• Home
  • Articles
  • Prepare 312-50v10 Question Answers - 312-50v10 Exam Dumps [Q429-Q444]

Prepare 312-50v10 Question Answers - 312-50v10 Exam Dumps [Q429-Q444]

Share

Prepare 312-50v10 Question Answers - 312-50v10 Exam Dumps

Real EC-COUNCIL 312-50v10 Exam Questions [Updated 2022]


Module 18: IoT Hacking

This area includes the learners’ knowledge of IoT concepts; cryptography tools; IoT security tools; different IoT threats & attacks; IoT hacking.


Module 14: Hacking Web Applications

This section checks the candidates’ knowledge of web application concepts; web application threats; web application hacking techniques; web application hacking tools; web application countermeasures; web application security tools; penetration testing of the web application.

 

NEW QUESTION 429
What is correct about digital signatures?

  • A. A digital signature cannot be moved from one signed document to another because it is a plain hash of the document content.
  • B. A digital signature cannot be moved from one signed document to another because it is the hash of the original document encrypted with the private key of the signing party.
  • C. Digital signatures may be used in different documents of the same type.
  • D. Digital signatures are issued once for each user and can be used everywhere until they expire.

Answer: B

 

NEW QUESTION 430
A pentester gains access to a Windows application server and needs to determine the settings of the built-in Windows firewall. Which command would be used?

  • A. Net firewall show config
  • B. WMIC firewall show config
  • C. Netsh firewall show config
  • D. Ipconfig firewall show config

Answer: C

 

NEW QUESTION 431
Jimmy is standing outside a secure entrance to a facility. He is pretending to have a tense conversation on
his cell phone as an authorized employee badges in. Jimmy, while still on the phone, grabs the door as it
begins to close.
What just happened?

  • A. Phishing
  • B. Masquerading
  • C. Tailgating
  • D. Whaling

Answer: C

 

NEW QUESTION 432
A computer science student needs to fill some information into a secured Adobe PDF job application that was received from a prospective employer. Instead of requesting a new document that allowed the forms to be completed, the student decides to write a script that pulls passwords from a list of commonly used passwords to try against the secured PDF until the correct password is found or the list is exhausted.
Which cryptography attack is the student attempting?

  • A. Dictionary attack
  • B. Man-in-the-middle attack
  • C. Brute-force attack
  • D. Session hijacking

Answer: A

 

NEW QUESTION 433
Your company was hired by a small healthcare provider to perform a technical assessment on the network.
What is the best approach for discovering vulnerabilities on a Windows-based computer?

  • A. Check MITRE.org for the latest list of CVE findings
  • B. Create a disk image of a clean Windows installation
  • C. Use a scan tool like Nessus
  • D. Use the built-in Windows Update tool

Answer: C

Explanation:
Explanation
Nessus is an open-source network vulnerability scanner that uses the Common Vulnerabilities and Exposures architecture for easy cross-linking between compliant security tools.
The Nessus server is currently available for Unix, Linux and FreeBSD. The client is available for Unix- or Windows-based operating systems.
Note: Significant capabilities of Nessus include:
References:
http://searchnetworking.techtarget.com/definition/Nessus

 

NEW QUESTION 434
Take a look at the following attack on a Web Server using obstructed URL:

How would you protect from these attacks?

  • A. Create rules in IDS to alert on strange Unicode requests
  • B. Enable Active Scripts Detection at the firewall and routers
  • C. Configure the Web Server to deny requests involving "hex encoded" characters
  • D. Use SSL authentication on Web Servers

Answer: A

 

NEW QUESTION 435
You want to do an ICMP scan on a remote computer using hping2. What is the proper syntax?

  • A. hping2-i host.domain.com
  • B. hping2 -1 host.domain.com
  • C. hping2 -set-ICMP host.domain.com
  • D. hping2 host.domain.com

Answer: B

 

NEW QUESTION 436
The following is a sample of output from a penetration tester's machine targeting a machine with the IP address of 192.168.1.106:

What is most likely taking place?

  • A. Remote service brute force attempt
  • B. Port scan of 192.168.1.106
  • C. Denial of service attack on 192.168.1.106
  • D. Ping sweep of the 192.168.1.106 network

Answer: A

 

NEW QUESTION 437
What does the -oX flag do in an Nmap scan?

  • A. Output the results in truncated format to the screen
  • B. Perform an Xmas scan
  • C. Output the results in XML format to a file
  • D. Perform an eXpress scan

Answer: C

 

NEW QUESTION 438
What is correct about digital signatures?

  • A. A digital signature cannot be moved from one signed document to another because it is the hash of the
    original document encrypted with the private key of the signing party.
  • B. Digital signatures may be used in different documents of the same type.
  • C. A digital signature cannot be moved from one signed document to another because it is a plain hash of
    the document content.
  • D. Digital signatures are issued once for each user and can be used everywhere until they expire.

Answer: A

 

NEW QUESTION 439
You are a security officer of a company. You had an alert from IDS that indicates that one PC on your
Intranet is connected to a blacklisted IP address (C2 Server) on the Internet. The IP address was
blacklisted just before the alert. You are staring an investigation to roughly analyze the severity of the
situation. Which of the following is appropriate to analyze?

  • A. Internet Firewall/Proxy log
  • B. Event logs on domain controller
  • C. Event logs on the PC
  • D. IDS log

Answer: A

 

NEW QUESTION 440
While performing online banking using a Web browser, Kyle receives an email that contains an image of a well-crafted art. Upon clicking the image, a new tab on the web browser opens and shows an animated GIF of bills and coins being swallowed by a crocodile. After several days, Kyle noticed that all his funds on the bank was gone. What Web browser-based security vulnerability got exploited by the hacker?

  • A. Web Form Input Validation
  • B. Cross-Site Scripting
  • C. Clickjacking
  • D. Cross-Site Request Forgery

Answer: D

 

NEW QUESTION 441
In Risk Management, how is the term "likelihood" related to the concept of "threat?"

  • A. Likelihood is a possible threat-source that may exploit a vulnerability.
  • B. Likelihood is the likely source of a threat that could exploit a vulnerability.
  • C. Likelihood is the probability that a vulnerability is a threat-source.
  • D. Likelihood is the probability that a threat-source will exploit a vulnerability.

Answer: D

Explanation:
Explanation
The ability to analyze the likelihood of threats within the organization is a critical step in building an effective security program. The process of assessing threat probability should be well defined and incorporated into a broader threat analysis process to be effective.
References:
http://www.mcafee.com/campaign/securitybattleground/resources/chapter5/whitepaper-on-assessing-threat-attac

 

NEW QUESTION 442
A technician is resolving an issue where a computer is unable to connect to the Internet using a wireless access point. The computer is able to transfer files locally to other machines, but cannot successfully reach the Internet. When the technician examines the IP address and default gateway they are both on the
192.168.1.0/24. Which of the following has occurred?

  • A. The gateway is not routing to a public IP address.
  • B. The gateway and the computer are not on the same network.
  • C. The computer is using an invalid IP address.
  • D. The computer is not using a private IP address.

Answer: A

 

NEW QUESTION 443
Jimmy is standing outside a secure entrance to a facility. He is pretending to have a tense conversation on his cell phone as an authorized employee badges in. Jimmy, while still on the phone, grabs the door as it begins to close.
What just happened?

  • A. Phishing
  • B. Masquerading
  • C. Tailgating
  • D. Whaling

Answer: C

 

NEW QUESTION 444
......


Career Path, Salary, and Responsibilities

You can begin your career by earning entry-level skills that allow you to work as a system administrator, network engineer, or security administrator. Next is to master more advanced security skills in ethical hacking by taking 312-50 test and being accredited with the CEH certificate. This leads to the role of an ethical hacker or penetration tester. With time, you can attain promotion as a senior ethical hacker, penetration tester, security architect, or security consultant. The average pay for a CEH certified specialist is about $84k as a PayScale.com report puts forward. Being a specialist dealing with ethical hacking, you will help organizations to come into awareness concerning their vulnerabilities. These can be government or business organizations. Among the tasks to perform include penetrating computer systems or networks to assess, find, and rectify any existing security vulnerabilities. You will also be concerning yourself with performing application analysis, protocol analysis, reverse engineering, malware analysis as well as debugging.

 

312-50v10 Exam Dumps Pass with Updated 2022: https://www.prepawaypdf.com/EC-COUNCIL/312-50v10-practice-exam-dumps.html

Related Articles

more
EC-COUNCIL 312-50v10 Certification Practice Exam