Latest 312-50v11 Practice Tests with Actual Questions

Get Complete pool of questions with Premium PDF and Test Engine

Exam Code : 312-50v11
Exam Name : Certified Ethical Hacker v11
Vendor Name : "EC-Council"







312-50v11 Dumps

312-50v11 Braindumps 312-50v11 Real Questions 312-50v11 Practice Test

312-50v11 Actual Questions


killexams.com


EC-Council


312-50v11


Certified Ethical Hacker v11


https://killexams.com/pass4sure/exam-detail/312-50v11


Question: 364


Eve is spending her day scanning the library computers. She notices that Alice is using a computer whose port 445 is active and listening. Eve uses the ENUM tool to enumerate Alice machine. From the command prompt, she types the following command.



What is Eve trying to do?

A . Eve is trying to connect as a user with Administrator privileges

B . Eve is trying to enumerate all users with Administrative privileges C . Eve is trying to carry out a password crack for user Administrator

D . Eve is trying to escalate privilege of the null user to that of Administrator




Answer: C



Question: 365


What type of analysis is performed when an attacker has partial knowledge of inner-workings of the application? A . Black-box

B . Announced C . White-box D . Grey-box




Answer: D



Question: 366


Steve, a scientist who works in a governmental security agency, developed a technological solution to identify people based on walking patterns and implemented this approach to a physical control access.


A camera captures people walking and identifies the individuals using Steve’s approach.

After that, people must approximate their RFID badges. Both the identifications are required to open the door. In this case, we can say:

A . Although the approach has two phases, it actually implements just one authentication factor

B . The solution implements the two authentication factors: physical object and physical characteristic C . The solution will have a high level of false positives

D . Biological motion cannot be used to identify people




Answer: B



Question: 367

When a security analyst prepares for the formal security assessment – what of the following should be done in order to determine inconsistencies in the secure assets database and verify that system is compliant to the minimum security baseline?

A . Data items and vulnerability scanning

B . Interviewing employees and network engineers C . Reviewing the firewalls configuration

D . Source code review




Answer: A



Question: 368


Which of the following LM hashes represent a password of less than 8 characters? (Choose two.) A . BA810DBA98995F1817306D272A9441BB

B . 44EFCE164AB921CQAAD3B435B51404EE C . 0182BD0BD4444BF836077A718CCDF409 D . CEC52EB9C8E3455DC2265B23734E0DAC E . B757BF5C0D87772FAAD3B435B51404EE F . E52CAC67419A9A224A3B108F3FA6CB6D




Answer: B,E



Question: 369


A user on your Windows 2000 network has discovered that he can use L0phtcrack to sniff the SMB exchanges which carry user logons. The user is plugged into a hub with 23 other systems.

However, he is unable to capture any logons though he knows that other users are logging in. What do you think is the most likely reason behind this?

A . There is a NIDS present on that segment.

B . Kerberos is preventing it.

C . Windows logons cannot be sniffed.

D . L0phtcrack only sniffs logons to web servers.




Answer: B



Question: 370


A large company intends to use Blackberry for corporate mobile phones and a security analyst is assigned to evaluate the possible threats. The analyst will use the Blackjacking attack method to demonstrate how an attacker could circumvent perimeter defenses and gain access to the Prometric Online Testing C Reports https://ibt1.prometric.com/users/custom/report_queue/rq_str… corporate network.


What tool should the analyst use to perform a Blackjacking attack? A . Paros Proxy

B . BBProxy C . Blooover

D . BBCrack




Answer: B



Question: 371


Susan has attached to her company’s network. She has managed to synchronize her boss’s sessions with that of the file server. She then intercepted his traffic destined for the server, changed it the way she wanted to and then placed it on the server in his home directory.


What kind of attack is Susan carrying on? A . A sniffing attack

B . A spoofing attack

C . A man in the middle attack D . A denial of service attack




Answer: C



Question: 372


Which of the following is a component of a risk assessment? A . Administrative safeguards

B . Physical security C . DMZ

D . Logical interface




Answer: A



Question: 373


Peter, a Network Administrator, has come to you looking for advice on a tool that would help him perform SNMP enquires over the network.


Which of these tools would do the SNMP enumeration he is looking for? Select the best answers. A . SNMPUtil

B . SNScan

C . SNMPScan

D . Solarwinds IP Network Browser E . NMap




Answer: A,B,D



Question: 374


What is the BEST alternative if you discover that a rootkit has been installed on one of your computers? A . Copy the system files from a known good system

B . Perform a trap and trace

C . Delete the files and try to determine the source D . Reload from a previous backup

E . Reload from known good media




Answer: E



Question: 375


What is the purpose of DNS AAAA record?

A . Authorization, Authentication and Auditing record B . Address prefix record

C . Address database record

D . IPv6 address resolution record




Answer: D