Unique Top-selling 312-50v11 Exams - New 2022 EC-COUNCIL Pratice Exam [Q202-Q221]

Unique Top-selling 312-50v11 Exams - New 2022 EC-COUNCIL Pratice Exam

CEH v11 Dumps 312-50v11 Exam for Full Questions - Exam Study Guide

Prerequisites

The potential candidates for this certification test must complete the eligibility requirements before taking it. They must take the official CEH training course before they can attempt the exam. Alternatively, the interested individuals with at least two years of work experience in the domain of information security can complete an eligibility form with proof of their expertise. They are required to submit this form and pay the eligibility application fee of $100 before they can be allowed to register for the test.

The EC-Council CEH exam is also known as 312-50v11. This test helps the individuals to prepare for ethical hacking services. So, if you plan to pursue your career within the computer security field, then this is a must-do exam for you. It will lead you to get a great certification named the EC-Council Certified Ethical Hacker.

 

NEW QUESTION 202
Attempting an injection attack on a web server based on responses to True/False Question:s is called which of the following?

• A. Compound SQLi
• B. Blind SQLi
• C. Classic SQLi
• D. DMS-specific SQLi

Answer: B

 

NEW QUESTION 203
Jack, a professional hacker, targets an organization and performs vulnerability scanning on the target web server to identify any possible weaknesses, vulnerabilities, and misconfigurations. In this process, Jack uses an automated tool that eases his work and performs vulnerability scanning to find hosts, services, and other vulnerabilities in the target server. Which of the following tools is used by Jack to perform vulnerability scanning?

• A. Infoga
• B. NCollector Studio
• C. Netsparker
• D. WebCopier Pro

Answer: C

 

NEW QUESTION 204
ViruXine.W32 virus hides their presence by changing the underlying executable code.
This Virus code mutates while keeping the original algorithm intact, the code changes itself each time it runs, but the function of the code (its semantics) will not change at all.

Here is a section of the Virus code:

What is this technique called?

• A. Metamorphic Virus
• B. Dravidic Virus
• C. Polymorphic Virus
• D. Stealth Virus

Answer: C

 

NEW QUESTION 205
You have retrieved the raw hash values from a Windows 2000 Domain Controller. Using social engineering, you come to know that they are enforcing strong passwords. You understand that all users are required to use passwords that are at least 8 characters in length. All passwords must also use 3 of the 4 following categories:
lower case letters, capital letters, numbers and special characters. With your existing knowledge of users, likely user account names and the possibility that they will choose the easiest passwords possible, what would be the fastest type of password cracking attack you can run against these hash values and still get results?

• A. Hybrid Attack
• B. Dictionary Attack
• C. Brute Force Attack
• D. Online Attack

Answer: A

 

NEW QUESTION 206
Emily, an extrovert obsessed with social media, posts a large amount of private information, photographs, and location tags of recently visited places. Realizing this, James, a professional hacker, targets Emily and her acquaintances, conducts a location search to detect their geolocation by using an automated tool, and gathers information to perform other sophisticated attacks.
What is the tool employed by James in the above scenario?

• A. VisualRoute
• B. HULK
• C. Hootsuite
• D. ophcrack

Answer: C

 

NEW QUESTION 207
ViruXine.W32 virus hides their presence by changing the underlying executable code.
This Virus code mutates while keeping the original algorithm intact, the code changes itself each time it runs, but the function of the code (its semantics) will not change at all.

Here is a section of the Virus code:

What is this technique called?

• A. Metamorphic Virus
• B. Dravidic Virus
• C. Polymorphic Virus
• D. Stealth Virus

Answer: C

 

NEW QUESTION 208
Joel, a professional hacker, targeted a company and identified the types of websites frequently visited by its employees. Using this information, he searched for possible loopholes in these websites and injected a malicious script that can redirect users from the web page and download malware onto a victim's machine. Joel waits for the victim to access the infected web application so as to compromise the victim's machine. Which of the following techniques is used by Joel in the above scenario?

• A. DNS rebinding attack
• B. Clickjacking attack
• C. Watering hole attack
• D. MarioNet attack

Answer: B

 

NEW QUESTION 209
Robin, an attacker, is attempting to bypass the firewalls of an organization through the DNS tunneling method in order to exfiltrate data. He is using the NSTX tool for bypassing the firewalls. On which of the following ports should Robin run the NSTX tool?

• A. Port 50
• B. Port 23
• C. Port 53
• D. Port 80

Answer: C

Explanation:
Explanation
DNS uses Ports 53 which is almost always open on systems, firewalls, and clients to transmit DNS queries.
instead of the more familiar Transmission Control Protocol (TCP) these queries use User Datagram Protocol (UDP) due to its low-latency, bandwidth and resource usage compared TCP-equivalent queries. UDP has no error or flow-control capabilities, nor does it have any integrity checking to make sure the info arrived intact.How is internet use (browsing, apps, chat etc) so reliable then? If the UDP DNS query fails (it's a best-effort protocol after all) within the first instance, most systems will retry variety of times and only after multiple failures, potentially switch to TCP before trying again; TCP is additionally used if the DNS query exceeds the restrictions of the UDP datagram size - typically 512 bytes for DNS but can depend upon system settings.Figure 1 below illustrates the essential process of how DNS operates: the client sends a question string (for example, mail.google[.]com during this case) with a particular type - typically A for a number address.
I've skipped the part whereby intermediate DNS systems may need to establish where '.com' exists, before checking out where 'google[.]com' are often found, and so on.

Many worms and scanners are created to seek out and exploit systems running telnet. Given these facts, it's really no surprise that telnet is usually seen on the highest Ten Target Ports list. Several of the vulnerabilities of telnet are fixed. They require only an upgrade to the foremost current version of the telnet Daemon or OS upgrade. As is usually the case, this upgrade has not been performed on variety of devices. this might flow from to the very fact that a lot of systems administrators and users don't fully understand the risks involved using telnet. Unfortunately, the sole solution for a few of telnets vulnerabilities is to completely discontinue its use. the well-liked method of mitigating all of telnets vulnerabilities is replacing it with alternate protocols like ssh. Ssh is capable of providing many of an equivalent functions as telnet and a number of other additional services typical handled by other protocols like FTP and Xwindows. Ssh does still have several drawbacks to beat before it can completely replace telnet. it's typically only supported on newer equipment. It requires processor and memory resources to perform the info encryption and decryption. It also requires greater bandwidth than telnet thanks to the encryption of the info . This paper was written to assist clarify how dangerous the utilization of telnet are often and to supply solutions to alleviate the main known threats so as to enhance the general security of the web Once a reputation is resolved to an IP caching also helps: the resolved name-to-IP is usually cached on the local system (and possibly on intermediate DNS servers) for a period of your time . Subsequent queries for an equivalent name from an equivalent client then don't leave the local system until said cache expires. Of course, once the IP address of the remote service is understood , applications can use that information to enable other TCP-based protocols, like HTTP, to try to to their actual work, for instance ensuring internet cat GIFs are often reliably shared together with your colleagues.So, beat all, a couple of dozen extra UDP DNS queries from an organization's network would be fairly inconspicuous and will leave a malicious payload to beacon bent an adversary; commands could even be received to the requesting application for processing with little difficulty.

 

NEW QUESTION 210
How is the public key distributed in an orderly, controlled fashion so that the users can be sure of the sender's identity?

• A. Private key
• B. Digital certificate
• C. Digital signature
• D. Hash value

Answer: B

 

NEW QUESTION 211
What does a firewall check to prevent particular ports and applications from getting packets into an organization?

• A. Presentation layer headers and the session layer port numbers
• B. Network layer headers and the session layer port numbers
• C. Application layer port numbers and the transport layer headers
• D. Transport layer port numbers and application layer headers

Answer: D

 

NEW QUESTION 212
Bill is a network administrator. He wants to eliminate unencrypted traffic inside his company's network. He decides to setup a SPAN port and capture all traffic to the datacenter. He immediately discovers unencrypted traffic in port UDP 161. what protocol is this port using and how can he secure that traffic?

• A. RPC and the best practice is to disable RPC completely
• B. SNMP and he should change it to SNMP V3
• C. SNMP and he should change it to SNMP v2, which is encrypted
• D. it is not necessary to perform any actions, as SNMP is not carrying important information.

Answer: B

Explanation:
We have various articles already in our documentation for setting up SNMPv2 trap handling in Opsview, but SNMPv3 traps are a whole new ballgame. They can be quite confusing and complicated to set up the first time you go through the process, but when you understand what is going on, everything should make more sense.
SNMP has gone through several revisions to improve performance and security (version 1, 2c and 3). By default, it is a UDP port based protocol where communication is based on a 'fire and forget' methodology in which network packets are sent to another device, but there is no check for receipt of that packet (versus TCP port when a network packet must be acknowledged by the other end of the communication link).
There are two modes of operation with SNMP - get requests (or polling) where one device requests information from an SNMP enabled device on a regular basis (normally using UDP port 161), and traps where the SNMP enabled device sends a message to another device when an event occurs (normally using UDP port 162). The latter includes instances such as someone logging on, the device powering up or down, or a wide variety of other problems that would need this type of investigation.
This blog covers SNMPv3 traps, as polling and version 2c traps are covered elsewhere in our documentation.
SNMP traps
Since SNMP is primarily a UDP port based system, traps may be 'lost' when sending between devices; the sending device does not wait to see if the receiver got the trap. This means if the configuration on the sending device is wrong (using the wrong receiver IP address or port) or the receiver isn't listening for traps or rejecting them out of hand due to misconfiguration, the sender will never know.
The SNMP v2c specification introduced the idea of splitting traps into two types; the original 'hope it gets there' trap and the newer 'INFORM' traps. Upon receipt of an INFORM, the receiver must send an acknowledgement back. If the sender doesn't get the acknowledgement back, then it knows there is an existing problem and can log it for sysadmins to find when they interrogate the device.

 

NEW QUESTION 213
Steve, an attacker, created a fake profile on a social media website and sent a request to Stella. Stella was enthralled by Steve's profile picture and the description given for his profile, and she initiated a conversation with him soon after accepting the request. After a few days, Steve started asking about her company details and eventually gathered all the essential information regarding her company.
What is the social engineering technique Steve employed in the above scenario?

• A. Piggybacking
• B. Baiting
• C. Honey trap
• D. Diversion theft

Answer: B

 

NEW QUESTION 214
Which system consists of a publicly available set of databases that contain domain name registration contact information?

• A. CAPTCHA
• B. IANA
• C. IETF
• D. WHOIS

Answer: D

 

NEW QUESTION 215
Harper, a software engineer, is developing an email application. To ensure the confidentiality of email messages. Harper uses a symmetric-key block cipher having a classical 12- or 16-round Feistel network with a block size of 64 bits for encryption, which includes large 8 x 32-bit S-boxes (S1, S2, S3, S4) based on bent functions, modular addition and subtraction, key-dependent rotation, and XOR operations. This cipher also uses a masking key(Km1)and a rotation key (Kr1) for performing its functions. What is the algorithm employed by Harper to secure the email messages?

• A. AES
• B. DES
• C. GOST block cipher
• D. CAST-128

Answer: D

 

NEW QUESTION 216
Abel, a cloud architect, uses container technology to deploy applications/software including all its dependencies, such as libraries and configuration files, binaries, and other resources that run independently from other processes in the cloud environment. For the containerization of applications, he follows the five-tier container technology architecture. Currently, Abel is verifying and validating image contents, signing images, and sending them to the registries.
Which of the following tiers of the container technology architecture is Abel currently working in?

• A. Tier-3: Registries
• B. Tier-4: Orchestrators
• C. Tier-2: Testing and accreditation systems
• D. Tier-1: Developer machines

Answer: C

 

NEW QUESTION 217
You are a penetration tester and are about to perform a scan on a specific server. The agreement that you signed with the client contains the following specific condition for the scan: "The attacker must scan every port on the server several times using a set of spoofed sources IP addresses. " Suppose that you are using Nmap to perform this scan. What flag will you use to satisfy this requirement?

• A. The -g flag
• B. The -A flag
• C. The -f flag
• D. The -D flag

Answer: A

Explanation:
flags -source-port and -g are equivalent and instruct nmap to send packets through a selected port. this option is used to try to cheat firewalls whitelisting traffic from specific ports. the following example can scan the target from the port twenty to ports eighty, 22, 21,23 and 25 sending fragmented packets to LinuxHint.

 

NEW QUESTION 218
After an audit, the auditors Inform you that there is a critical finding that you must tackle Immediately. You read the audit report, and the problem is the service running on port 389. Which service Is this and how can you tackle the problem?

• A. The service is SMTP, and you must change it to SMIME. which is an encrypted way to send emails.
• B. The service is LDAP. and you must change it to 636. which is LDPAPS.
• C. The service is NTP. and you have to change It from UDP to TCP in order to encrypt it
• D. The findings do not require immediate actions and are only suggestions.

Answer: B

Explanation:
AD is port 389 and then LDAPS is secure port

 

NEW QUESTION 219
Attacker Lauren has gained the credentials of an organization's internal server system, and she was often logging in during irregular times to monitor the network activities. The organization was skeptical about the login times and appointed security professional Robert to determine the issue. Robert analyzed the compromised device to find incident details such as the type of attack, its severity, target, impact, method of propagation, and vulnerabilities exploited.
What is the incident handling and response (IH&R) phase, in which Robert has determined these issues?

• A. Preparation
• B. Incident recording and assignment
• C. Incident triage
• D. Eradication

Answer: C

 

NEW QUESTION 220
which type of virus can change its own code and then cipher itself multiple times as it replicates?

• A. Tunneling virus
• B. Cavity virus
• C. Stealth virus
• D. Encryption virus

Answer: C

Explanation:
A stealth virus may be a sort of virus malware that contains sophisticated means of avoiding detection by antivirus software. After it manages to urge into the now-infected machine a stealth viruses hides itself by continually renaming and moving itself round the disc. Like other viruses, a stealth virus can take hold of the many parts of one's PC. When taking control of the PC and performing tasks, antivirus programs can detect it, but a stealth virus sees that coming and can rename then copy itself to a special drive or area on the disc, before the antivirus software. Once moved and renamed a stealth virus will usually replace the detected 'infected' file with a clean file that doesn't trigger anti-virus detection. It's a never-ending game of cat and mouse. The intelligent architecture of this sort of virus about guarantees it's impossible to completely rid oneself of it once infected. One would need to completely wipe the pc and rebuild it from scratch to completely eradicate the presence of a stealth virus. Using regularly-updated antivirus software can reduce risk, but, as we all know, antivirus software is additionally caught in an endless cycle of finding new threats and protecting against them.

 

NEW QUESTION 221
......

Exam Overview

EC-Council 312-50v11 is a 4-hour test with 125 questions. The exam is made up of mainly multiple-choice questions, and you must gain the passing score (70%) to qualify for the associated certification. To gain competence in answering the questions, it is recommended to sign up for the official courseware to adequately prepare for the test.

 

Best way to practice test for EC-COUNCIL 312-50v11: https://pdfpractice.actual4dumps.com/312-50v11-study-material.html