Verified & Latest 312-50v11 Dump Q&As with Correct Answers [Q198-Q217]

Share

Verified & Latest 312-50v11 Dump Q&As with Correct Answers

Latest 312-50v11 dumps - Instant Download PDF


EC-COUNCIL 312-50v11 (Certified Ethical Hacker Exam (CEH v11)) Certification Exam is designed to test the knowledge and skills of individuals who want to become ethical hackers. 312-50v11 exam covers a wide range of topics related to ethical hacking, including network security, system security, web application security, cryptography, and more. It is an internationally recognized certification that is highly valued in the cybersecurity industry.

 

NEW QUESTION # 198
A newly joined employee. Janet, has been allocated an existing system used by a previous employee. Before issuing the system to Janet, it was assessed by Martin, the administrator. Martin found that there were possibilities of compromise through user directories, registries, and other system parameters. He also Identified vulnerabilities such as native configuration tables, incorrect registry or file permissions, and software configuration errors. What is the type of vulnerability assessment performed by Martin?

  • A. Host-based assessment
  • B. Credentialed assessment
  • C. Distributed assessment
  • D. Database assessment

Answer: A

Explanation:
Explanation
The host-based vulnerability assessment (VA) resolution arose from the auditors' got to periodically review systems. Arising before the net becoming common, these tools typically take an "administrator's eye" read of the setting by evaluating all of the knowledge that an administrator has at his or her disposal.
UsesHost VA tools verify system configuration, user directories, file systems, registry settings, and all forms of other info on a number to gain information about it. Then, it evaluates the chance of compromise. it should also live compliance to a predefined company policy so as to satisfy an annual audit. With administrator access, the scans area unit less possible to disrupt traditional operations since the computer code has the access it has to see into the complete configuration of the system.
What it Measures Host
VA tools will examine the native configuration tables and registries to spot not solely apparent vulnerabilities, however additionally "dormant" vulnerabilities - those weak or misconfigured systems and settings which will be exploited when an initial entry into the setting. Host VA solutions will assess the safety settings of a user account table; the access management lists related to sensitive files or data; and specific levels of trust applied to other systems. The host VA resolution will a lot of accurately verify the extent of the danger by determinant however way any specific exploit could also be ready to get.


NEW QUESTION # 199
What is one of the advantages of using both symmetric and asymmetric cryptography in SSL/TLS?

  • A. Supporting both types of algorithms allows less-powerful devices such as mobile phones to use symmetric encryption instead.
  • B. Symmetric algorithms such as AES provide a failsafe when asymmetric methods fail.
  • C. Asymmetric cryptography is computationally expensive in comparison. However, it is well-suited to securely negotiate keys for use with symmetric cryptography.
  • D. Symmetric encryption allows the server to security transmit the session keys out-of-band.

Answer: A


NEW QUESTION # 200
What did the following commands determine?

  • A. Issued alone, these commands prove nothing
  • B. These commands demonstrate that the guest account has been disabled
  • C. These commands demonstrate that the guest account has NOT been disabled
  • D. That the Joe account has a SID of 500
  • E. That the true administrator is Joe

Answer: E


NEW QUESTION # 201
You are a penetration tester and are about to perform a scan on a specific server. The agreement that you signed with the client contains the following specific condition for the scan: "The attacker must scan every port on the server several times using a set of spoofed sources IP addresses. " Suppose that you are using Nmap to perform this scan. What flag will you use to satisfy this requirement?

  • A. The -g flag
  • B. The -D flag
  • C. The -A flag
  • D. The -f flag

Answer: B

Explanation:
flags -source-port and -g are equivalent and instruct nmap to send packets through a selected port. this option is used to try to cheat firewalls whitelisting traffic from specific ports. the following example can scan the target from the port twenty to ports eighty, 22, 21,23 and 25 sending fragmented packets to LinuxHint.


NEW QUESTION # 202
Clark, a professional hacker, attempted to perform a Btlejacking attack using an automated tool, Btlejack, and hardware tool, micro:bit. This attack allowed Clark to hijack, read, and export sensitive information shared between connected devices. To perform this attack, Clark executed various btlejack commands. Which of the following commands was used by Clark to hijack the connections?

  • A. btlejack -d /dev/ttyACM0 -d /dev/ttyACM2 -s
  • B. btlejack -c any
  • C. btlejack -f 0x9c68fd30 -t -m 0x1 fffffffff
  • D. btlejack-f 0x129f3244-j

Answer: C


NEW QUESTION # 203
DNS cache snooping is a process of determining if the specified resource address is present in the DNS cache records. It may be useful during the examination of the network to determine what software update resources are used, thus discovering what software is installed.
What command is used to determine if the entry is present in DNS cache?

  • A. nslookup -norecursive update.antivirus.com
  • B. dns --snoop update.antivirus.com
  • C. nslookup -fullrecursive update.antivirus.com
  • D. dnsnooping -rt update.antivirus.com

Answer: A


NEW QUESTION # 204
Windows LAN Manager (LM) hashes are known to be weak.
Which of the following are known weaknesses of LM? (Choose three.)

  • A. Makes use of only 32-bit encryption.
  • B. Effective length is 7 characters.
  • C. Hashes are sent in clear text over the network.
  • D. Converts passwords to uppercase.

Answer: B,C,D


NEW QUESTION # 205
Which of the following algorithms can be used to guarantee the integrity of messages being sent, in transit, or stored?

  • A. hashing algorithms
  • B. symmetric algorithms
  • C. integrity algorithms
  • D. asymmetric algorithms

Answer: A


NEW QUESTION # 206
Gerard, a disgruntled ex-employee of Sunglass IT Solutions, targets this organization to perform sophisticated attacks and bring down its reputation in the market. To launch the attacks process, he performed DNS footprinting to gather information about ONS servers and to identify the hosts connected in the target network.
He used an automated tool that can retrieve information about DNS zone data including DNS domain names, computer names. IP addresses. DNS records, and network Who is records. He further exploited this information to launch other sophisticated attacks. What is the tool employed by Gerard in the above scenario?

  • A. zANTI
  • B. Bluto
  • C. Towelroot
  • D. Knative

Answer: B


NEW QUESTION # 207
You have gained physical access to a Windows 2008 R2 server which has an accessible disc drive. When you attempt to boot the server and log in, you are unable to guess the password. In your toolkit, you have an Ubuntu 9.10 Linux LiveCD. Which Linux-based tool can change any user's password or activate disabled Windows accounts?

  • A. CHNTPW
  • B. Cain & Abel
  • C. John the Ripper
  • D. SET

Answer: A


NEW QUESTION # 208
What would be the fastest way to perform content enumeration on a given web server by using the Gobuster tool?

  • A. Skipping SSL certificate verification
  • B. Performing content enumeration using a wordlist
  • C. Performing content enumeration using the bruteforce mode and random file extensions
  • D. Performing content enumeration using the bruteforce mode and 10 threads

Answer: B


NEW QUESTION # 209
In an attempt to increase the security of your network, you implement a solution that will help keep your wireless network undiscoverable and accessible only to those that know it.
How do you accomplish this?

  • A. Remove all passwords
  • B. Disable SSID broadcasting
  • C. Delete the wireless network
  • D. Lock all users

Answer: B


NEW QUESTION # 210
Josh has finished scanning a network and has discovered multiple vulnerable services. He knows that several of these usually have protections against external sources but are frequently susceptible to internal users. He decides to draft an email, spoof the sender as the internal IT team, and attach a malicious file disguised as a financial spreadsheet. Before Josh sends the email, he decides to investigate other methods of getting the file onto the system. For this particular attempt, what was the last stage of the cyber kill chain that Josh performed?

  • A. Reconnaissance
  • B. Delivery
  • C. Exploitation
  • D. Weaponization

Answer: A


NEW QUESTION # 211
Garry is a network administrator in an organization. He uses SNMP to manage networked devices from a remote location. To manage nodes in the network, he uses MIB. which contains formal descriptions of all network objects managed by SNMP. He accesses the contents of MIB by using a web browser either by entering the IP address and Lseries.mlb or by entering the DNS library name and Lseries.mlb. He is currently retrieving information from an MIB that contains object types for workstations and server services. Which of the following types of MIB is accessed by Garry in the above scenario?

  • A. DHCP.MIS
  • B. WINS.MIB
  • C. MIB_II.MIB
  • D. LNMIB2.MIB

Answer: D

Explanation:
Explanation
DHCP.MIB: Monitors network traffic between DHCP servers and remote hosts HOSTMIB.MIB: Monitors and manages host resources LNMIB2.MIB: Contains object types for workstation and server services MIBJI.MIB: Manages TCP/IP-based Internet using a simple architecture and system WINS.MIB: For the Windows Internet Name Service (WINS)


NEW QUESTION # 212
During the enumeration phase. Lawrence performs banner grabbing to obtain information such as OS details and versions of services running. The service that he enumerated runs directly on TCP port 445.
Which of the following services is enumerated by Lawrence in this scenario?

  • A. Remote procedure call (RPC)
  • B. Telnet
  • C. Server Message Block (SMB)
  • D. Network File System (NFS)

Answer: C

Explanation:
Worker Message Block (SMB) is an organization document sharing and information texture convention. SMB is utilized by billions of gadgets in a different arrangement of working frameworks, including Windows, MacOS, iOS , Linux, and Android. Customers use SMB to get to information on workers. This permits sharing of records, unified information the board, and brought down capacity limit needs for cell phones. Workers additionally use SMB as a feature of the Software-characterized Data Center for outstanding burdens like grouping and replication.
Since SMB is a far off record framework, it requires security from assaults where a Windows PC may be fooled into reaching a pernicious worker running inside a confided in organization or to a far off worker outside the organization edge. Firewall best practices and arrangements can upgrade security keeping malevolent traffic from leaving the PC or its organization.
For Windows customers and workers that don't have SMB shares, you can obstruct all inbound SMB traffic utilizing the Windows Defender Firewall to keep far off associations from malignant or bargained gadgets. In the Windows Defender Firewall, this incorporates the accompanying inbound principles.

You should also create a new blocking rule to override any other inbound firewall rules. Use the following suggested settings for any Windows clients or servers that do not host SMB Shares:
Name: Block all inbound SMB 445
Description: Blocks all inbound SMB TCP 445 traffic. Not to be applied to domain controllers or computers that host SMB shares.
Action: Block the connection
Programs: All
Remote Computers: Any
Protocol Type: TCP
Local Port: 445
Remote Port: Any
Profiles: All
Scope (Local IP Address): Any
Scope (Remote IP Address): Any
Edge Traversal: Block edge traversal
You must not globally block inbound SMB traffic to domain controllers or file servers. However, you can restrict access to them from trusted IP ranges and devices to lower their attack surface. They should also be restricted to Domain or Private firewall profiles and not allow Guest/Public traffic.


NEW QUESTION # 213
An attacker runs netcat tool to transfer a secret file between two hosts.

He is worried about information being sniffed on the network.
How would the attacker use netcat to encrypt the information before transmitting onto the wire?

  • A. Use cryptcat instead of netcat
  • B. Machine A: netcat -l -p -s password 1234 < testfileMachine B: netcat <machine A IP> 1234
  • C. Machine A: netcat -l -e magickey -p 1234 < testfileMachine B: netcat <machine A IP> 1234
  • D. Machine A: netcat -l -p 1234 < testfile -pw passwordMachine B: netcat <machine A IP> 1234 -pw password

Answer: A


NEW QUESTION # 214
Based on the below log, which of the following sentences are true?
Mar 1, 2016, 7:33:28 AM 10.240.250.23 - 54373 10.249.253.15 - 22 tcp_ip

  • A. Application is SSH and 10.240.250.23 is the client and 10.249.253.15 is the server.
  • B. Application is FTP and 10.240.250.23 is the client and 10.249.253.15 is the server.
  • C. Application is SSH and 10.240.250.23 is the server and 10.249.253.15 is the client.
  • D. SSH communications are encrypted; it's impossible to know who is the client or the server.

Answer: A


NEW QUESTION # 215
is a set of extensions to DNS that provide the origin authentication of DNS data to DNS clients (resolvers) so as to reduce the threat of DNS poisoning, spoofing, and similar types of attacks.

  • A. Zone transfer
  • B. DNSSEC
  • C. Resource transfer
  • D. Resource records

Answer: B


NEW QUESTION # 216
Which is the first step followed by Vulnerability Scanners for scanning a network?

  • A. TCP/UDP Port scanning
  • B. OS Detection
  • C. Firewall detection
  • D. Checking if the remote host is alive

Answer: D


NEW QUESTION # 217
......


Exam Overview

EC-Council 312-50v11 is a 4-hour test with 125 questions. The exam is made up of mainly multiple-choice questions, and you must gain the passing score (70%) to qualify for the associated certification. To gain competence in answering the questions, it is recommended to sign up for the official courseware to adequately prepare for the test.


The CEH v11 certification exam covers a wide range of topics related to ethical hacking, including network scanning, enumeration, footprinting and reconnaissance, system hacking, web application hacking, and wireless network hacking. 312-50v11 exam also covers the latest tools and technologies used in ethical hacking, such as Metasploit, Nmap, and Wireshark, and requires candidates to demonstrate their ability to use these tools effectively.

 

The Ultimate EC-COUNCIL 312-50v11 Dumps PDF Review: https://www.fast2test.com/312-50v11-premium-file.html

Updated Verified 312-50v11 Downloadable Printable Exam Dumps: https://drive.google.com/open?id=1WowfKAPZQK8cin4KpMjKapsseYzFmTTK

Contact Us

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Our Working Time: ( GMT 0:00-15:00 ) From Monday to Saturday

Support: Contact now 

日本語 Deutsch 繁体中文 한국어