Examcollection 312-50v9 Questions are updated and all 312-50v9 answers are verified by experts. Once you have completely prepared with our 312-50v9 exam prep kits you will be ready for the real 312-50v9 exam without a problem. We have Updated EC-Council 312-50v9 dumps study guide. PASSED 312-50v9 First attempt! Here What I Did.
♥♥ 2021 NEW RECOMMEND ♥♥
Free VCE & PDF File for EC-Council 312-50v9 Real Exam (Full Version!)
★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW 312-50v9 Exam Dumps (PDF & VCE):
Available on:
http://www.surepassexam.com/312-50v9-exam-dumps.html
Q21. A company’s security states that all web browsers must automatically delete their HTTP browser cookies upon terminating. What sort of security breach is this policy attempting to mitigate?
A. Attempts by attackers to determine the user's Web browser usage patterns, including when sites were visited and for how long.
B. Attempts by attackers to access passwords stored on the user's computer without the user's knowledge.
C. Attempts by attackers to access Web sites that trust the Web browser user by stealing the user's authentication credentials.
D. Attempts by attacks to access the user and password information stores in the company's SQL database.
Answer: C
Q22. You have compromised a server on a network and successfully open a shell. You aimed to identify all operating systems running on the network. However, as you attemptto fingerprint all machines in the machines in the network using the nmap syntax below, it is not going through.
invictus@victim_server:~$nmap –T4 –O 10.10.0.0/24
TCP/IP fingerprinting (for OS scan) xxxxxxx xxxxxx xxxxxxxxxx. QUITTING!
What seems to be wrong?
A. The outgoing TCP/IP fingerprinting is blocked by the host firewall.
B. This is a common behavior for a corrupted nmap application.
C. OS Scan requires root privileged.
D. The nmap syntax is wrong.
Answer: D
Q23. When you return to your desk after a lunch break, you notice a strange email in your inbox. The senders is someone you did business with recently but the subject line has strange characters in it.
What should you do?
A. Forward the message to your company’s security response team and permanently delete the message from your computer.
B. Delete the email and pretend nothing happened.
C. Forward the message to your supervisor andask for her opinion on how to handle the situation.
D. Reply to the sender and ask them for more information about the message contents.
Answer: A
Q24. As a Certified Ethical hacker, you were contracted by aprivate firm to conduct an external security assessment through penetration testing.
What document describes the specified of the testing, the associated violations, and essentially protects both the organization’s interest and your li abilities as a tester?
A. Term of Engagement
B. Non-Disclosure Agreement
C. Project Scope
D. Service Level Agreement
Answer: B
Q25. You are tasked to perform a penetration test. While you are performinginformation gathering, you find ab employee list in Google. You find receptionist’s email, and you send her an email changing the source email to her boss’s email ( boss@company ). In this email, you ask for a pdf with information. She reads your email and sends back a pdf with links. You exchange the pdf links with your malicious links (these links contain malware) and send back the modified pdf, saying that the links don’t work. She reads your email, opens the links, and her machine gets infected.
What testing method did you use?
A. Piggybacking
B. Tailgating
C. Evesdropping
D. Social engineering
Answer: D
Q26. Which of the following tools is used to detect wireless LANs using the 802.11a/b/g/n WLAN standards on a linux platform?
A. Kismet
B. Netstumbler
C. Abel
D. Nessus
Answer: A
Q27. The purpose of a is to deny network access to local area networks and other information assets by unauthorized wireless devices.
A. Wireless Access Point
B. Wireless Analyzer
C. Wireless Access Control list
D. Wireless Intrusion Prevention System
Answer: D
Q28. You have successfully comprised a server having an IP address of 10.10.0.5. You would like to enumerate all machines in the same network quickly.
What is the best nmap command you will use?
A. Nmap –T4 –F 10.10.0.0/24
B. Nmap –T4 –q 10.10.0.0/24
C. Nmap –T4 –O 10.10.0.0/24
D. Nmap –T4 –r 10.10.0.0/24
Answer: A
Q29. Which of the following incident handling process phases is responsible for defining rules, creating a back-up plan, and testing the plans for an enterprise?
A. Preparation phase
A. B. Recovery phase
C. Identification phase
D. Containment phase
Answer: A
Q30. Nation-state threat actors often discover vulnerabilitiesand hold on to them until they want to launch a sophisticated attack. The Stuxnet attack was an unprecedented style of attack because it used four types of this vulnerability.
What is this style of attack called?
A. zero-hour
B. no-day
C. zero-day
D. zero-sum
Answer:: C
