Lead2pass 2017 September New EC-Council 312-50v9 Exam Dumps!
100% Free Download! 100% Pass Guaranteed!
The 312-50v9 braindumps are the latest, authenticated by expert and covering each and every aspect of 312-50v9 exam. Comparing with others, our exam questions are rich in variety. We offer PDF dumps and 312-50v9 VCE dumps. Welcome to choose.
Following questions and answers are all new published by EC-Council Official Exam Center: https://www.lead2pass.com/312-50v9.html
QUESTION 261
The company ABC recently contracted a new accountant. The accountant will be working with the financial statements. Those financial statements need to be approved by the CFO and then they will be sent to the accountant but the CFO is worried because he wants to be sure that the information sent to the accountant was not modified once he approved it. What of the following options can be useful to ensure the integrity of the data?
A. The document can be sent to the accountant using an exclusive USB for that document.
B. The CFO can use a hash algorithm in the document once he approved the financial statements.
C. The financial statements can be sent twice, one by email and the other delivered in USB and the accountant can compare both to be sure it is the same document.
D. The CFO can use an excel file with a password.
Answer: B
QUESTION 262
A hacker has managed to gain access to a Linux host and stolen the password file from /etc/passwd. How can he use it?
A. The password file does not contain the passwords themselves.
B. He can open it and read the user ids and corresponding passwords.
C. The file reveals the passwords to the root user only.
D. He cannot read it because it is encrypted.
Answer: D
QUESTION 263
Eve stole a file named secret.txt, transferred it to her computer and she just entered these commands:
[eve@localhost ~]$ john secret.txt
Loaded 2 password hashes with no different salts (LM [DES 128/128 SSE2-16])
Press ‘q’ or Ctrl-C to abort. almost any other key for status
0g 0:00:00:03 3/3 0g/s 86168p/s 86168c/s 172336C/s MERO..SAMPLUI
0g 0:00:00:04 3/3 0g/s 3296Kp/s 3296Kc/s 6592KC/s GOS..KARIS4
0g 0:00:00:07 3/3 0g/s 8154Kp/s 8154Kc/s 16309KC/s NY180K..NY1837
0g 0:00:00:10 3/3 0g/s 7958Kp/s 7958Kc/s 1591KC/s SHAGRN..SHENY9
What is she trying to achieve?
A. She is encrypting the file.
B. She is using John the Ripper to view the contents of the file.
C. She is using ftp to transfer the file to another hacker named John.
D. She is using John the Ripper to crack the passwords in the secret.txt file.
Answer: D
Explanation:
QUESTION 264
What is the way to decide how a packet will move from an untrusted outside host to a protected inside that is behind a firewall, which permits the hacker to determine which ports are open and if the packets can pass through the packet-filtering of the firewall.
A. Firewalking
B. Session hijacking
C. Network sniffing
D. Man-in-the-middle attack
Answer: A
QUESTION 265
Seth is starting a penetration test from inside the network. He hasn’t been given any information about the network. What type of test is he conducting?
A. Internal Whitebox
B. External, Whitebox
C. Internal, Blackbox
D. External, Blackbox
Answer: A
QUESTION 266
Which tier in the N-tier application architecture is responsible for moving and processing data between the tiers?
A. Application Layer
B. Data tier
C. Presentation tier
D. Logic tier
Answer: D
QUESTION 267
An attacker tries to do banner grabbing on a remote web server and executes the following command.
$ nmap -sV host.domain.com -p 80
He gets the following output.
Starting Nmap 6.47 ( http://nmap.org ) at 2014-12-08 19:10 EST
Nmap scan report for host.domain.com (108.61.158.211)
Host is up (0.032s latency).
PORT STATE SERVICE VERSION
80/tcp open http Apache httpd
Service detection performed. Please report any incorrect results at http://nmap.org/submit/.
Nmap done: 1 IP address (1 host up) scanned in 6.42 seconds
What did the hacker accomplish?
A. nmap can’t retrieve the version number of any running remote service.
B. The hacker successfully completed the banner grabbing.
C. The hacker should’ve used nmap -O host.domain.com.
D. The hacker failed to do banner grabbing as he didn’t get the version of the Apache web server.
Answer: B
Explanation:
QUESTION 268
_________ is a set of extensions to DNS that provide to DNS clients (resolvers) origin authentication of DNS data to reduce the threat of DNS poisoning, spoofing, and similar attacks types.
A. DNSSEC
B. Zone transfer
C. Resource transfer
D. Resource records
Answer: A
QUESTION 269
Sid is a judge for a programming contest. Before the code reaches him it goes through a restricted OS and is tested there. If it passes, then it moves onto Sid. What is this middle step called?
A. Fuzzy-testing the code
B. Third party running the code
C. Sandboxing the code
D. String validating the code
Answer: A
QUESTION 270
An IT employee got a call from one of our best customers. The caller wanted to know about the company’s network infrastructure, systems, and team. New opportunities of integration are in sight for both company and customer. What should this employee do?
A. Since the company’s policy is all about Customer Service, he/she will provide information.
B. Disregarding the call, the employee should hang up.
C. The employee should not provide any information without previous management authorization.
D. The employees can not provide any information; but, anyway, he/she will provide the name of the person in charge.
Answer: C
QUESTION 271
A well-intentioned researcher discovers a vulnerability on the web site of a major corporation. What should he do?
A. Ignore it.
B. Try to sell the information to a well-paying party on the dark web.
C. Notify the web site owner so that corrective action be taken as soon as possible to patch the vulnerability.
D. Exploit the vulnerability without harming the web site owner so that attention be drawn to the problem.
Answer: C
QUESTION 272
In both pharming and phishing attacks an attacker can create websites that look similar to legitimate sites with the intent of collecting personal identifiable information from its victims.
What is the difference between pharming and phishing attacks?
A. In a pharming attack a victim is redirected to a fake website by modifying their host configuration file or by exploiting vulnerabilities in DNS.
In a phishing attack an attacker provides the victim with a URL that is either misspelled or looks similar to the actual websites domain name.
B. Both pharming and phishing attacks are purely technical and are not considered forms of social engineering.
C. Both pharming and phishing attacks are identical.
D. In a phishing attack a victim is redirected to a fake website by modifying their host configuration file or by exploiting vulnerabilities in DNS.
In a pharming attack an attacker provides the victim with a URL that is either misspelled or looks very similar to the actual websites domain name.
Answer: A
Explanation:
QUESTION 273
Cryptography is the practice and study of techniques for secure communication in the presence of third parties (called adversaries.) More generally, it is about constructing and analyzing protocols that overcome the influence of adversaries and that are related to various aspects in information security such as data confidentiality, data integrity, authentication, and non-repudiation. Modern cryptography intersects the disciplines of mathematics, computer science, and electrical engineering. Applications of cryptography include ATM cards, computer passwords, and electronic commerce. Basic example to understand how cryptography works is given below:
SECURE (plain text)
+1(+1 next letter, for example, the letter ““T”” is used for ““S”” to encrypt.)
TFDVSF (encrypted text)
+=logic=> Algorithm
1=Factor=> Key
Which of the following choices is true about cryptography?
A. Algorithm is not the secret, key is the secret.
B. Symmetric-key algorithms are a class of algorithms for cryptography that use the different cryptographic keys for both encryption of plaintext and decryption of ciphertext.
C. Secure Sockets Layer (SSL) use the asymmetric encryption both (public/private key pair) to deliver the shared session key and to achieve a communication way.
D. Public-key cryptography, also known as asymmetric cryptography, public key is for decrypt, private key is for encrypt.
Answer: C
Explanation:
QUESTION 274
Which of these is capable of searching for and locating rogue access points?
A. HIDS
B. WISS
C. WIPS
D. NIDS
Answer: C
QUESTION 275
Which of the following is considered an exploit framework and has the ability to perform automated attacks on services, ports, applications and unpatched security flaws in a computer system?
A. Wireshark
B. Maltego
C. Metasploit
D. Nessus
Answer: C
QUESTION 276
Sophia travels a lot and worries that her laptop containing confidential documents might be stolen. What is the best protection that will work for her?
A. Password protected files
B. Hidden folders
C. BIOS password
D. Full disk encryption.
Answer: D
QUESTION 277
The network in ABC company is using the network address 192.168.1.64 with mask 255.255.255.192. In the network the servers are in the addresses 192.168.1.122, 192.168.1.123 and 192.168.1.124.
An attacker is trying to find those servers but he cannot see them in his scanning. The command he is using is:
nmap 192.168.1.64/28.
Why he cannot see the servers?
A. The network must be down and the nmap command and IP address are ok.
B. He needs to add the command ””ip address”” just before the IP address.
C. He is scanning from 192.168.1.64 to 192.168.1.78 because of the mask /28 and the servers are not in that range.
D. He needs to change the address to 192.168.1.0 with the same mask.
Answer: C
Explanation:
QUESTION 278
Bob learned that his username and password for a popular game has been compromised. He contacts the company and resets all the information. The company suggests he use two-factor authentication, which option below offers that?
A. A new username and password
B. A fingerprint scanner and his username and password.
C. Disable his username and use just a fingerprint scanner.
D. His username and a stronger password.
Answer: B
QUESTION 279
Rebecca commonly sees an error on her Windows system that states that a Data Execution Prevention (DEP) error has taken place. Which of the following is most likely taking place?
A. A race condition is being exploited, and the operating system is containing the malicious process.
B. A page fault is occurring, which forces the operating system to write data from the hard drive.
C. Malware is executing in either ROM or a cache memory area.
D. Malicious code is attempting to execute instruction in a non-executable memory region.
Answer: D
QUESTION 280
Attempting an injection attack on a web server based on responses to True/False questions is called which of the following?
A. Blind SQLi
B. DMS-specific SQLi
C. Classic SQLi
D. Compound SQLi
Answer: A
More free Lead2pass 312-50v9 exam new questions on Google Drive: https://drive.google.com/open?id=0B3Syig5i8gpDTVZJRHRvblhycms
EC-Council 312-50v9 is often called the hardest of all EC-Council exams. Lead2pass helps you kill the EC-Council 312-50v9 exam challenge and achieve the perfect passing score with its latest practice test, packed into the revolutionary interactive VCE. This is the best way to prepare and pass the 312-50v9 exam.
2017 EC-Council 312-50v9 (All 589 Q&As) exam dumps (PDF&VCE) from Lead2pass:
https://www.lead2pass.com/312-50v9.html [100% Exam Pass Guaranteed]