• Home
  • Articles
  • [Aug 06, 2022] Fully Updated Free Actual EC-COUNCIL 312-50v10 Exam Questions [Q411-Q431]

[Aug 06, 2022] Fully Updated Free Actual EC-COUNCIL 312-50v10 Exam Questions [Q411-Q431]

Share

[Aug 06, 2022] Fully Updated Free Actual EC-COUNCIL 312-50v10 Exam Questions

Free 312-50v10 Questions for EC-COUNCIL 312-50v10 Exam [Aug-2022]


Module 8: Sniffing

Within this topic area, the test takers should have a good grasp of sniffing concepts; MAC attacks; DHCP attacks; ARP Poisoning; MAC Spoofing attacks; DNS poisoning; sniffing tools; sniffing countermeasures; various methods to identify sniffing; sniffing Pen Testing.

 

NEW QUESTION 411
A well-intentioned researcher discovers a vulnerability on the web site of a major corporation. What should he do?

  • A. Exploit the vulnerability without harming the web site owner so that attention be drawn to the problem.
  • B. Ignore it.
  • C. Notify the web site owner so that corrective action be taken as soon as possible to patch the vulnerability.
  • D. Try to sell the information to a well-paying party on the dark web.

Answer: C

 

NEW QUESTION 412
Firewalk has just completed the second phase (the scanning phase) and a technician receives the output shown below. What conclusions can be drown based on these scan results?
TCP port 21 - no response
TCP port 22 - no response
TCP port 23 - Time-to-live exceeded

  • A. The scan on port 23 passed through the filtering device. This indicates that port 23 was not blocked at the firewall
  • B. The lack of response from ports 21 and 22 indicate that those services are not running on the destination server
  • C. The scan on port 23 was able to make a connection to the destination host prompting the firewall to respond with a TTL error
  • D. The firewall itself is blocking ports 21 through 23 and a service is listening on port 23 of the target host

Answer: A

 

NEW QUESTION 413
Session splicing is an IDS evasion technique in which an attacker delivers data in multiple, smallsized packets to the target computer, making it very difficult for an IDS to detect the attack signatures.
Which tool can be used to perform session splicing attacks?

  • A. Burp
  • B. tcpsplice
  • C. Whisker
  • D. Hydra

Answer: C

Explanation:
One basic technique is to split the attack payload into multiple small packets, so that the IDS must reassemble the packet stream to detect the attack. A simple way of splitting packets is by fragmenting them, but an adversary can also simply craft packets with small payloads. The 'whisker' evasion tool calls crafting packets with small payloads 'session splicing'.
References:
https://en.wikipedia.org/wiki/Intrusion_detection_system_evasion_techniques#Fragmentati on_and_small_packets

 

NEW QUESTION 414
What is the known plaintext attack used against DES which gives the result that encrypting plaintext with one DES key followed by encrypting it with a second DES key is no more secure than using a single key?

  • A. Traffic analysis attack
  • B. Man-in-the-middle attack
  • C. Replay attack
  • D. Meet-in-the-middle attack

Answer: D

Explanation:
Explanation/Reference:

 

NEW QUESTION 415
PGP, SSL, and IKE are all examples of which type of cryptography?

  • A. Secret Key
  • B. Public Key
  • C. Digest
  • D. Hash Algorithm

Answer: B

Explanation:
Explanation
Public-key algorithms are fundamental security ingredients in cryptosystems, applications and protocols. They underpin various Internet standards, such as Secure Sockets Layer (SSL),Transport Layer Security (TLS), S/MIME, PGP, Internet Key Exchange (IKE or IKEv2), and GPG.
References: https://en.wikipedia.org/wiki/Public-key_cryptography

 

NEW QUESTION 416
Which tool allows analysts and pen testers to examine links between data using graphs and link analysis?

  • A. Metasploit
  • B. Cain & Abel
  • C. Wireshark
  • D. Maltego

Answer: D

Explanation:
Explanation
Maltego is proprietary software used for open-source intelligence and forensics, developed by Paterva.
Maltego focuses on providing a library of transforms for discovery of data from open sources, and visualizing that information in a graph format, suitable for link analysis and data mining.
References: https://en.wikipedia.org/wiki/Maltego

 

NEW QUESTION 417
Which of the following is a preventive control?

  • A. Smart card authentication
  • B. Audit trail
  • C. Continuity of operations plan
  • D. Security policy

Answer: A

 

NEW QUESTION 418
Backing up data is a security must. However, it also has certain level of risks when mishandled. Which of the following is the greatest threat posed by backups?

  • A. A backup is unavailable during disaster recovery
  • B. A backup is the source of Malware or illicit information
  • C. An unencrypted backup can be misplaced or stolen
  • D. A backup is incomplete because no verification was performed

Answer: C

 

NEW QUESTION 419
During a recent security assessment, you discover the organization has one Domain Name Server (DNS) in a Demilitarized Zone (DMZ) and a second DNS server on the internal network.
What is this type of DNS configuration commonly called?

  • A. DNS Scheme
  • B. DynDNS
  • C. DNSSEC
  • D. Split DNS

Answer: D

 

NEW QUESTION 420
In cryptanalysis and computer security, 'pass the hash' is a hacking technique that allows an attacker to authenticate to a remote server/service by using the underlying NTLM and/or LanMan hash of a user's password, instead of requiring the associated plaintext password as is normally the case.
Metasploit Framework has a module for this technique: psexec. The psexec module is often used by penetration testers to obtain access to a given system that you already know the credentials for. It was written by sysinternals and has been integrated within the framework. Often as penetration testers, successfully gain access to a system through some exploit, use meterpreter to grab the passwords or other methods like fgdump, pwdump, or cachedump and then utilize rainbowtables to crack those hash values.
Which of the following is true hash type and sort order that is using in the psexec module's 'smbpass'?

  • A. LM:NTLM
  • B. NT:LM
  • C. LM:NT
  • D. NTLM:LM

Answer: C

 

NEW QUESTION 421
If you want only to scan fewer ports than the default scan using Nmap tool, which option would you use?

  • A. -P
  • B. -sP
  • C. -r
  • D. -F

Answer: D

 

NEW QUESTION 422
The chance of a hard drive failure is known to be once every four years. The cost of a new hard drive is $500.
EF (Exposure Factor) is about 0.5. Calculate for the Annualized Loss Expectancy (ALE).

  • A. $62.5
  • B. $65.2
  • C. $125
  • D. $250

Answer: A

 

NEW QUESTION 423
In many states sending spam is illegal. Thus, the spammers have techniques to try and ensure that no one
knows they sent the spam out to thousands of users at a time. Which of the following best describes what
spammers use to hide the origin of these types of e-mails?

  • A. A blacklist of companies that have their mail server relays configured to allow traffic only to their
    specific domain name.
  • B. Tools that will reconfigure a mail server's relay component to send the e-mail back to the spammers
    occasionally.
  • C. A blacklist of companies that have their mail server relays configured to be wide open.
  • D. Mail relaying, which is a technique of bouncing e-mail from internal to external mails servers
    continuously.

Answer: D

 

NEW QUESTION 424
Eve is spending her day scanning the library computers. She notices that Alice is using a computer whose port
445 is active and listening. Eve uses the ENUM tool to enumerate Alice machine. From the command prompt, she types the following command.

What is Eve trying to do?

  • A. Eve is trying to enumerate all users with Administrative privileges
  • B. Eve is trying to escalate privilege of the null user to that of Administrator
  • C. Eve is trying to carry out a password crack for user Administrator
  • D. Eve is trying to connect as a user with Administrator privileges

Answer: C

 

NEW QUESTION 425
It has been reported to you that someone has caused an information spillage on their computer. You go to the computer, disconnect it from the network, remove the keyboard and mouse, and power it down. What step in incident handling did you just complete?

  • A. Eradication
  • B. Recovery
  • C. Containment
  • D. Discovery

Answer: C

 

NEW QUESTION 426
In which of the following password protection technique, random strings of characters are added to the password before calculating their hashes?

  • A. Double Hashing
  • B. Salting
  • C. Key Stretching
  • D. Keyed Hashing

Answer: B

 

NEW QUESTION 427
Risks=Threats x Vulnerabilities is referred to as the:

  • A. Disaster recovery formula
  • B. Risk equation
  • C. BIA equation
  • D. Threat assessment

Answer: B

 

NEW QUESTION 428
You are performing a penetration test. You achieved access via a buffer overflow exploit and you proceed to find interesting data, such as files with usernames and passwords. You find a hidden folder that has the administrator's bank account password and login information for the administrator's bitcoin account. What should you do?

  • A. Do not report it and continue the penetration test.
  • B. Report immediately to the administrator.
  • C. Transfer money from the administrator's account to another account.
  • D. Do not transfer the money but steal the bitcoins.

Answer: B

 

NEW QUESTION 429
Take a look at the following attack on a Web Server using obstructed URL:

How would you protect from these attacks?

  • A. Use SSL authentication on Web Servers
  • B. Configure the Web Server to deny requests involving "hex encoded" characters
  • C. Enable Active Scripts Detection at the firewall and routers
  • D. Create rules in IDS to alert on strange Unicode requests

Answer: D

 

NEW QUESTION 430
Analyst is investigating proxy logs and found out that one of the internal user visited website storing suspicious java scripts. After opening one of them, he noticed that it is very hard to understand the code and that all codes differ from the typical java script. What is the name of this technique to hide the code and extend analysis time?

  • A. Obfuscation
  • B. Steganography
  • C. Encryption
  • D. Code encoding

Answer: A

 

NEW QUESTION 431
......

Validate your 312-50v10 Exam Preparation with 312-50v10 Practice Test: https://dumpscertify.torrentexam.com/312-50v10-exam-latest-torrent.html

Related Articles

more
EC-COUNCIL 312-50v10 Certification Practice Exam

Our Excellent Exam Files are designed to boost your personal ability in your industry. Our Training Pdf 100% money back guarantee if you fail the exam. Our Test Material only need to spend 20-30 hours to study can help you pass the exam easily.

Latest Exams Dumps

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2026 TorrentExam NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy