The Newest Certifytools 312-50v10 Dumps! 100% Pass Guarantee!

https://www.certifytools.com/312-50v10-exam.html ( Q&As)

EC-Council
Exam Questions 312-50v10
Certified Ethical Hacker v10

Guaranteed success with Our exam guides visit - https://www.certifytools.com

 The Newest Certifytools 312-50v10 Dumps! 100% Pass Guarantee!
https://www.certifytools.com/312-50v10-exam.html ( Q&As)

NEW QUESTION 1
- (Exam Topic 1)
Insecure direct object reference is a type of vulnerability where the application does not verify if the user is authorized to access the internal object via its name or
key.
Suppose a malicious user Rob tries to get access to the account of a benign user Ned.
Which of the following requests best illustrates an attempt to exploit an insecure direct object reference vulnerability?

A. “GET/restricted/goldtransfer?to=Rob&from=1 or 1=1’ HTTP/1.1Host: westbank.com”

B. “GET/restricted/accounts/?name=Ned HTTP/1.1 Host: westbank.com”
C. “GET/restricted/bank.getaccount(‘Ned’) HTTP/1.1 Host: westbank.com”
D. “GET/restricted/\r\n\%00account%00Ned%00access HTTP/1.1 Host: westbank.com”

Answer: B

NEW QUESTION 2
- (Exam Topic 1)
Which one of the following Google advanced search operators allows an attacker to restrict the results to those websites in the given domain?

A. [cache:]
B. [site:]
C. [inurl:]
D. [link:]

Answer: B

NEW QUESTION 3
- (Exam Topic 2)
One advantage of an application-level firewall is the ability to

A. filter packets at the network level.

B. filter specific commands, such as http:post.
C. retain state information for each packet.
D. monitor tcp handshaking.

Answer: B

NEW QUESTION 4
- (Exam Topic 3)
If a tester is attempting to ping a target that exists but receives no response or a response that states the destination is unreachable, ICMP may be disabled and
the network may be using TCP. Which other option could the tester use to get a response from a host using TCP?

A. Hping
B. Traceroute
C. TCP ping
D. Broadcast ping

Answer: A

NEW QUESTION 5
- (Exam Topic 3)
Which NMAP feature can a tester implement or adjust while scanning for open ports to avoid detection by the network’s IDS?

A. Timing options to slow the speed that the port scan is conducted
B. Fingerprinting to identify which operating systems are running on the network
C. ICMP ping sweep to determine which hosts on the network are not available
D. Traceroute to control the path of the packets sent during the scan

Answer: A

NEW QUESTION 6
- (Exam Topic 3)
Which of the following tools would be the best choice for achieving compliance with PCI Requirement 11?

A. Truecrypt
B. Sub7
C. Nessus
D. Clamwin

Answer: C

NEW QUESTION 7
- (Exam Topic 4)
You have successfully gained access to a linux server and would like to ensure that the succeeding outgoing traffic from this server will not be caught by a Network
Based Intrusion Detection Systems (NIDS).
What is the best way to evade the NIDS?

Guaranteed success with Our exam guides visit - https://www.certifytools.com

 The Newest Certifytools 312-50v10 Dumps! 100% Pass Guarantee!
https://www.certifytools.com/312-50v10-exam.html ( Q&As)

A. Encryption
B. Protocol Isolation
C. Alternate Data Streams
D. Out of band signalling

Answer: A

Explanation:
When the NIDS encounters encrypted traffic, the only analysis it can perform is packet level analysis, since the application layer contents are inaccessible. Given
that exploits against today's networks are primarily targeted against network services (application layer entities), packet level analysis ends up doing very little to
protect our core business assets.
References:
http://www.techrepublic.com/article/avoid-these-five-common-ids-implementation-errors/

NEW QUESTION 8
- (Exam Topic 4)
The Heartbleed bug was discovered in 2014 and is widely referred to under MITRE’s Common Vulnerabilities and Exposures (CVE) as CVE-2014-0160. This bug
affects the OpenSSL implementation of the transport layer security (TLS) protocols defined in RFC6520.
What type of key does this bug leave exposed to the Internet making exploitation of any compromised system very easy?

A. Private
B. Public
C. Shared
D. Root

Answer: A

Explanation:
The data obtained by a Heartbleed attack may include unencrypted exchanges between TLS parties likely to be confidential, including any form post data in users'
requests. Moreover, the confidential data exposed could include authentication secrets such as session cookies and passwords, which might allow attackers to
impersonate a user of the service.
An attack may also reveal private keys of compromised parties. References: https://en.wikipedia.org/wiki/Heartbleed

NEW QUESTION 9
- (Exam Topic 4)
A hacker has successfully infected an internet-facing server which he will then use to send junk mail, take part in coordinated attacks, or host junk email content.
Which sort of trojan infects this server?

A. Botnet Trojan
B. Turtle Trojans
C. Banking Trojans
D. Ransomware Trojans

Answer: A

Explanation:
In computer science, a zombie is a computer connected to the Internet that has been compromised by a hacker, computer virus or trojan horse and can be used to
perform malicious tasks of one sort or another under remote direction. Botnets of zombie computers are often used to spread e-mail spam and launch denial-of-
service attacks. Most owners of zombie computers are unaware that their system is being used in this way. Because the owner tends to be unaware, these
computers are metaphorically compared to zombies. A coordinated DDoS attack by multiple botnet machines also resembles a zombie horde attack.

NEW QUESTION 10
- (Exam Topic 5)
Bob learned that his username and password for a popular game has been compromised. He contacts the company and resets all the information. The company
suggests he use two-factor authentication, which option below offers that?

A. A new username and password

B. A fingerprint scanner and his username and password.
C. Disable his username and use just a fingerprint scanner.
D. His username and a stronger password.

Answer: B

NEW QUESTION 11
- (Exam Topic 5)
What is the role of test automation in security testing?

A. It can accelerate benchmark tests and repeat them with a consistent test setu
B. But it cannot replace manual testing completely.
C. It is an option but it tends to be very expensive.
D. It should be used exclusivel
E. Manual testing is outdated because of low speed and possible test setup inconsistencies.
F. Test automation is not usable in security due to the complexity of the tests.

Answer: A

NEW QUESTION 12
- (Exam Topic 6)

Guaranteed success with Our exam guides visit - https://www.certifytools.com

 The Newest Certifytools 312-50v10 Dumps! 100% Pass Guarantee!
https://www.certifytools.com/312-50v10-exam.html ( Q&As)

In order to prevent particular ports and applications from getting packets into an organization, what does a firewall check?

A. Network layer headers and the session layer port numbers

B. Presentation layer headers and the session layer port numbers
C. Application layer port numbers and the transport layer headers
D. Transport layer port numbers and application layer headers

Answer: D

NEW QUESTION 13
- (Exam Topic 6)
Which type of cryptography does SSL, IKE and PGP belongs to?

A. Secret Key
B. Hash Algorithm
C. Digest
D. Public Key

Answer: D

NEW QUESTION 14
- (Exam Topic 6)
Which of the following is the BEST approach to prevent Cross-site Scripting (XSS) flaws?

A. Use digital certificates to authenticate a server prior to sending data.

B. Verify access right before allowing access to protected information and UI controls.
C. Verify access right before allowing access to protected information and UI controls.
D. Validate and escape all information sent to a server.

Answer: D

NEW QUESTION 15
- (Exam Topic 6)
Sandra is the security administrator of XYZ.com. One day she notices that the XYZ.com Oracle database server has been compromised and customer information
along with financial data has been stolen. The financial loss will be estimated in millions of dollars if the database gets into the hands of competitors. Sandra wants
to report this crime to the law enforcement agencies immediately. Which organization coordinates computer crime investigations throughout the United States?

A. NDCA
B. NICP
C. CIRP
D. NPC
E. CIA

Answer: D

NEW QUESTION 16
- (Exam Topic 6)
While doing a Black box pen test via the TCP port (80), you noticed that the traffic gets blocked when you tried to pass IRC traffic from a web enabled host.
However, you also noticed that outbound HTTP traffic is being allowed. What type of firewall is being utilized for the outbound traffic?

A. Stateful
B. Application
C. Circuit
D. Packet Filtering

Answer: B

NEW QUESTION 17
- (Exam Topic 7)
What is GINA?

A. Gateway Interface Network Application

B. GUI Installed Network Application CLASS
C. Global Internet National Authority (G-USA)
D. Graphical Identification and Authentication DLL

Answer: D

NEW QUESTION 18
- (Exam Topic 7)
Under what conditions does a secondary name server request a zone transfer from a primary name server?

A. When a primary SOA is higher that a secondary SOA

B. When a secondary SOA is higher that a primary SOA
C. When a primary name server has had its service restarted
D. When a secondary name server has had its service restarted
E. When the TTL falls to zero

Guaranteed success with Our exam guides visit - https://www.certifytools.com

 The Newest Certifytools 312-50v10 Dumps! 100% Pass Guarantee!
https://www.certifytools.com/312-50v10-exam.html ( Q&As)

Answer: A

NEW QUESTION 19
- (Exam Topic 7)
Let's imagine three companies (A, B and C), all competing in a challenging global environment. Company A and B are working together in developing a product
that will generate a major competitive advantage for them. Company A has a secure DNS server while company B has a DNS server vulnerable to spoofing. With
a spoofing attack on the DNS server of company B, company C gains access to outgoing e-mails from company B. How do you prevent DNS spoofing?

A. Install DNS logger and track vulnerable packets

B. Disable DNS timeouts
C. Install DNS Anti-spoofing
D. Disable DNS Zone Transfer

Answer: C

NEW QUESTION 20
- (Exam Topic 7)

Identify the correct terminology that defines the above statement.

A. Vulnerability Scanning
B. Penetration Testing
C. Security Policy Implementation
D. Designing Network Security

Answer: B

NEW QUESTION 21
......

Guaranteed success with Our exam guides visit - https://www.certifytools.com

 The Newest Certifytools 312-50v10 Dumps! 100% Pass Guarantee!
https://www.certifytools.com/312-50v10-exam.html ( Q&As)

Thank You for Trying Our Product

We offer two products:

1st - We have Practice Tests Software with Actual Exam Questions

2nd - Questons and Answers in PDF Format

312-50v10 Practice Exam Features:

* 312-50v10 Questions and Answers Updated Frequently

* 312-50v10 Practice Questions Verified by Expert Senior Certified Staff

* 312-50v10 Most Realistic Questions that Guarantee you a Pass on Your First Try

* 312-50v10 Practice Test Questions in Multiple Choice Formats and Updates for 1 Year

100% Actual & Verified — Instant Download, Please Click

Order The 312-50v10 Practice Test Here

Guaranteed success with Our exam guides visit - https://www.certifytools.com

Powered by TCPDF (www.tcpdf.org)