312-50V11 Exam Dumps Updated 312-50V11 Practice Questions For Prepare Exam
To take the EC-COUNCIL 312-50V11 exam, you will need the latest 312-50V11 practice questions to prepare for the exam. PassITDump has updated the 312-50V11 exam dump to provide you with 312-50V11 practice questions for you to prepare for the Certified Ethical Hacker v11 Exam.
The PassITDump 312-50V11 exam dumps were just updated in September with 528 practice questions and answers, making it the perfect online exercise to prepare for the CEH v11 exam.
Question 1:
In the field of cryptanalysis, what is meant by a “rubber-hose” attack?
A. Forcing the targeted keystream through a hardware-accelerated device such as an ASIC.
B. A backdoor placed into a cryptographic algorithm by its creator.
C. Extraction of cryptographic secrets through coercion or torture.
D. Attempting to decrypt ciphertext by making logical assumptions about the contents of the original plaintext.
Correct Answer: C
Question 2:
When configuring wireless on his home router, Javik disables SSID broadcast. He leaves authentication “open” but sets the SSID to a 32-character string of random letters and numbers.
What is an accurate assessment of this scenario from a security perspective?
A. Since the SSID is required in order to connect, the 32-character string is sufficient to prevent brute-force attacks.
B. Disabling SSID broadcast prevents 802.11 beacons from being transmitted from the access point, resulting in a valid setup leveraging “security through obscurity”.
C. It is still possible for a hacker to connect to the network after sniffing the SSID from a successful wireless association.
D. Javik\’s router is still vulnerable to wireless hacking attempts because the SSID broadcast setting can be enabled using a specially crafted packet sent to the hardware address of the access point.
Correct Answer: C
Question 3:
what are common files on a web server that can be misconfigured and provide useful Information for a hacker such as verbose error messages?
A. httpd.conf
B. administration.config
C. idq.dll
D. php.ini
Correct Answer: D
The php.ini file may be a special file for PHP. it\’s where you declare changes to your PHP settings. The server is already configured with standard settings for PHP, which your site will use by default. Unless you would like to vary one or more settings, there\’s no got to create or modify a php.ini file. If you\’d wish to make any changes to settings, please do so through the MultiPHP INI Editor.
Question 4:
An attacker identified that a user and an access point are both compatible with WPA2 and WPA3 encryption. The attacker installed a rogue access point with only WPA2 compatibility in the vicinity and forced the victim to go through the WPA2 four-way handshake to get connected. After the connection was established, the attacker used automated tools to crack WPA2-encrypted messages. What is the attack performed in the above scenario?
A. Timing-based attack
B. Side-channel attack
C. Downgrade security attack
D. Cache-based attack
Correct Answer: B
Question 5:
Which of the following statements is TRUE?
A. Packet Sniffers operate on the Layer 1 of the OSI model.
B. Packet Sniffers operate on Layer 2 of the OSI model.
C. Packet Sniffers operate on both Layer 2 and Layer 3 of the OSI model.
D. Packet Sniffers operate on Layer 3 of the OSI model.
Correct Answer: B
Question 6:
Ralph, a professional hacker, targeted Jane, who had recently bought new systems for her company. After a few days, Ralph contacted Jane while masquerading as a legitimate customer support executive, informing that her systems need to be serviced for proper functioning and that customer support will send a computer technician. Jane promptly replied positively. Ralph entered Jane\’s company using this opportunity and gathered sensitive information by scanning terminals for passwords, searching for important documents in desks, and rummaging bins. What is the type of attack technique Ralph used on jane?
A. Dumpster diving
B. Eavesdropping
C. Shoulder surfing
D. impersonation
Correct Answer: D
Question 7:
Leverox Solutions hired Arnold, a security professional, for the threat intelligence process. Arnold collected information about specific threats against the organization. From this information, he retrieved contextual information about security events and incidents that helped him disclose potential risks and gain insight into attacker methodologies. He collected the information from sources such as humans, social media, and chat rooms as well as from events that resulted in cyberattacks. In this process, he also prepared a report that includes identified malicious activities, recommended courses of action, and warnings for emerging attacks. What is the type of threat intelligence collected by Arnold in the above scenario?
A. Strategic threat intelligence
B. Tactical threat intelligence
C. Operational threat intelligence
D. Technical threat intelligence
Correct Answer: C
Question 8:
Which tool can be used to silently copy files from USB devices?
A. USB Grabber
B. USB Snoopy
C. USB Sniffer
D. Use Dumper
Correct Answer: D
Question 9:
Which of the following algorithms can be used to guarantee the integrity of messages being sent, in transit, or stored?
A. symmetric algorithms
B. asymmetric algorithms
C. hashing algorithms
D. integrity algorithms
Correct Answer: C
Question 10:
Don, a student, came across a gaming app in a third-party app store and Installed it. Subsequently, all the legitimate apps in his smartphone were replaced by deceptive applications that appeared legitimate. He also received many advertisements on his smartphone after Installing the app. What is the attack performed on Don in the above scenario?
A. SMS phishing attack
B. SIM card attack
C. Agent Smith attack
D. Clickjacking
Correct Answer: D
Clickjacking is an attack that tricks a user into clicking a webpage element which is invisible or disguised as another element. this will cause users to unwittingly download malware, visit malicious sites , provide credentials or sensitive information, transfer money, or purchase products online.Typically, clickjacking is performed by displaying an invisible page or HTML element, inside an iframe, on top of the page the user sees. The user believes they\’re clicking the visible page but actually they\’re clicking an invisible element within the additional page transposed on top of it.The invisible page might be a malicious page, or a legitimate page the user didn\’t shall visit ?for instance , a page on the user\’s banking site that authorizes the transfer of cash .There are several variations of the clickjacking attack, such as: Likejacking a way during which the Facebook “Like” button is manipulated, causing users to “like” a page they really didn\’t shall like. Cursorjacking a UI redressing technique that changes the cursor for the position the user perceives to a different position. Cursorjacking relies on vulnerabilities in Flash and therefore the Firefox browser, which have now been fixed. Clickjacking attack example1. The attacker creates a beautiful page which promises to offer the user a free trip to Tahiti.2. within the background the attacker checks if the user is logged into his banking site and if so, loads the screen that permits transfer of funds, using query parameters to insert the attacker\’s bank details into the shape .3. The bank transfer page is displayed in an invisible iframe above the free gift page, with the “Confirm Transfer” button exactly aligned over the “Receive Gift” button visible to the user.4. The user visits the page and clicks the “Book My Free Trip” button.5. actually the user is clicking on the invisible iframe, and has clicked the “Confirm Transfer” button. Funds are transferred to the attacker.6. The user is redirected to a page with information about the free gift (not knowing what happened within the background). This example illustrates that, during a clickjacking attack, the malicious action (on the bank website, during this case) can\’t be traced back to the attacker because the user performed it while being legitimately signed into their own account. Clickjacking mitigationThere are two general ways to defend against clickjacking: Client- side methods the foremost common is named Frame Busting. Client-side methods are often effective in some cases, but are considered to not be a best practice, because they will be easily bypassed. Server-side methods the foremost common is X-Frame-Options. Server-side methods are recommended by security experts as an efficient thanks to defend against clickjacking.
Question 11:
Bob, your senior colleague, has sent you a mail regarding a deal with one of the clients. You are requested to accept the offer and you oblige. After 2 days, Bab denies that he had ever sent a mail. What do you want to “”know”” to prove yourself that it was Bob who had send a mail?
A. Non-Repudiation
B. Integrity
C. Authentication
D. Confidentiality
Correct Answer: A
Question 12:
John, a disgruntled ex-employee of an organization, contacted a professional hacker to exploit the organization. In the attack process, the professional hacker Installed a scanner on a machine belonging to one of the vktims and scanned several machines on the same network to Identify vulnerabilities to perform further exploitation. What is the type of vulnerability assessment tool employed by John in the above scenario?
A. Proxy scanner
B. Agent-based scanner
C. Network-based scanner
D. Cluster scanner
Correct Answer: B
Knowing when to include agents into your vulnerability management processes isn\’t an easy decision. Below are common use cases for agent-based vulnerability scanning to assist you build out your combined scanning strategy. Intermittent or Irregular Connectivity: Vulnerability management teams are now tasked with scanning devices that access the company network remotely using public or home-based Wi-Fi connections. These connections are often unreliable and intermittent leading to missed network-based scans. Fortunately, the scanning frequency of agents doesn\’t require a network connection. The agent detects when the device is back online, sending scan data when it\’s ready to communicate with the VM platform. Connecting Non-Corporate Devices to Corporate Networks:With the increased use of private devices, company networks are more exposed to malware and infections thanks to limited IT and security teams\’ control and visibility. Agent-based scanning gives security teams insight into weaknesses on non-corporate endpoints, keeping them informed about professional hacker is potential attack vectors in order that they can take appropriate action. Endpoints Residing Outside of Company Networks: Whether company-issued or BYOD, remote assets frequently hook up with the web outside of traditional network bounds. An agent that resides on remote endpoints conducts regular, authenticated scans checking out system changes and unpatched software. The results are then sent back to the VM platform and combined with other scan results for review, prioritization, and mitigation planning.
Question 13:
If you want to only scan fewer ports than the default scan using Nmap tool, which option would you use?
A. -r
B. -F
C. -P
D. -sP
Correct Answer: B
Question 14:
While examining audit logs, you discover that people are able to telnet into the SMTP server on port 25. You would like to block this, though you do not see any evidence of an attack or other wrong doing. However, you are concerned about affecting the normal functionality of the email server. From the following options choose how best you can achieve this objective?
A. Block port 25 at the firewall.
B. Shut off the SMTP service on the server.
C. Force all connections to use a username and password.
D. Switch from Windows Exchange to UNIX Sendmail.
E. None of the above.
Correct Answer: E
Question 15:
You are analysing traffic on the network with Wireshark. You want to routinely run a cron job which will run the capture against a specific set of IPs – 192.168.8.0/24. What command you would use?
A. wireshark –fetch \’\’192.168.8*\’\’
B. wireshark –capture –local masked 192.168.8.0 —range 24
C. tshark -net 192.255.255.255 mask 192.168.8.0
D. sudo tshark -f\’\’net 192 .68.8.0/24\’\’
Correct Answer: D