Finding Leading 312-50v9 interactive bootcamp

Act now and download your EC-Council 312-50v9 test today! Do not waste time for the worthless EC-Council 312-50v9 tutorials. Download Update EC-Council EC-Council Certified Ethical Hacker v9 exam with real questions and answers and begin to learn EC-Council 312-50v9 with a classic professional.

Q11. Which of these options is the most secure procedure for strong backup tapes?

A. In a climate controlled facility offsite

B. Inside the data center for faster retrieval in afireproof safe

C. In a cool dry environment

D. On a different floor in the same building

Answer: A

Q12. Which of the following incident handling process phases is responsible for defining rules, creating a back-up plan, and testing the plans for an enterprise?

A. Preparation phase

A. B. Recovery phase

C. Identification phase

D. Containment phase

Answer: A

Q13. You are usingNMAP to resolve domain names into IP addresses for a ping sweep later. Which of the following commands looks for IP addresses?

A. >host –t ns

B. >host –t AXFR

C. >host –t soa

D. >host –t a

Answer: D

Q14. To determine if a software program properly handles a wide range of invalid input, a form of automated testing can be used randomly generate invalid input in an attempt to crash the program.

What term is commonly used when referring to this type of testing?

A. Bounding

B. Mutating

C. Puzzing

D. Randomizing

Answer: C

Q15. env x= ‘(){ :;};echo exploit ‘ bash –c ‘cat/etc/passwd

What is the Shellshock bash vulnerability attempting to do on an vulnerable Linux host?

A. Add new user to the passwd file

B. Display passwd contents to prompt

C. Change all password in passwd

D. Remove the passwd file.

Answer: B

Q16. A Regional bank hires your company to perform a security assessment on their network after a recent data breach. The attacker was able to steal financial data from the bank by compromising only a single server.

Based on this information, what should be one of your key recommendations to the bank?

A. Move the financial data to another server on the same IP subnet

B. Place a front-end web server in a demilitarized zone that only handles external web traffic

C. Issue new certificates to the web servers from the root certificate authority

D. Require all employees to change their passwords immediately

Answer: A

Q17. You are performing a penetration test. You achieved access via a bufferoverflow exploit and you proceed to find interesting data, such as files with usernames and passwords. You find a hidden folder that has the administrator’s bank account password and login information for the administrator’s bitcoin account.

What should you do?

A. Do not transfer the money but steal the bitcoins.

B. Report immediately to the administrator.

A. C. Transfer money from the administrator’s account to another account.

D. Do not report it and continue the penetration test.

Answer: B

Q18. You have compromised a server on a network and successfully open a shell. You aimed to identify all operating systems running on the network. However, as you attemptto fingerprint all machines in the machines in the network using the nmap syntax below, it is not going through.

invictus@victim_server:~$nmap –T4 –O

TCP/IP fingerprinting (for OS scan) xxxxxxx xxxxxx xxxxxxxxxx. QUITTING!

What seems to be wrong?

A. The outgoing TCP/IP fingerprinting is blocked by the host firewall.

B. This is a common behavior for a corrupted nmap application.

C. OS Scan requires root privileged.

D. The nmap syntax is wrong.

Answer: D

Q19. Which of the following parameters describe LM Hash: I – The maximum password length is 14 characters.

II – There are no distinctions between uppercase and lowercase.

III – It’s a simple algorithm, so 10,000,000 hashes can be generated per second.

A. I

B. I and II


D. I, II and III

Answer: D

Q20. How does the Address Resolution Protocol (ARP) work?

A. It sends a reply packet for a specific IP, asking for the MAC address.

B. It sends a reply packet to all the network elements, asking for the MAC address from a specific IP.

C. It sends a request packet to all the network elements, asking for the domainname from a specific IP.

D. It sends a request packet to all the network elements, asking for the MAC address from a specific IP.

Answer: D