  • A. Encrypt the backup tapes and transport them in a lock box.
  • B. Degauss the backup tapes and transport them in a lock box.
  • C. Hash the backup tapes and transport them in a lock box.
  • D. Encrypt the backup tapes and use a courier to transport them.

Answer: A

NEW QUESTION 4
A network admin contacts you. He is concerned that ARP spoofing or poisoning might occur on his network. What are some things he can do to prevent it? Select the best answers.

  • A. Use port security on his switches.
  • B. Use a tool like ARPwatch to monitor for strange ARP activity.
  • C. Use a firewall between all LAN segments.
  • D. If you have a small network, use static ARP entries.
  • E. Use only static IP addresses on all PC's.

Answer: ABD

NEW QUESTION 5
Bob is doing a password assessment for one of his clients. Bob suspects that security policies are not in place. He also suspects that weak passwords are probably the norm throughout the company he is evaluating. Bob is familiar with password weaknesses and key loggers.
Which of the following options best represents the means that Bob can adopt to retrieve passwords from his clients hosts and servers?

  • A. Hardware, Software, and Sniffing.
  • B. Hardware and Software Keyloggers.
  • C. Passwords are always best obtained using Hardware key loggers.
  • D. Software only, they are the most effective.

Answer: A

NEW QUESTION 6
Session splicing is an IDS evasion technique in which an attacker delivers data in multiple, small sized packets to the target computer, making it very difficult for an IDS to detect the attack signatures. Which tool can be used to perform session splicing attacks?

  • A. tcpsplice
  • B. Burp
  • C. Hydra
  • D. Whisker

Answer: D

NEW QUESTION 7
What is the purpose of DNS AAAA record?

  • A. Authorization, Authentication and Auditing record
  • B. Address prefix record
  • C. Address database record
  • D. IPv6 address resolution record

Answer: D

NEW QUESTION 8
Study the snort rule given below and interpret the rule. alert tcp any any --> 192.168.1.0/24 111 (content:"|00 01 86 a5|"; msG. "mountd access";)

  • A. An alert is generated when a TCP packet is generated from any IP on the 192.168.1.0 subnet and destined to any IP on port 111
  • B. An alert is generated when any packet other than a TCP packet is seen on the network and destined for the 192.168.1.0 subnet
  • C. An alert is generated when a TCP packet is originated from port 111 of any IP address to the 192.168.1.0 subnet
  • D. An alert is generated when a TCP packet originating from any IP address is seen on the network and destined for any IP address on the 192.168.1.0 subnet on port 111

Answer: D

NEW QUESTION 9
Let's imagine three companies (A, B and C), all competing in a challenging global environment. Company A and B are working together in developing a product that will generate a major competitive advantage for them. Company A has a secure DNS server while company B has a DNS server vulnerable to spoofing. With a spoofing attack on the DNS server of company B, company C gains access to outgoing e-mails from company B. How do you prevent DNS spoofing?

  • A. Install DNS logger and track vulnerable packets
  • B. Disable DNS timeouts
  • C. Install DNS Anti-spoofing
  • D. Disable DNS Zone Transfer

Answer: C

NEW QUESTION 10
Internet Protocol Security IPsec is actually a suite pf protocols. Each protocol within the suite provides different functionality. Collective IPsec does everything except.

  • A. Protect the payload and the headers
  • B. Encrypt
  • C. Work at the Data Link Layer
  • D. Authenticate

Answer: D

NEW QUESTION 11
If you want to only scan fewer ports than the default scan using Nmap tool, which option would you use?

  • A. –r
  • B. –F
  • C. –P
  • D. –sP

Answer: B

NEW QUESTION 12
env x=’(){ :;};echo exploit’ bash –c ‘cat/etc/passwd’
What is the Shellshock bash vulnerability attempting to do on a vulnerable Linux host?

  • A. Removes the passwd file
  • B. Changes all passwords in passwd
  • C. Add new user to the passwd file
  • D. Display passwd content to prompt

Answer: D

NEW QUESTION 13
You have the SOA presented below in your Zone.
Your secondary servers have not been able to contact your primary server to synchronize information. How long will the secondary servers attempt to contact the primary server before it considers that zone is dead and stops responding to queries?
collegae.edu.SOA, cikkye.edu ipad.college.edu. (200302028 3600 3600 604800 3600)

  • A. One day
  • B. One hour
  • C. One week
  • D. One month

Answer: C

NEW QUESTION 14
You have successfully comprised a server having an IP address of 10.10.0.5. You would like to enumerate all machines in the same network quickly.
What is the best Nmap command you will use?

  • A. nmap -T4 -q 10.10.0.0/24
  • B. nmap -T4 -F 10.10.0.0/24
  • C. nmap -T4 -r 10.10.1.0/24
  • D. nmap -T4 -O 10.10.0.0/24

Answer: B

NEW QUESTION 15
Which of the following tools are used for enumeration? (Choose three.)

  • A. SolarWinds
  • B. USER2SID
  • C. Cheops
  • D. SID2USER
  • E. DumpSec

Answer: BDE

NEW QUESTION 16
Bob is going to perform an active session hijack against Brownies Inc. He has found a target that allows session oriented connections (Telnet) and performs the sequence prediction on the target operating system. He manages to find an active session due to the high level of traffic on the network. What is Bob supposed to do next?

  • A. Take over the session
  • B. Reverse sequence prediction
  • C. Guess the sequence numbers
  • D. Take one of the parties offline

Answer: C

NEW QUESTION 17
Which of the following program infects the system boot sector and the executable files at the same time?

  • A. Polymorphic virus
  • B. Stealth virus
  • C. Multipartite Virus
  • D. Macro virus

Answer: C

NEW QUESTION 18
Which regulation defines security and privacy controls for Federal information systems and organizations?

  • A. HIPAA
  • B. EU Safe Harbor
  • C. PCI-DSS
  • D. NIST-800-53

Answer: D

NEW QUESTION 19
A penetration tester is conducting a port scan on a specific host. The tester found several ports opened that were confusing in concluding the Operating System (OS) version installed. Considering that NMAP result below, which of the following is likely to be installed on the target machine by the OS? Starting NMAP 5.21 at 2011-03-15 11:06 NMAP scan report for 172.16.40.65 Host is up (1.00s latency). Not shown: 993 closed ports PORT STATE SERVICE 21/tcp open ftp 23/tcp open telnet 80/tcp open http 139/tcp open netbios-ssn 515/tcp open 631/tcp open ipp 9100/tcp open MAC Address: 00:00:48:0D:EE:8

  • A. The host is likely a Linux machine.
  • B. The host is likely a printer.
  • C. The host is likely a router.
  • D. The host is likely a Windows machine.

Answer: B

NEW QUESTION 20
You are tasked to perform a penetration test. While you are performing information gathering, you find an employee list in Google. You find the receptionist’s email, and you send her an email changing the source email to her boss’s email (boss@company). In this email, you ask for a pdf with information. She reads your email and sends back a pdf with links. You exchange the pdf links with your malicious links (these links contain malware) and send back the modified pdf, saying that the links don’t work. She reads your email, opens the links, and her machine gets infected. You now have access to the company network. What testing method did you use?

  • A. Social engineering
  • B. Piggybacking
  • C. Tailgating
  • D. Eavesdropping

Answer: A

NEW QUESTION 21
What is the role of test automation in security testing?

  • A. It is an option but it tends to be very expensive.
  • B. It should be used exclusivel
  • C. Manual testing is outdated because of low speed and possible test setup inconsistencies.
  • D. Test automation is not usable in security due to the complexity of the tests.
  • E. It can accelerate benchmark tests and repeat them with a consistent test setu
  • F. But it cannot replace manual testing completely.

Answer: D

NEW QUESTION 22
User A is writing a sensitive email message to user B outside the local network. User A has chosen to use PKI to secure his message and ensure only user B can read the sensitive email. At what layer of the OSI layer does the encryption and decryption of the message take place?

  • A. Application
  • B. Transport
  • C. Session
  • D. Presentation

Answer: D

NEW QUESTION 23
Nathan is testing some of his network devices. Nathan is using Macof to try and flood the ARP cache of these switches.
If these switches' ARP cache is successfully flooded, what will be the result?

  • A. The switches will drop into hub mode if the ARP cache is successfully flooded.
  • B. If the ARP cache is flooded, the switches will drop into pix mode making it less susceptible to attacks.
  • C. Depending on the switch manufacturer, the device will either delete every entry in its ARP cache or reroute packets to the nearest switch.
  • D. The switches will route all traffic to the broadcast address created collisions.

Answer: A

NEW QUESTION 24
What is one of the advantages of using both symmetric and asymmetric cryptography in SSL/TLS?

  • A. Symmetric algorithms such as AES provide a failsafe when asymmetric methods fail.
  • B. Asymmetric cryptography is computationally expensive in compariso
  • C. However, it is well-suited to securely negotiate keys for use with symmetric cryptography.
  • D. Symmetric encryption allows the server to securely transmit the session keys out-of-band.
  • E. Supporting both types of algorithms allows less-powerful devices such as mobile phones to use symmetric encryption instead.

Answer: D

NEW QUESTION 25
CompanyXYZ has asked you to assess the security of their perimeter email gateway. From your office in New York, you craft a specially formatted email message and send it across the Internet to an employee of CompanyXYZ. The employee of CompanyXYZ is aware of your test. Your email message looks like this:
From: jim_miller@companyxyz.com
To: michelle_saunders@companyxyz.com Subject: Test message Date: 4/3/2017 14:37
The employee of CompanyXYZ receives your email message.
This proves that CompanyXYZ’s email gateway doesn’t prevent what?

  • A. Email Masquerading
  • B. Email Harvesting
  • C. Email Phishing
  • D. Email Spoofing

Answer: D

NEW QUESTION 26
......

Thanks for reading the newest 312-50v11 exam dumps! We recommend you to try the PREMIUM Dumps-files.com 312-50v11 dumps in VCE and PDF here: https://www.dumps-files.com/files/312-50v11/ (254 Q&As Dumps)