Customers Passed Eccouncil 312-50v11 Exam
Average Score In Real 312-50v11 Exam
Questions came from our 312-50v11 dumps.
At Certs4Future, we provide you with the highest-quality 312-50v11 dumps to ensure you are fully prepared for the certification exam. Here’s why our exam materials stand out:
Authentic Exam Dumps: Our 312-50v11 exam dumps contain real, exam-specific questions and answers that you are likely to face on your exam.
Guaranteed Success: We are so confident in the quality of our materials that we offer a 100% pass guarantee. If you don’t pass the 312-50v11 exam, we’ll provide a refund or free updated dumps.
Up-to-Date Content: Our 312-50v11 dumps are continuously updated to reflect the latest exam changes and trends.
Detailed Explanations: Every question comes with an explanation to help you understand the reasoning behind the correct answers.
Download the Dumps: After purchasing, you will receive instant access to download the 312-50v11 exam dumps. You can study from any device, anywhere, anytime.
Start Practicing: Go through the practice questions and simulate the real exam environment. Track your progress and focus on areas that need improvement.
Take the Exam: After thorough preparation, take your 312-50v11 exam with confidence, knowing that you’ve used the best possible resources.
Pass and Succeed: With our authentic 312-50v11 dumps, you are guaranteed to pass the exam and earn your certification. If not, take advantage of our refund or free updated dumps.
Don’t leave your certification success to chance! Get the authentic 312-50v11 exam dumps from Certs4Future and start preparing today. With our expert-curated resources and pass guarantee, you'll be ready for the Eccouncil 312-50v11 exam in no time.
In order to tailor your tests during a web-application scan, you decide to determine which web-server version is hosting the application. On using the sV flag with Nmap. you obtainthe following response: 80/tcp open http-proxy Apache Server 7.1.6what Information-gathering technique does this best describe?
A. WhOiS lookup
B. Banner grabbing
C. Dictionary attack
D. Brute forcing
Attacker Steve targeted an organization's network with the aim of redirecting the company's web traffic to another malicious website. To achieve this goal, Steve performed DNS cachepoisoning by exploiting the vulnerabilities In the DNS server software and modified the original IP address of the target website to that of a fake website. What is the techniqueemployed by Steve to gather information for identity theft?
A. Pretexting
B. Pharming
C. Wardriving
D. Skimming
What is GINA?
A. Gateway Interface Network Application
B. GUI Installed Network Application CLASS
C. Global Internet National Authority (G-USA)
D. Graphical Identification and Authentication DLL
what is the correct way of using MSFvenom to generate a reverse TCP shellcode for windows?
A. msfvenom -p windows/meterpreter/reverse_tcp LHOST=10.10.10.30 LPORT=4444 -f c
B. msfvenom -p windows/meterpreter/reverse_tcp RHOST=10.10.10.30 LPORT=4444 -f c
C. msfvenom -p windows/meterpreter/reverse_tcp LHOST=10.10.10.30 LPORT=4444 -f exe > shell.exe
D. msfvenom -p windows/meterpreter/reverse_tcp RHOST=10.10.10.30 LPORT=4444 -f exe > shell.exe
You are a penetration tester working to test the user awareness of the employees of the client xyz. You harvested two employees' emails from some public sources and are creating a client-side backdoor to send it to the employees via email. Which stage of the cyber kill chain are you at?
A. Reconnaissance
B. Command and control
C. Weaponization
D. Exploitation
Which of the following LM hashes represent a password of less than 8 characters? (Choose two.)
A. BA810DBA98995F1817306D272A9441BB
B. 44EFCE164AB921CQAAD3B435B51404EE
C. 0182BD0BD4444BF836077A718CCDF409
D. CEC52EB9C8E3455DC2265B23734E0DAC
E. B757BF5C0D87772FAAD3B435B51404EE
F. E52CAC67419A9A224A3B108F3FA6CB6D
Windows LAN Manager (LM) hashes are known to be weak.Which of the following are known weaknesses of LM? (Choose three.)
A. Converts passwords to uppercase.
B. Hashes are sent in clear text over the network.
C. Makes use of only 32-bit encryption.
D. Effective length is 7 characters.
A user on your Windows 2000 network has discovered that he can use L0phtcrack to sniff the SMB exchanges which carry user logons. The user is plugged into a hub with 23 othersystems.However, he is unable to capture any logons though he knows that other users are logging in.What do you think is the most likely reason behind this?
A. There is a NIDS present on that segment.
B. Kerberos is preventing it.
C. Windows logons cannot be sniffed.
D. L0phtcrack only sniffs logons to web servers.
A computer science student needs to fill some information into a secured Adobe PDF job application that was received from a prospective employer. Instead of requesting a new document that allowed the forms to be completed, the student decides to write a script that pulls passwords from a list of commonly used passwords to try against the secured PDF until the correct password is found or the list is exhausted.Which cryptography attack is the student attempting?
A. Man-in-the-middle attack
B. Brute-force attack
C. Dictionary attack
D. Session hijacking
During the process of encryption and decryption, what keys are shared?
A. Private keys
B. User passwords
C. Public keys
D. Public and private keys
if you send a TCP ACK segment to a known closed port on a firewall but it does not respond with an RST. what do you know about the firewall you are scanning?
A. There is no firewall in place.
B. This event does not tell you encrypting about the firewall.
C. It is a stateful firewall
D. It Is a non-stateful firewall.
Chandler works as a pen-tester in an IT-firm in New York. As a part of detecting viruses in the systems, he uses a detection method where the anti-virus executes the malicious codes on a virtual machine to simulate CPU and memory activities. Which type of virus detection method did Chandler use in this context?
A. Heuristic Analysis
B. Code Emulation
C. Scanning
D. Integrity checking
Hackers often raise the trust level of a phishing message by modeling the email to look similar to the internal email used by the target company. This includes using logos, formatting, and names of the target company. The phishing message will often use the name of the company CEO, President, or Managers. The time a hacker spends performing research to locate this information about a company is known as?
A. Exploration
B. Investigation
C. Reconnaissance
D. Enumeration
John, a disgruntled ex-employee of an organization, contacted a professional hacker to exploit the organization. In the attack process, the professional hacker Installed a scanneron a machine belonging to one of the vktims and scanned several machines on the same network to Identify vulnerabilities to perform further exploitation. What is the type ofvulnerability assessment tool employed by John in the above scenario?
A. Proxy scanner
B. Agent-based scanner
C. Network-based scanner
D. Cluster scanner
What type of a vulnerability/attack is it when the malicious person forces the user’s browser to send an authenticated request to a server?
A. Session hijacking
B. Server side request forgery
C. Cross-site request forgery
D. Cross-site scripting
Clark is a professional hacker. He created and configured multiple domains pointing to the same host to switch quickly between the domains and avoid detection. Identify the behavior of the adversary In the above scenario.
A. use of command-line interface
B. Data staging
C. Unspecified proxy activities
D. Use of DNS tunneling
Some clients of TPNQM SA were redirected to a malicious site when they tried to access the TPNQM main site. Bob, a system administrator at TPNQM SA, found that they werevictims of DNS Cache Poisoning. What should Bob recommend to deal with such a threat?
A. The use of security agents in clients’ computers
B. The use of DNSSEC
C. The use of double-factor authentication
D. Client awareness
Based on the following extract from the log of a compromised machine, what is the hacker really trying to steal?
A. har.txt
B. SAM file
C. wwwroot
D. Repair file
Bobby, an attacker, targeted a user and decided to hijack and intercept all their wireless communications. He installed a fake communication tower between two authentic endpoints to mislead the victim. Bobby used this virtual tower to interrupt the data transmission between the user and real tower, attempting to hijack an active session, upon receiving the users request. Bobby manipulated the traffic with the virtual tower and redirected the victim to a malicious website. What is the attack performed by Bobby in the above scenario?
A. Wardriving
B. KRACK attack
C. jamming signal attack
D. aLTEr attack
After an audit, the auditors Inform you that there is a critical finding that you must tackle Immediately. You read the audit report, and the problem is the service running on port 369.Which service Is this and how can you tackle the problem?
A. The service is LDAP. and you must change it to 636. which is LDPAPS.
B. The service is NTP. and you have to change It from UDP to TCP in order to encrypt it
C. The findings do not require immediate actions and are only suggestions.
D. The service is SMTP, and you must change it to SMIME. which is an encrypted way to send emails.
A large company intends to use Blackberry for corporate mobile phones and a security analyst is assigned to evaluate the possible threats. The analyst will use the Blackjacking attack method to demonstrate how an attacker could circumvent perimeter defenses and gain access to the Prometric Online Testing – Reports https://ibt1.prometric.com/users/custom/report_queue/rq_str... corporate network. What tool should the analyst use to perform a Blackjacking attack?
A. Paros Proxy
B. BBProxy
C. Blooover
D. BBCrack
PGP, SSL, and IKE are all examples of which type of cryptography?
A. Digest
B. Secret Key
C. Public Key
D. Hash Algorithm
What is the common name for a vulnerability disclosure program opened by companies In platforms such as HackerOne?
A. Vulnerability hunting program
B. Bug bounty program
C. White-hat hacking program
D. Ethical hacking program
When you are testing a web application, it is very useful to employ a proxy tool to save every request and response. You can manually test every request and analyze the response to find vulnerabilities. You can test parameter and headers manually to get more precise results than if using web vulnerability scanners.What proxy tool will help you find web vulnerabilities?
A. Maskgen
B. Dimitry
C. Burpsuite
D. Proxychains
A newly joined employee. Janet, has been allocated an existing system used by a previous employee. Before issuing the system to Janet, it was assessed by Martin, the administrator. Martin found that there were possibilities of compromise through user directories, registries, and other system parameters. He also Identified vulnerabilities such as native configuration tables, incorrect registry or file permissions, and software configuration errors. What is the type of vulnerability assessment performed by Martin?
A. Credentialed assessment
B. Database assessment
C. Host-based assessment
D. Distributed assessment
Taylor, a security professional, uses a tool to monitor her company's website, analyze the website's traffic, and track the geographical location of the users visiting the company'swebsite. Which of the following tools did Taylor employ in the above scenario?
A. WebSite Watcher
B. web-Stat
C. Webroot
D. WAFW00F
Scenario: Joe turns on his home computer to access personal online banking. When he enters the URL www.bank.com. the website is displayed, but it prompts him to re-enter his credentials as if he has never visited the site before. When he examines the website URL closer, he finds that the site is not secure and the web address appears different. Whattype of attack he is experiencing?.
A. Dos attack
B. DHCP spoofing
C. ARP cache poisoning
D. DNS hijacking
What is the way to decide how a packet will move from an untrusted outside host to a protected inside that is behind a firewall, which permits the hacker to determine which portsare open and if the packets can pass through the packet-filtering of the firewall?
A. Session hijacking
B. Firewalking
C. Man-in-the middle attack
D. Network sniffing
A network administrator discovers several unknown files in the root directory of his Linux FTP server. One of the files is a tarball, two are shell script files, and the third is a binary file is named "nc." The FTP server's access logs show that the anonymous user account logged in to the server, uploaded the files, and extracted the contents of the tarball and ran the script using a function provided by the FTP server's software. The “ps” command shows that the “nc” file is running as process, and the netstat command shows the “nc”process is listening on a network port.What kind of vulnerability must be present to make this remote attack possible?
A. File system permissions
B. Privilege escalation
C. Directory traversal
D. Brute force login
env x=’(){ :;};echo exploit’ bash –c ‘cat/etc/passwd’What is the Shellshock bash vulnerability attempting to do on a vulnerable Linux host?
A. Removes the passwd file
B. Changes all passwords in passwd
C. Add new user to the passwd file
D. Display passwd content to prompt
Session splicing is an IDS evasion technique in which an attacker delivers data in multiple, small sized packets to the target computer, making it very difficult for an IDS to detect theattack signatures. Which tool can be used to perform session splicing attacks?
A. tcpsplice
B. Burp
C. Hydra
D. Whisker
An organization has automated the operation of critical infrastructure from a remote location. For this purpose, all the industrial control systems are connected to the Internet. To empower the manufacturing process, ensure the reliability of industrial networks, and reduce downtime and service disruption, the organization deckled to install an OT security tool that further protects against security incidents such as cyber espionage, zero-day attacks, and malware. Which of the following tools must the organization employ to protect its critical infrastructure?
A. Robotium
B. BalenaCloud
C. Flowmon
D. IntentFuzzer
Which of the following program infects the system boot sector and the executable files at the same time?
A. Polymorphic virus
B. Stealth virus
C. Multipartite Virus
D. Macro virus
Which of the following are well known password-cracking programs?
A. L0phtcrack
B. NetCat
C. Jack the Ripper
D. Netbus
E. John the Ripper
Which of the following tools performs comprehensive tests against web servers, including dangerous files and CGIs?
A. Nikto
B. John the Ripper
C. Dsniff
D. Snort
You are logged in as a local admin on a Windows 7 system and you need to launch the Computer Management Console from command line.Which command would you use?
A. c:\compmgmt.msc
B. c:\services.msc
C. c:\ncpa.cp
D. c:\gpedit
What would be the fastest way to perform content enumeration on a given web server by using the Gobuster tool?
A. Performing content enumeration using the bruteforce mode and 10 threads
B. Shipping SSL certificate verification
C. Performing content enumeration using a wordlist
D. Performing content enumeration using the bruteforce mode and random file extensions
You are attempting to run an Nmap port scan on a web server. Which of the following commands would result in a scan of common ports with the least amount of noise in order to evade IDS?
A. nmap -A - Pn
B. nmap -sP -p-65535 -T5
C. nmap -sT -O -T0
D. nmap -A --host-timeout 99 -T1
When conducting a penetration test, it is crucial to use all means to get all available information about the target network. One of the ways to do that is by sniffing the network.Which of the following cannot be performed by the passive network sniffing?
A. Identifying operating systems, services, protocols and devices
B. Modifying and replaying captured network traffic
C. Collecting unencrypted information about usernames and passwords
D. Capturing a network traffic for further analysis
Which is the first step followed by Vulnerability Scanners for scanning a network?
A. OS Detection
B. Firewall detection
C. TCP/UDP Port scanning
D. Checking if the remote host is alive
An attacker attaches a rogue router in a network. He wants to redirect traffic to a LAN attached to his router as part of a man-in-the-middle attack. What measure on behalf of the legitimate admin can mitigate this attack?
A. Make sure that legitimate network routers are configured to run routing protocols with authentication.
B. Disable all routing protocols and only use static routes
C. Only using OSPFv3 will mitigate this risk.
D. Redirection of the traffic cannot happen unless the admin allows it explicitly.
Which file is a rich target to discover the structure of a website during web-server footprinting?
A. Document root
B. Robots.txt
C. domain.txt
D. index.html
In the context of Windows Security, what is a 'null' user?
A. A user that has no skills
B. An account that has been suspended by the admin
C. A pseudo account that has no username and password
D. A pseudo account that was created for security administration purpose
ping-* 6 192.168.0.101 Output: Pinging 192.168.0.101 with 32 bytes of data: Reply from 192.168.0.101: bytes=32 time<1ms TTL=128 Reply from 192.168.0.101: bytes=32 time<1ms TTL=128 Reply from 192.168.0.101: bytes=32 time<1ms TTL=128 Reply from 192.168.0.101: bytes=32 time<1ms TTL=128 Reply from 192.168.0.101: bytes=32 time<1ms TTL=128Reply from 192.168.0.101: Ping statistics for 192.168.0101 Packets: Sent = 6, Received = 6, Lost = 0 (0% loss). Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0msWhat does the option * indicate?
A. t
B. s
C. a
D. n
This form of encryption algorithm is asymmetric key block cipher that is characterized by a 128-bit block size, and its key size can be up to 256 bits. Which among the following is thisencryption algorithm?
A. Twofish encryption algorithm
B. HMAC encryption algorithm
C. IDEA
D. Blowfish encryption algorithm
in this form of encryption algorithm, every Individual block contains 64-bit data, and three keys are used, where each key consists of 56 bits. Which is this encryption algorithm?
A. IDEA
B. Triple Data Encryption standard
C. MDS encryption algorithm
D. AES
Abel, a security professional, conducts penetration testing in his client organization to check for any security loopholes. He launched an attack on the DHCP servers by broadcasting forged DHCP requests and leased all the DHCP addresses available in the DHCP scope until the server could not issue any more IP addresses. This led to a Dos attack, and as a result, legitimate employees were unable to access the clients network.Which of the following attacks did Abel perform in the above scenario?
A. VLAN hopping
B. DHCP starvation
C. Rogue DHCP server attack
D. STP attack
Identify the UDP port that Network Time Protocol (NTP) uses as its primary means of communication?
A. 113
B. 69
C. 123
D. 161
John, a professional hacker, performs a network attack on a renowned organization and gains unauthorized access to the target network. He remains in the network without being detected for a long time and obtains sensitive information without sabotaging the organization. Which of the following attack techniques is used by John?
A. Advanced persistent
B. threat Diversion theft
C. Spear-phishing sites
D. insider threat
Sam is a penetration tester hired by Inception Tech, a security organization. He was asked to perform port scanning on a target host in the network. While performing the given task,Sam sends FIN/ACK probes and determines that an RST packet is sent in response by the target host, indicating that the port is closed.What is the port scanning technique used by Sam to discover open ports?
A. Xmas scan
B. IDLE/IPID header scan
C. TCP Maimon scan
D. ACK flag probe scan
Which of the following DoS tools is used to attack target web applications by starvation of available sessions on the web server?The tool keeps sessions at halt using never-ending POST transmissions and sending an arbitrarily large content-length header value.
A. My Doom
B. Astacheldraht
C. R-U-Dead-Yet?(RUDY)
D. LOIC
Your company was hired by a small healthcare provider to perform a technical assessment on the network.What is the best approach for discovering vulnerabilities on a Windows-based computer?
A. Use the built-in Windows Update tool
B. Use a scan tool like Nessus
C. Check MITRE.org for the latest list of CVE findings
D. Create a disk image of a clean Windows installation
SQL injection (SQLi) attacks attempt to inject SQL syntax into web requests, which may Bypass authentication and allow attackers to access and/or modify data attached to a web application.Which of the following SQLI types leverages a database server's ability to make DNS requests to pass data to an attacker?
A. Union-based SQLI
B. Out-of-band SQLI
C. ln-band SQLI
D. Time-based blind SQLI