docExact2pass ECCouncil-312-50v10
download 
Report Transcription
Exact2pass ECCouncil-312-50v10
ECCouncil 312-50v10 Certified Ethical Hacker Exam (C|EH v10) Web: www.exact2pass.com Version: Demo Email: support@exact2pass.com [ Total Questions: 10] IMPORTANT NOTICE Feedback We have developed quality product and state-of-art service to ensure our customers interest. If you have any suggestions, please feel free to contact us at feedback@exact2pass.com Support If you have any questions about our product, please provide the following items: exam code screenshot of the question login id/email please contact us at support@exact2pass.com and our technical experts will provide support within 24 hours. Copyright The product of each order has its own encryption code, so you should use it independently. Any unauthorized changes will inflict legal punishment. We reserve the right of final explanation for this statement. Exact Questions ECCouncil - 312-50v10 Exam Topic Breakdown Exam Topic Number of Questions Topic 6 : Exam Pool F 2 Topic 1 : Exam Pool A 2 Topic 5 : Exam Pool E 2 Topic 7 : Exam Pool G 2 Topic 2 : Exam Pool B 2 Topic 3 : Exam Pool C 0 Topic 4 : Exam Pool D 0 TOTAL 10 Only exact questions will Pass You in Exam 1 of 9 Exact Questions ECCouncil - 312-50v10 Topic 6, Exam Pool F Question #:1 - (Exam Topic 6) Which of the following is the BEST way to protect Personally Identifiable Information (PII) from being exploited due to vulnerabilities of varying web applications? A. Use cryptographic storage to store all PII B. Use full disk encryption on all hard drives to protect PII C. Use encrypted communications protocols to transmit PII D. Use a security token to log into all Web applications that use PII Answer: C Question #:2 - (Exam Topic 6) It is a widely used standard for message logging. It permits separation of the software that generates messages, the system that stores them, and the software that reports and analyzes them. This protocol is specifically designed for transporting event messages. Which of the following is being described? A. SNMP B. ICMP C. SYSLOG D. SMS Answer: C Only exact questions will Pass You in Exam 2 of 9 Exact Questions ECCouncil - 312-50v10 Topic 1, Exam Pool A Question #:3 - (Exam Topic 1) You are a Penetration Tester and are assigned to scan a server. You need to use a scanning technique wherein the TCP Header is split into many packets so that it becomes difficult to detect what the packets are meant for. Which of the below scanning technique will you use? A. ACK flag scanning B. TCP Scanning C. IP Fragment Scanning D. Inverse TCP flag scanning Answer: C Question #:4 - (Exam Topic 1) What is the minimum number of network connections in a multi homed firewall? A. 3 B. 5 C. 4 D. 2 Answer: A Only exact questions will Pass You in Exam 3 of 9 Exact Questions ECCouncil - 312-50v10 Topic 5, Exam Pool E Question #:5 - (Exam Topic 5) Seth is starting a penetration test from inside the network. He hasn't been given any information about the network. What type of test is he conducting? A. Internal Whitebox B. External, Whitebox C. Internal, Blackbox D. External, Blackbox Answer: C Question #:6 - (Exam Topic 5) Emil uses nmap to scan two hosts using this command. nmap -sS -T4 -O 192.168.99.1 192.168.99.7 He receives this output: Only exact questions will Pass You in Exam 4 of 9 Exact Questions ECCouncil - 312-50v10 What is his conclusion? A. Host 192.168.99.7 is an iPad. B. He performed a SYN scan and OS scan on hosts 192.168.99.1 and 192.168.99.7. C. Host 192.168.99.1 is the host that he launched the scan from. D. Host 192.168.99.7 is down. Answer: B Only exact questions will Pass You in Exam 5 of 9 Exact Questions ECCouncil - 312-50v10 Topic 7, Exam Pool G Question #:7 - (Exam Topic 7) In the context of password security, a simple dictionary attack involves loading a dictionary file (a text file full of dictionary words) into a cracking application such as L0phtCrack or John the Ripper, and running it against user accounts located by the application. The larger the word and word fragment selection, the more effective the dictionary attack is. The brute force method is the most inclusive, although slow. It usually tries every possible letter and number combination in its automated exploration. If you would use both brute force and dictionary methods combined together to have variation of words, what would you call such an attack? A. Full Blown B. Thorough C. Hybrid D. BruteDics Answer: C Question #:8 - (Exam Topic 7) Let's imagine three companies (A, B and C), all competing in a challenging global environment. Company A and B are working together in developing a product that will generate a major competitive advantage for them. Company A has a secure DNS server while company B has a DNS server vulnerable to spoofing. With a spoofing attack on the DNS server of company B, company C gains access to outgoing e-mails from company B. How do you prevent DNS spoofing? A. Install DNS logger and track vulnerable packets B. Disable DNS timeouts C. Install DNS Anti-spoofing D. Disable DNS Zone Transfer Answer: C Only exact questions will Pass You in Exam 6 of 9 Exact Questions ECCouncil - 312-50v10 Topic 2, Exam Pool B Question #:9 - (Exam Topic 2) Which of the following is a preventive control? A. Smart card authentication B. Security policy C. Audit trail D. Continuity of operations plan Answer: A Question #:10 - (Exam Topic 2) What technique is used to perform a Connection Stream Parameter Pollution (CSPP) attack? A. Injecting parameters into a connection string using semicolons as a separator B. Inserting malicious Javascript code into input parameters C. Setting a user's session identifier (SID) to an explicit known value D. Adding multiple parameters with the same name in HTTP requests Answer: A Only exact questions will Pass You in Exam 7 of 9 Exact Questions ECCouncil - 312-50v10 Topic 3, Exam Pool C Only exact questions will Pass You in Exam 8 of 9 Exact Questions ECCouncil - 312-50v10 Topic 4, Exam Pool D Only exact questions will Pass You in Exam 9 of 9 About exact2pass.com exact2pass.com was founded in 2007. We provide latest & high quality IT / Business Certification Training Exam Questions, Study Guides, Practice Tests. We help you pass any IT / Business Certification Exams with 100% Pass Guaranteed or Full Refund. Especially Cisco, CompTIA, Citrix, EMC, HP, Oracle, VMware, Juniper, Check Point, LPI, Nortel, EXIN and so on. View list of all certification exams: All vendors We prepare state-of-the art practice tests for certification exams. You can reach us at any of the email addresses listed below. Sales: sales@exact2pass.com Feedback: feedback@exact2pass.com Support: support@exact2pass.com Any problems about IT certification or our products, You can write us back and we will get back to you within 24 hours.
Similar documents
Kids Local Swimming Pools Near Me - Active Nation
Looking for kids Swimming pool near me? Activenation.org.uk, you will find kids local swimming pools near me. At here, our trainers teach you in detail about safe swimming and inspire young swimmers. Visit our website for more details!
