EC-COUNCIL 312-50v10 Cert Guide PDF 100% Cover Real Exam Questions [Q195-Q213]

EC-COUNCIL 312-50v10 Cert Guide PDF 100% Cover Real Exam Questions

Pass 312-50v10 Exam - Real Questions & Answers

How to study the 312-50v10 Exam

Exam-Killer expert team recommends you to prepare some notes on these topics along with it don’t forget to practice EC Council Certified Ethical Hacker v10 Exam 312-50v10 Exam which been written by our expert team, Both these will help you a lot to clear this exam with good marks.

Module 13: Hacking Web Servers

The objective includes your understanding of webserver concepts, attacks, attack tools, attack methodology; countermeasures contrary to webserver attacks; Patch Management; webserver security tools; webserver penetration testing.

 

NEW QUESTION 195
When setting up a wireless network, an administrator enters a pre-shared key for security. Which of the following is true?

• A. The key entered is a hash that is used to prove the integrity of the wireless data.
• B. The key entered is a symmetric key used to encrypt the wireless data.
• C. The key entered is based on the Diffie-Hellman method.
• D. The key is an RSA key used to encrypt the wireless data.

Answer: B

 

NEW QUESTION 196
You are performing a penetration test for a client and have gained shell access to a Windows machine on the internal network. You intend to retrieve all DNS records for the internal domain, if the DNS server is at
192.168.10.2 and the domain name is abccorp.local, what command would you type at the nslookup prompt to attempt a zone transfer?

• A. is-d abccorp.local
• B. Iserver 192.168.10.2-t all
• C. list server=192.168.10.2 type=all
• D. List domain=Abccorp.local type=zone

Answer: A

 

NEW QUESTION 197
While performing ping scans into a target network you get a frantic call from the organization's security team. They report that they are under a denial of service attack.
When you stop your scan, the smurf attack event stops showing up on the organization's IDS monitor.
How can you modify your scan to prevent triggering this event in the IDS?

• A. Spoof the source IP address.
• B. Scan more slowly.
• C. Do not scan the broadcast IP.
• D. Only scan the Windows systems.

Answer: C

 

NEW QUESTION 198
What does a firewall check to prevent particular ports and applications from getting packets into an organization?

• A. Presentation layer headers and the session layer port numbers
• B. Application layer port numbers and the transport layer headers
• C. Network layer headers and the session layer port numbers
• D. Transport layer port numbers and application layer headers

Answer: D

 

NEW QUESTION 199
You have compromised a server and successfully gained a root access. You want to pivot and pass traffic undetected over the network and evade any possible Intrusion Detection System.
What is the best approach?

• A. Use Alternate Data Streams to hide the outgoing packets from this server.
• B. Install and use Telnet to encrypt all outgoing traffic from this server.
• C. Install Cryptcat and encrypt outgoing packets from this server.
• D. Use HTTP so that all traffic can be routed via a browser, thus evading the internal Intrusion Detection Systems.

Answer: C

Explanation:
Explanation
Cryptcat enables us to communicate between two systems and encrypts the communication between them with twofish.
References:
http://null-byte.wonderhowto.com/how-to/hack-like-pro-create-nearly-undetectable-backdoor-with-cryptcat-0149

 

NEW QUESTION 200
What is the way to decide how a packet will move from an untrusted outside host to a protected inside that is behind a firewall, which permits the hacker to determine which ports are open and if the packets can pass through the packet-filtering of the firewall?

• A. Firewalking
• B. Network sniffing
• C. Session hijacking
• D. Man-in-the-middle attack

Answer: A

 

NEW QUESTION 201
A hacker searches in Google for filetype:pcf to find Cisco VPN config files. Those files may contain connectivity passwords that can be decoded with which of the following?

• A. Cain and Abel
• B. John The Ripper Pro
• C. Nessus
• D. Cupp

Answer: A

 

NEW QUESTION 202
You are attempting to man-in-the-middle a session. Which protocol will allow you to guess a sequence number?

• A. UPX
• B. UPD
• C. TCP
• D. ICMP

Answer: C

 

NEW QUESTION 203
Your business has decided to add credit card numbers to the data it backs up to tape.
Which of the
following represents the best practice your business should observe?

• A. Do not back up cither the credit card numbers or then hashes.
• B. Encrypt backup tapes that are sent off-site.
• C. Hire a security consultant to provide direction.
• D. Back up the hashes of the credit card numbers not the actual credit card numbers.

Answer: C

 

NEW QUESTION 204
Due to a slowdown of normal network operations, the IT department decided to monitor internet traffic for all of the employees. From a legal stand point, what would be troublesome to take this kind of measure?

• A. IT department would be telling employees who the boss is
• B. The network could still experience traffic slow down.
• C. Not informing the employees that they are going to be monitored could be an invasion of privacy.
• D. All of the employees would stop normal work activities

Answer: C

 

NEW QUESTION 205
An attacker runs netcat tool to transfer a secret file between two hosts.

He is worried about information being sniffed on the network.
How would the attacker use netcat to encrypt the information before transmitting onto the wire?

• A. Machine A: netcat -l -p -s password 1234 < testfileMachine B: netcat <machine A IP> 1234
• B. Use cryptcat instead of netcat
• C. Machine A: netcat -l -p 1234 < testfile -pw passwordMachine B: netcat <machine A IP> 1234 -pw password
• D. Machine A: netcat -l -e magickey -p 1234 < testfileMachine B: netcat <machine A IP> 1234

Answer: B

 

NEW QUESTION 206
A company has hired a security administrator to maintain and administer Linux and Windows-based systems.
Written in the nightly report file is the following:
Firewall log files are at the expected value of 4 MB. The current time is 12am. Exactly two hours later the size has decreased considerably. Another hour goes by and the log files have shrunk in size again.
Which of the following actions should the security administrator take?

• A. Log the event as suspicious activity, continue to investigate, and act according to the site's security policy.
• B. Run an anti-virus scan because it is likely the system is infected by malware.
• C. Log the event as suspicious activity and report this behavior to the incident response team immediately.
• D. Log the event as suspicious activity, call a manager, and report this as soon as possible.

Answer: A

 

NEW QUESTION 207
Which of the following is the greatest threat posed by backups?

• A. A backup is incomplete because no verification was performed.
• B. A backup is unavailable during disaster recovery.
• C. A backup is the source of Malware or illicit information.
• D. An un-encrypted backup can be misplaced or stolen.

Answer: D

Explanation:
Explanation
If the data written on the backup media is properly encrypted, it will be useless for anyone without the key.
References:
http://resources.infosecinstitute.com/backup-media-encryption/

 

NEW QUESTION 208
Which of the following Nmap commands would be used to perform a stack fingerprinting?

• A. Nmap -sS -0p targe
• B. Nmap -O -p80 <host(s.>
• C. Nmap -hU -Q<host(s.>
• D. Nmap -sT -p <host(s.>
• E. Nmap -u -o -w2 <host>

Answer: C

 

NEW QUESTION 209
An IT employee got a call from one our best customers. The caller wanted to know about the company's network infrastructure, systems, and team. New opportunities of integration are in sight for both company and customer. What should this employee do?

• A. The employee can not provide any information: but, anyway, he/she will provide the name of the person in charge
• B. The employee should not provide any information without previous management authorization
• C. Disregarding the call, the employee should hang up
• D. Since the company's policy is all about Customer Service. he/she will provide information

Answer: B

 

NEW QUESTION 210
During the process of encryption and decryption, what keys are shared?
During the process of encryption and decryption, what keys are shared?

• A. Private keys
• B. Public keys
• C. User passwords
• D. Public and private keys

Answer: B

 

NEW QUESTION 211
You are working as a Security Analyst in a company XYZ that owns the whole subnet range of 23.0.0.0/8 and
192.168.0.0/8.
While monitoring the data, you find a high number of outbound connections. You see that IP's owned by XYZ (Internal) and private IP's are communicating to a Single Public IP. Therefore, the Internal IP's are sending data to the Public IP.
After further analysis, you find out that this Public IP is a blacklisted IP, and the internal communicating devices are compromised.
What kind of attack does the above scenario depict?

• A. Spear Phishing Attack
• B. Rootkit Attack
• C. Botnet Attack
• D. Advanced Persistent Threats

Answer: C

 

NEW QUESTION 212
Which tool is used to automate SQL injections and exploit a database by forcing a given web application to connect to another database controlled by a hacker?

• A. SQLInjector
• B. Cain and Abel
• C. NetCat
• D. DataThief

Answer: D

 

NEW QUESTION 213
......

100% Free 312-50v10 Daily Practice Exam With 745 Questions: https://www.exam-killer.com/312-50v10-valid-questions.html

Pass 312-50v10 Review Guide, Reliable 312-50v10 Test Engine: https://drive.google.com/open?id=1Wu8WVytBLo_csWLdKCo4FNs4c_nyDdeD