Exact of 312-50v10 exam question materials and testing software for EC-Council certification for IT learners, Real Success Guaranteed with Updated 312-50v10 pdf dumps vce Materials. 100% PASS Certified Ethical Hacker v10 exam Today!
P.S. Exact 312-50v10 testing software are available on Google Drive, GET MORE: https://drive.google.com/open?id=1zsw3xzCsgbQD0e_ZoE_G5GuVGlIbaphk
New EC-Council 312-50v10 Exam Dumps Collection (Question 5 - Question 14)
Q1. How does the Address Resolution Protocol (ARP) work?
A. It sends a request packet to all the network elements, asking for the domain name from a specific IP.
B. It sends a request packet to all the network elements, asking for the MAC address from a specific IP.
C. It sends a reply packet to all the network elements, asking for the MAC address from a specific IP.
D. It sends a reply packet for a specific IP, asking for the MAC address.
Answer: B
Q2. You have successfully gained access to a Linux server and would like to ensure that the succeeding outgoing traffic from this server will not be caught by Network-Based Intrusion Detection Systems (NIDS).
What is the best way to evade the NIDS?
A. Out of band signaling
B. Protocol Isolation
C. Encryption
D. Alternate Data Streams
Answer: C
Q3. Which one of the following Google advanced search operators allows an attacker to restrict the results to those websites in the given domain?
A. [cache:]
B. [site:]
C. [inurl:]
D. [link:]
Answer: B
Q4. This asymmetry cipher is based on factoring the product of two large prime numbers. What cipher is described above?
A. SHA
B. RSA
C. MD5
D. RC5
Answer: B
Q5. What is the most common method to exploit the u201cBash Bugu201d or u201cShellShock" vulnerability?
A. Manipulate format strings in text fields
B. SSH
C. SYN Flood
D. Through Web servers utilizing CGI (Common Gateway Interface) to send a malformed environment variable to a vulnerable Web server
Answer: D
Q6. Insecure direct object reference is a type of vulnerability where the application does not verify if the user is authorized to access the internal object via its name or key.
Suppose a malicious user Rob tries to get access to the account of a benign user Ned.
Which of the following requests best illustrates an attempt to exploit an insecure direct object reference vulnerability?
A. u201cGET/restricted/goldtransfer?to=Rob&from=1 or 1=1u2021 HTTP/1.1Host: westbank.comu201d
B. u201cGET/restricted/accounts/?name=Ned HTTP/1.1 Host: westbank.comu201d
C. u201cGET/restricted/bank.getaccount(u2021Nedu2021) HTTP/1.1 Host: westbank.comu201d
D. u201cGET/restricted/\r\n\%00account%00Ned%00access HTTP/1.1 Host: westbank.comu201d
Answer: B
Q7. The establishment of a TCP connection involves a negotiation called three-way handshake. What type of message does the client send to the server in order to begin this negotiation?
A. ACK
B. SYN
C. RST
D. SYN-ACK
Answer: B
Q8. Which component of IPsec performs protocol-level functions that are required to encrypt and decrypt the packets?
A. Internet Key Exchange (IKE)
B. Oakley
C. IPsec Policy Agent
D. IPsec driver
Answer: A
Q9. You have gained physical access to a Windows 2008 R2 server which has an accessible disc drive. When you attempt to boot the server and log in, you are unable to guess the password. In your toolkit, you have an Ubuntu 9.10 Linux LiveCD. Which Linux-based tool can change any useru2021s password or activate disabled Windows accounts?
A. John the Ripper
B. SET
C. CHNTPW
D. Cain & Abel
Answer: C
Q10. Sam is working as s pen-tester in an organization in Houston. He performs penetration testing on IDS in order to find the different ways an attacker uses to evade the IDS. Sam sends a large amount of packets to the target IDS that generates alerts, which enable Sam to hide the real traffic. What type of method is Sam using to evade IDS?
A. Denial-of-Service
B. False Positive Generation
C. Insertion Attack
D. Obfuscating
Answer: B
100% Most up-to-date EC-Council 312-50v10 Questions & Answers shared by Surepassexam, Get HERE: https://www.surepassexam.com/312-50v10-exam-dumps.html (New Q&As)