New Year Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: cramtick70

312-50v11 Certified Ethical Hacker Exam (CEH v11) Questions and Answers

Questions 4

To hide the file on a Linux system, you have to start the filename with a specific character. What is the character?

Options:

A.

Exclamation mark (!)

B.

Underscore (_)

C.

Tilde H

D.

Period (.)

Buy Now
Questions 5

Emily, an extrovert obsessed with social media, posts a large amount of private information, photographs, and location tags of recently visited places. Realizing this. James, a professional hacker, targets Emily and her acquaintances, conducts a location search to detect their geolocation by using an automated tool, and gathers information to perform other sophisticated attacks. What is the tool employed by James in the above scenario?

Options:

A.

ophcrack

B.

Hootsuite

C.

VisualRoute

D.

HULK

Buy Now
Questions 6

infecting a system with malware and using phishing to gain credentials to a system or web application are examples of which phase of the ethical hacking methodology?

Options:

A.

Reconnaissance

B.

Maintaining access

C.

Scanning

D.

Gaining access

Buy Now
Questions 7

Joel, a professional hacker, targeted a company and identified the types of websites frequently visited by its employees. Using this information, he searched for possible loopholes in these websites and injected a malicious script that can redirect users from the web page and download malware onto a victim's machine. Joel waits for the victim to access the infected web application so as to compromise the victim's machine. Which of the following techniques is used by Joel in the above scenario?

Options:

A.

DNS rebinding attack

B.

Clickjacking attack

C.

MarioNet attack

D.

Watering hole attack

Buy Now
Questions 8

Mary found a high vulnerability during a vulnerability scan and notified her server team. After analysis, they sent her proof that a fix to that issue had already been applied. The vulnerability that Marry found is called what?

Options:

A.

False-negative

B.

False-positive

C.

Brute force attack

D.

Backdoor

Buy Now
Questions 9

Bob received this text message on his mobile phone: “Hello, this is Scott Smelby from the Yahoo Bank. Kindly contact me for a vital transaction on: scottsmelby@yahoo.com”. Which statement below is true?

Options:

A.

This is a scam as everybody can get a @yahoo address, not the Yahoo customer service employees.

B.

This is a scam because Bob does not know Scott.

C.

Bob should write to scottmelby@yahoo.com to verify the identity of Scott.

D.

This is probably a legitimate message as it comes from a respectable organization.

Buy Now
Questions 10

Samuel, a professional hacker, monitored and Intercepted already established traffic between Bob and a host machine to predict Bob's ISN. Using this ISN, Samuel sent spoofed packets with Bob's IP address to the host machine. The host machine responded with <| packet having an Incremented ISN. Consequently. Bob's connection got hung, and Samuel was able to communicate with the host machine on behalf of Bob. What is the type of attack performed by Samuel in the above scenario?

Options:

A.

UDP hijacking

B.

Blind hijacking

C.

TCP/IP hacking

D.

Forbidden attack

Buy Now
Questions 11

During the enumeration phase. Lawrence performs banner grabbing to obtain information such as OS details and versions of services running. The service that he enumerated runs directly on TCP port 445.

Which of the following services is enumerated by Lawrence in this scenario?

Options:

A.

Server Message Block (SMB)

B.

Network File System (NFS)

C.

Remote procedure call (RPC)

D.

Telnet

Buy Now
Questions 12

Larry, a security professional in an organization, has noticed some abnormalities In the user accounts on a web server. To thwart evolving attacks, he decided to harden the security of the web server by adopting a countermeasures to secure the accounts on the web server.

Which of the following countermeasures must Larry implement to secure the user accounts on the web server?

Options:

A.

Enable unused default user accounts created during the installation of an OS

B.

Enable all non-interactive accounts that should exist but do not require interactive login

C.

Limit the administrator or toot-level access to the minimum number of users

D.

Retain all unused modules and application extensions

Buy Now
Questions 13

An incident investigator asks to receive a copy of the event logs from all firewalls, proxy servers, and Intrusion Detection Systems (IDS) on the network of an organization that has experienced a possible breach of security. When the investigator attempts to correlate the information in all of the logs, the sequence of many of the logged events do not match up.

What is the most likely cause?

Options:

A.

The network devices are not all synchronized.

B.

Proper chain of custody was not observed while collecting the logs.

C.

The attacker altered or erased events from the logs.

D.

The security breach was a false positive.

Buy Now
Questions 14

Which of the following statements is TRUE?

Options:

A.

Packet Sniffers operate on the Layer 1 of the OSI model.

B.

Packet Sniffers operate on Layer 2 of the OSI model.

C.

Packet Sniffers operate on both Layer 2 & Layer 3 of the OSI model.

D.

Packet Sniffers operate on Layer 3 of the OSI model.

Buy Now
Questions 15

Lewis, a professional hacker, targeted the loT cameras and devices used by a target venture-capital firm. He used an information-gathering tool to collect information about the loT devices connected to a network, open ports and services, and the attack surface area. Using this tool, he also generated statistical reports on broad usage patterns and trends. This tool helped Lewis continually monitor every reachable server and device on the Internet, further allowing him to exploit these devices in the network. Which of the following tools was employed by Lewis in the above scenario?

Options:

A.

Censys

B.

Wapiti

C.

NeuVector

D.

Lacework

Buy Now
Questions 16

Attacker Lauren has gained the credentials of an organization's internal server system, and she was often logging in during irregular times to monitor the network activities. The organization was skeptical about the login times and appointed security professional Robert to determine the issue. Robert analyzed the compromised device to find incident details such as the type of attack, its severity, target, impact, method of propagation, and vulnerabilities exploited. What is the incident handling and response (IH&R) phase, in which Robert has determined these issues?

Options:

A.

Preparation

B.

Eradication

C.

Incident recording and assignment

D.

Incident triage

Buy Now
Questions 17

Leverox Solutions hired Arnold, a security professional, for the threat intelligence process. Arnold collected information about specific threats against the organization. From this information, he retrieved contextual information about security events and incidents that helped him disclose potential risks and gain insight into attacker methodologies. He collected the information from sources such as humans, social media, and chat rooms as well as from events that resulted in cyberattacks. In this process, he also prepared a report that includes identified malicious activities, recommended courses of action, and warnings for emerging attacks. What is the type of threat intelligence collected by Arnold in the above scenario?

Options:

A.

Strategic threat intelligence

B.

Tactical threat intelligence

C.

Operational threat intelligence

D.

Technical threat intelligence

Buy Now
Questions 18

Becky has been hired by a client from Dubai to perform a penetration test against one of their remote offices. Working from her location in Columbus, Ohio, Becky runs her usual reconnaissance scans to obtain basic information about their network. When analyzing the results of her Whois search, Becky notices that the IP was allocated to a location in Le Havre, France. Which regional Internet registry should Becky go to for detailed information?

Options:

A.

ARIN

B.

APNIC

C.

RIPE

D.

LACNIC

Buy Now
Questions 19

Which protocol is used for setting up secure channels between two devices, typically in VPNs?

Options:

A.

PEM

B.

ppp

C.

IPSEC

D.

SET

Buy Now
Questions 20

What kind of detection techniques is being used in antivirus software that identifies malware by collecting data from multiple protected systems and instead of analyzing files locally it’s made on the provider’s environment?

Options:

A.

Behavioral based

B.

Heuristics based

C.

Honeypot based

D.

Cloud based

Buy Now
Questions 21

Don, a student, came across a gaming app in a third-party app store and Installed it. Subsequently, all the legitimate apps in his smartphone were replaced by deceptive applications that appeared legitimate. He also received many advertisements on his smartphone after Installing the app. What is the attack performed on Don in the above scenario?

Options:

A.

SMS phishing attack

B.

SIM card attack

C.

Agent Smith attack

D.

Clickjacking

Buy Now
Questions 22

The network team has well-established procedures to follow for creating new rules on the firewall. This includes having approval from a manager prior to implementing any new rules. While reviewing the firewall configuration, you notice a recently implemented rule but cannot locate manager approval for it. What would be a good step to have in the procedures for a situation like this?

Options:

A.

Have the network team document the reason why the rule was implemented without prior manager approval.

B.

Monitor all traffic using the firewall rule until a manager can approve it.

C.

Do not roll back the firewall rule as the business may be relying upon it, but try to get manager approval as soon as possible.

D.

Immediately roll back the firewall rule until a manager can approve it

Buy Now
Questions 23

An Internet Service Provider (ISP) has a need to authenticate users connecting via analog modems, Digital Subscriber Lines (DSL), wireless data services, and Virtual Private Networks (VPN) over a Frame Relay network.

Which AAA protocol is the most likely able to handle this requirement?

Options:

A.

TACACS+

B.

DIAMETER

C.

Kerberos

D.

RADIUS

Buy Now
Questions 24

What do Trinoo, TFN2k, WinTrinoo, T-Sight, and Stracheldraht have in common?

Options:

A.

All are hacking tools developed by the legion of doom

B.

All are tools that can be used not only by hackers, but also security personnel

C.

All are DDOS tools

D.

All are tools that are only effective against Windows

E.

All are tools that are only effective against Linux

Buy Now
Questions 25

Harry. a professional hacker, targets the IT infrastructure of an organization. After preparing for the attack, he attempts to enter the target network using techniques such as sending spear-phishing emails and exploiting vulnerabilities on publicly available servers. Using these techniques, he successfully deployed malware on the target system to establish an outbound connection. What is the APT lifecycle phase that Harry is currently executing?

Options:

A.

Preparation

B.

Cleanup

C.

Persistence

D.

initial intrusion

Buy Now
Questions 26

While testing a web application in development, you notice that the web server does not properly ignore the “dot dot slash” (../) character string and instead returns the file listing of a folder structure of the server.

What kind of attack is possible in this scenario?

Options:

A.

Cross-site scripting

B.

Denial of service

C.

SQL injection

D.

Directory traversal

Buy Now
Questions 27

The configuration allows a wired or wireless network interface controller to pass all traffic it receives to the Central Processing Unit (CPU), rather than passing only the frames that the controller is intended to receive. Which of the following is being described?

Options:

A.

Multi-cast mode

B.

Promiscuous mode

C.

WEM

D.

Port forwarding

Buy Now
Questions 28

John wants to send Marie an email that includes sensitive information, and he does not trust the network that he is connected to. Marie gives him the idea of using PGP. What should John do to communicate correctly using this type of encryption?

Options:

A.

Use his own public key to encrypt the message.

B.

Use Marie's public key to encrypt the message.

C.

Use his own private key to encrypt the message.

D.

Use Marie's private key to encrypt the message.

Buy Now
Questions 29

in an attempt to increase the security of your network, you Implement a solution that will help keep your wireless network undiscoverable and accessible only to those that know It. How do you accomplish this?

Options:

A.

Delete the wireless network

B.

Remove all passwords

C.

Lock all users

D.

Disable SSID broadcasting

Buy Now
Questions 30

Gavin owns a white-hat firm and is performing a website security audit for one of his clients. He begins by running a scan which looks for common misconfigurations and outdated software versions. Which of the following tools is he most likely using?

Options:

A.

Nikto

B.

Nmap

C.

Metasploit

D.

Armitage

Buy Now
Questions 31

Eric has discovered a fantastic package of tools named Dsniff on the Internet. He has learnt to use these tools in his lab and is now ready for real world exploitation. He was able to effectively intercept communications between the two entities and establish credentials with both sides of the connections. The two remote ends of the communication never notice that Eric is relaying the information between the two. What would you call this attack?

Options:

A.

Interceptor

B.

Man-in-the-middle

C.

ARP Proxy

D.

Poisoning Attack

Buy Now
Questions 32

An Intrusion Detection System (IDS) has alerted the network administrator to a possibly malicious sequence of packets sent to a Web server in the network’s external DMZ. The packet traffic was captured by the IDS and saved to a PCAP file. What type of network tool can be used to determine if these packets are genuinely malicious or simply a false positive?

Options:

A.

Protocol analyzer

B.

Network sniffer

C.

Intrusion Prevention System (IPS)

D.

Vulnerability scanner

Buy Now
Questions 33

Garry is a network administrator in an organization. He uses SNMP to manage networked devices from a remote location. To manage nodes in the network, he uses MIB. which contains formal descriptions of all network objects managed by SNMP. He accesses the contents of MIB by using a web browser either by entering the IP address and Lseries.mlb or by entering the DNS library name and Lseries.mlb. He is currently retrieving information from an MIB that contains object types for workstations and server services. Which of the following types of MIB is accessed by Garry in the above scenario?

Options:

A.

LNMIB2.MIB

B.

WINS.MIB

C.

DHCP.MIS

D.

MIB_II.MIB

Buy Now
Questions 34

Alice, a professional hacker, targeted an organization's cloud services. She infiltrated the targets MSP provider by sending spear-phishing emails and distributed custom-made malware to compromise user accounts and gain remote access to the cloud service. Further, she accessed the target customer profiles with her MSP account, compressed the customer data, and stored them in the MSP. Then, she used this information to launch further attacks on the target organization. Which of the following cloud attacks did Alice perform in the above scenario?

Options:

A.

Cloud hopper attack

B.

Cloud cryptojacking

C.

Cloudborne attack

D.

Man-in-the-cloud (MITC) attack

Buy Now
Questions 35

What is the purpose of a demilitarized zone on a network?

Options:

A.

To scan all traffic coming through the DMZ to the internal network

B.

To only provide direct access to the nodes within the DMZ and protect the network behind it

C.

To provide a place to put the honeypot

D.

To contain the network devices you wish to protect

Buy Now
Questions 36

What ports should be blocked on the firewall to prevent NetBIOS traffic from not coming through the firewall if your network is comprised of Windows NT, 2000, and XP?

Options:

A.

110

B.

135

C.

139

D.

161

E.

445

F.

1024

Buy Now
Questions 37

Which Nmap switch helps evade IDS or firewalls?

Options:

A.

-n/-R

B.

-0N/-0X/-0G

C.

-T

D.

-D

Buy Now
Questions 38

A user on your Windows 2000 network has discovered that he can use L0phtcrack to sniff the SMB exchanges which carry user logons. The user is plugged into a hub with 23 other systems.

However, he is unable to capture any logons though he knows that other users are logging in.

What do you think is the most likely reason behind this?

Options:

A.

There is a NIDS present on that segment.

B.

Kerberos is preventing it.

C.

Windows logons cannot be sniffed.

D.

L0phtcrack only sniffs logons to web servers.

Buy Now
Questions 39

Which of the following programs is usually targeted at Microsoft Office products?

Options:

A.

Polymorphic virus

B.

Multipart virus

C.

Macro virus

D.

Stealth virus

Buy Now
Questions 40

The establishment of a TCP connection involves a negotiation called three-way handshake. What type of message does the client send to the server in order to begin this negotiation?

Options:

A.

ACK

B.

SYN

C.

RST

D.

SYN-ACK

Buy Now
Questions 41

There are multiple cloud deployment options depending on how isolated a customer's resources are from those of other customers. Shared environments share the costs and allow each customer to enjoy lower operations expenses. One solution Is for a customer to Join with a group of users or organizations to share a cloud environment. What is this cloud deployment option called?

Options:

A.

Hybrid

B.

Community

C.

Public

D.

Private

Buy Now
Questions 42

Jane is working as a security professional at CyberSol Inc. She was tasked with ensuring the authentication and integrity of messages being transmitted in the corporate network. To encrypt the messages, she implemented a security model in which every user in the network maintains a ring of public keys. In this model, a user needs to encrypt a message using the receiver's public key, and only the receiver can decrypt the message using their private key. What is the security model implemented by Jane to secure corporate messages?

Options:

A.

Zero trust network

B.

Transport Layer Security (TLS)

C.

Secure Socket Layer (SSL)

D.

Web of trust (WOT)

Buy Now
Questions 43

Dorian Is sending a digitally signed email to Polly, with which key is Dorian signing this message and how is Poly validating It?

Options:

A.

Dorian is signing the message with his public key. and Poly will verify that the message came from Dorian by using Dorian's private key.

B.

Dorian Is signing the message with Polys public key. and Poly will verify that the message came from Dorian by using Dorian's public key.

C.

Dorian is signing the message with his private key. and Poly will verify that the message came from Dorian by using Dorian's public key.

D.

Dorian is signing the message with Polys private key. and Poly will verify mat the message came from Dorian by using Dorian's public key.

Buy Now
Questions 44

Eve is spending her day scanning the library computers. She notices that Alice is using a computer whose port 445 is active and listening. Eve uses the ENUM tool to enumerate Alice machine. From the command prompt, she types the following command.

What is Eve trying to do?

Options:

A.

Eve is trying to connect as a user with Administrator privileges

B.

Eve is trying to enumerate all users with Administrative privileges

C.

Eve is trying to carry out a password crack for user Administrator

D.

Eve is trying to escalate privilege of the null user to that of Administrator

Buy Now
Questions 45

A technician is resolving an issue where a computer is unable to connect to the Internet using a wireless access point. The computer is able to transfer files locally to other machines, but cannot successfully reach the Internet. When the technician examines the IP address and default gateway they are both on the 192.168.1.0/24. Which of the following has occurred?

Options:

A.

The computer is not using a private IP address.

B.

The gateway is not routing to a public IP address.

C.

The gateway and the computer are not on the same network.

D.

The computer is using an invalid IP address.

Buy Now
Questions 46

This form of encryption algorithm is asymmetric key block cipher that is characterized by a 128-bit block size, and its key size can be up to 256 bits. Which among the following is this encryption algorithm?

Options:

A.

Twofish encryption algorithm

B.

HMAC encryption algorithm

C.

IDEA

D.

Blowfish encryption algorithm

Buy Now
Questions 47

joe works as an it administrator in an organization and has recently set up a cloud computing service for the organization. To implement this service, he reached out to a telecom company for providing Internet connectivity and transport services between the organization and the cloud service provider, in the NIST cloud deployment reference architecture, under which category does the telecom company fall in the above scenario?

Options:

A.

Cloud booker

B.

Cloud consumer

C.

Cloud carrier

D.

Cloud auditor

Buy Now
Questions 48

You have retrieved the raw hash values from a Windows 2000 Domain Controller. Using social engineering, you come to know that they are enforcing strong passwords. You understand that all users are required to use passwords that are at least 8 characters in length. All passwords must also use 3 of the 4 following categories: lower case letters, capital letters, numbers and special characters. With your existing knowledge of users, likely user account names and the possibility that they will choose the easiest passwords possible, what would be the fastest type of password cracking attack you can run against these hash values and still get results?

Options:

A.

Online Attack

B.

Dictionary Attack

C.

Brute Force Attack

D.

Hybrid Attack

Buy Now
Questions 49

When a normal TCP connection starts, a destination host receives a SYN (synchronize/start) packet from a source host and sends back a SYN/ACK (synchronize acknowledge). The destination host must then hear an ACK (acknowledge) of the SYN/ACK before the connection is established. This is referred to as the "TCP three-way handshake." While waiting for the ACK to the SYN ACK, a connection queue of finite size on the destination host keeps track of connections waiting to be completed. This queue typically empties quickly since the ACK is expected to arrive a few milliseconds after the SYN ACK.

How would an attacker exploit this design by launching TCP SYN attack?

Options:

A.

Attacker generates TCP SYN packets with random destination addresses towards a victim host

B.

Attacker floods TCP SYN packets with random source addresses towards a victim host

C.

Attacker generates TCP ACK packets with random source addresses towards a victim host

D.

Attacker generates TCP RST packets with random source addresses towards a victim host

Buy Now
Questions 50

ViruXine.W32 virus hides their presence by changing the underlying executable code.

This Virus code mutates while keeping the original algorithm intact, the code changes itself each time it runs, but the function of the code (its semantics) will not change at all.

Here is a section of the Virus code:

What is this technique called?

Options:

A.

Polymorphic Virus

B.

Metamorphic Virus

C.

Dravidic Virus

D.

Stealth Virus

Buy Now
Questions 51

Thomas, a cloud security professional, is performing security assessment on cloud services to identify any loopholes. He detects a vulnerability in a bare-metal cloud server that can enable hackers to implant malicious backdoors in its firmware. He also identified that an installed backdoor can persist even if the server is reallocated to new clients or businesses that use it as an laaS.

What is the type of cloud attack that can be performed by exploiting the vulnerability discussed in the above scenario?

Options:

A.

Man-in-the-cloud (MITC) attack

B.

Cloud cryptojacking

C.

Cloudborne attack

D.

Metadata spoofing attack

Buy Now
Questions 52

John is an incident handler at a financial institution. His steps in a recent incident are not up to the standards of the company. John frequently forgets some steps and procedures while handling responses as they are very stressful to perform. Which of the following actions should John take to overcome this problem with the least administrative effort?

Options:

A.

Create an incident checklist.

B.

Select someone else to check the procedures.

C.

Increase his technical skills.

D.

Read the incident manual every time it occurs.

Buy Now
Questions 53

What two conditions must a digital signature meet?

Options:

A.

Has to be the same number of characters as a physical signature and must be unique.

B.

Has to be unforgeable, and has to be authentic.

C.

Must be unique and have special characters.

D.

Has to be legible and neat.

Buy Now
Questions 54

Which of the following tools performs comprehensive tests against web servers, including dangerous files and CGIs?

Options:

A.

Nikto

B.

John the Ripper

C.

Dsniff

D.

Snort

Buy Now
Questions 55

Cross-site request forgery involves:

Options:

A.

A request sent by a malicious user from a browser to a server

B.

Modification of a request by a proxy between client and server

C.

A browser making a request to a server without the user’s knowledge

D.

A server making a request to another server without the user’s knowledge

Buy Now
Questions 56

Which of the following represents the initial two commands that an IRC client sends to join an IRC network?

Options:

A.

USER, NICK

B.

LOGIN, NICK

C.

USER, PASS

D.

LOGIN, USER

Buy Now
Questions 57

John, a professional hacker, targeted an organization that uses LDAP for accessing distributed directory services. He used an automated tool to anonymously query the IDAP service for sensitive information such as usernames. addresses, departmental details, and server names to launch further attacks on the target organization.

What is the tool employed by John to gather information from the IDAP service?

Options:

A.

jxplorer

B.

Zabasearch

C.

EarthExplorer

D.

Ike-scan

Buy Now
Questions 58

In this attack, a victim receives an e-mail claiming from PayPal stating that their account has been disabled and confirmation is required before activation. The attackers then scam to collect not one but two credit card numbers, ATM PIN number and other personal details. Ignorant users usually fall prey to this scam.

Which of the following statement is incorrect related to this attack?

Options:

A.

Do not reply to email messages or popup ads asking for personal or financial information

B.

Do not trust telephone numbers in e-mails or popup ads

C.

Review credit card and bank account statements regularly

D.

Antivirus, anti-spyware, and firewall software can very easily detect these type of attacks

E.

Do not send credit card numbers, and personal or financial information via e-mail

Buy Now
Questions 59

Insecure direct object reference is a type of vulnerability where the application does not verify if the user is authorized to access the internal object via its name or key. Suppose a malicious user Rob tries to get access to the account of a benign user Ned.

Which of the following requests best illustrates an attempt to exploit an insecure direct object reference vulnerability?

Options:

A.

“GET /restricted/goldtransfer?to=Rob&from=1 or 1=1’ HTTP/1.1Host: westbank.com”

B.

“GET /restricted/\r\n\%00account%00Ned%00access HTTP/1.1 Host: westbank.com”

C.

“GET /restricted/accounts/?name=Ned HTTP/1.1 Host westbank.com”

D.

“GET /restricted/ HTTP/1.1 Host: westbank.com

Buy Now
Questions 60

Kate dropped her phone and subsequently encountered an issue with the phone's internal speaker. Thus, she is using the phone's loudspeaker for phone calls and other activities. Bob, an attacker, takes advantage of this vulnerability and secretly exploits the hardware of Kate's phone so that he can monitor the loudspeaker's output from data sources such as voice assistants, multimedia messages, and audio files by using a malicious app to breach speech privacy. What is the type of attack Bob performed on Kate in the above scenario?

Options:

A.

Man-in-the-disk attack

B.

aLTEr attack

C.

SIM card attack

D.

Spearphone attack

Buy Now
Questions 61

Bobby, an attacker, targeted a user and decided to hijack and intercept all their wireless communications. He installed a fake communication tower between two authentic endpoints to mislead the victim. Bobby used this virtual tower to interrupt the data transmission between the user and real tower, attempting to hijack an active session, upon receiving the users request. Bobby manipulated the traffic with the virtual tower and redirected the victim to a malicious website. What is the attack performed by Bobby in the above scenario?

Options:

A.

Wardriving

B.

KRACK attack

C.

jamming signal attack

D.

aLTEr attack

Buy Now
Questions 62

Jim’s company regularly performs backups of their critical servers. But the company cannot afford to send backup tapes to an off-site vendor for long-term storage and archiving. Instead, Jim’s company keeps the backup tapes in a safe in the office. Jim’s company is audited each year, and the results from this year’s audit show a risk because backup tapes are not stored off-site. The Manager of Information Technology has a plan to take the backup tapes home with him and wants to know what two things he can do to secure the backup tapes while in transit?

Options:

A.

Encrypt the backup tapes and transport them in a lock box.

B.

Degauss the backup tapes and transport them in a lock box.

C.

Hash the backup tapes and transport them in a lock box.

D.

Encrypt the backup tapes and use a courier to transport them.

Buy Now
Questions 63

When analyzing the IDS logs, the system administrator noticed an alert was logged when the external router was accessed from the administrator’s Computer to update the router configuration. What type of an alert is this?

Options:

A.

False negative

B.

True negative

C.

True positive

D.

False positive

Buy Now
Questions 64

You are tasked to perform a penetration test. While you are performing information gathering, you find an employee list in Google. You find the receptionist’s email, and you send her an email changing the source email to her boss’s email (boss@company). In this email, you ask for a pdf with information. She reads your email and sends back a pdf with links. You exchange the pdf links with your malicious links (these links contain malware) and send back the modified pdf, saying that the links don’t work. She reads your email, opens the links, and her machine gets infected. You now have access to the company network. What testing method did you use?

Options:

A.

Social engineering

B.

Piggybacking

C.

Tailgating

D.

Eavesdropping

Buy Now
Questions 65

In the context of password security, a simple dictionary attack involves loading a dictionary file (a text file full of dictionary words) into a cracking application such as L0phtCrack or John the Ripper, and running it against user accounts located by the application. The larger the word and word fragment selection, the more effective the dictionary attack is. The brute force method is the most inclusive, although slow. It usually tries every possible letter and number combination in its automated exploration. If you would use both brute force and dictionary methods combined together to have variation of words, what would you call such an attack?

Options:

A.

Full Blown

B.

Thorough

C.

Hybrid

D.

BruteDics

Buy Now
Questions 66

Switches maintain a CAM Table that maps individual MAC addresses on the network to physical ports on the switch.

In MAC flooding attack, a switch is fed with many Ethernet frames, each containing different source MAC addresses, by the attacker. Switches have a limited memory for mapping various MAC addresses to physical ports. What happens when the CAM table becomes full?

Options:

A.

Switch then acts as hub by broadcasting packets to all machines on the network

B.

The CAM overflow table will cause the switch to crash causing Denial of Service

C.

The switch replaces outgoing frame switch factory default MAC address of FF:FF:FF:FF:FF:FF

D.

Every packet is dropped and the switch sends out SNMP alerts to the IDS port

Buy Now
Questions 67

What piece of hardware on a computer's motherboard generates encryption keys and only releases a part of the key so that decrypting a disk on a new piece of hardware is not possible?

Options:

A.

CPU

B.

GPU

C.

UEFI

D.

TPM

Buy Now
Questions 68

SQL injection (SQLi) attacks attempt to inject SQL syntax into web requests, which may Bypass authentication and allow attackers to access and/or modify data attached to a web application.

Which of the following SQLI types leverages a database server's ability to make DNS requests to pass data to an attacker?

Options:

A.

Union-based SQLI

B.

Out-of-band SQLI

C.

ln-band SQLI

D.

Time-based blind SQLI

Buy Now
Questions 69

Boney, a professional hacker, targets an organization for financial benefits. He performs an attack by sending his session ID using an MITM attack technique. Boney first obtains a valid session ID by logging into a service and later feeds the same session 10 to the target employee. The session ID links the target employee to Boneys account page without disclosing any information to the victim. When the target employee clicks on the link, all the sensitive payment details entered in a form are linked to Boneys account. What is the attack performed by Boney in the above scenario?

Options:

A.

Session donation attack

B.

Session fixation attack

C.

Forbidden attack

D.

CRIME attack

Buy Now
Questions 70

Heather’s company has decided to use a new customer relationship management tool. After performing the appropriate research, they decided to purchase a subscription to a cloud-hosted solution. The only administrative task that Heather will need to perform is the management of user accounts. The provider will take care of the hardware, operating system, and software administration including patching and monitoring. Which of the following is this type of solution?

Options:

A.

SaaS

B.

IaaS

C.

CaaS

D.

PasS

Buy Now
Questions 71

Susan has attached to her company's network. She has managed to synchronize her boss's sessions with that of the file server. She then intercepted his traffic destined for the server, changed it the way she wanted to and then placed it on the server in his home directory.

What kind of attack is Susan carrying on?

Options:

A.

A sniffing attack

B.

A spoofing attack

C.

A man in the middle attack

D.

A denial of service attack

Buy Now
Questions 72

#!/usr/bin/python import socket buffer=[““A””] counter=50 while len(buffer)<=100: buffer.append (““A””*counter)

counter=counter+50 commands= [““HELP””,““STATS .””,““RTIME .””,““LTIME. ””,““SRUN .”’,““TRUN .””,““GMON

.””,““GDOG .””,““KSTET .”,““GTER .””,““HTER .””, ““LTER .”,““KSTAN .””] for command in commands: for

buffstring in buffer: print ““Exploiting”” +command +““:””+str(len(buffstring)) s=socket.socket(socket.AF_INET,

socket.SOCK_STREAM) s.connect((‘127.0.0.1’, 9999)) s.recv(50) s.send(command+buffstring) s.close()

What is the code written for?

Options:

A.

Denial-of-service (DOS)

B.

Buffer Overflow

C.

Bruteforce

D.

Encryption

Buy Now
Questions 73

What is the minimum number of network connections in a multihomed firewall?

Options:

A.

3

B.

5

C.

4

D.

2

Buy Now
Questions 74

Andrew is an Ethical Hacker who was assigned the task of discovering all the active devices hidden by a restrictive firewall in the IPv4 range in a given target network.

Which of the following host discovery techniques must he use to perform the given task?

Options:

A.

UDP scan

B.

TCP Maimon scan

C.

arp ping scan

D.

ACK flag probe scan

Buy Now
Questions 75

An organization has automated the operation of critical infrastructure from a remote location. For this purpose, all the industrial control systems are connected to the Internet. To empower the manufacturing process, ensure the reliability of industrial networks, and reduce downtime and service disruption, the organization deckled to install an OT security tool that further protects against security incidents such as cyber espionage, zero-day attacks, and malware. Which of the following tools must the organization employ to protect its critical infrastructure?

Options:

A.

Robotium

B.

BalenaCloud

C.

Flowmon

D.

IntentFuzzer

Buy Now
Questions 76

What is correct about digital signatures?

Options:

A.

A digital signature cannot be moved from one signed document to another because it is the hash of the original document encrypted with the private key of the signing party.

B.

Digital signatures may be used in different documents of the same type.

C.

A digital signature cannot be moved from one signed document to another because it is a plain hash of the document content.

D.

Digital signatures are issued once for each user and can be used everywhere until they expire.

Buy Now
Questions 77

These hackers have limited or no training and know how to use only basic techniques or tools.

What kind of hackers are we talking about?

Options:

A.

Black-Hat Hackers A

B.

Script Kiddies

C.

White-Hat Hackers

D.

Gray-Hat Hacker

Buy Now
Questions 78

Vlady works in a fishing company where the majority of the employees have very little understanding of IT let alone IT Security. Several information security issues that Vlady often found includes, employees sharing password, writing his/her password on a post it note and stick it to his/her desk, leaving the computer unlocked, didn’t log out from emails or other social media accounts, and etc.

After discussing with his boss, Vlady decided to make some changes to improve the security environment in his company. The first thing that Vlady wanted to do is to make the employees understand the importance of keeping confidential information, such as password, a secret and they should not share it with other persons.

Which of the following steps should be the first thing that Vlady should do to make the employees in his company understand to importance of keeping confidential information a secret?

Options:

A.

Warning to those who write password on a post it note and put it on his/her desk

B.

Developing a strict information security policy

C.

Information security awareness training

D.

Conducting a one to one discussion with the other employees about the importance of information security

Buy Now
Questions 79

Samuel a security administrator, is assessing the configuration of a web server. He noticed that the server permits SSlv2 connections, and the same private key certificate is used on a different server that allows SSLv2 connections. This vulnerability makes the web server vulnerable to attacks as the SSLv2 server can leak key information.

Which of the following attacks can be performed by exploiting the above vulnerability?

Options:

A.

DROWN attack

B.

Padding oracle attack

C.

Side-channel attack

D.

DUHK attack

Buy Now
Exam Code: 312-50v11
Exam Name: Certified Ethical Hacker Exam (CEH v11)
Last Update: Dec 25, 2024
Questions: 528
312-50v11 pdf

312-50v11 PDF

$25.5  $84.99
312-50v11 Engine

312-50v11 Testing Engine

$30  $99.99
312-50v11 PDF + Engine

312-50v11 PDF + Testing Engine

$40.5  $134.99