Your success in EC-Council 312-50v9 is our sole target and we develop all our 312-50v9 braindumps in a way that facilitates the attainment of this target. Not only is our 312-50v9 study material the best you can find, it is also the most detailed and the most updated. 312-50v9 Practice Exams for EC-Council CEH 312-50v9 are written to the highest standards of technical accuracy.
♥♥ 2021 NEW RECOMMEND ♥♥
Free VCE & PDF File for EC-Council 312-50v9 Real Exam (Full Version!)
★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW 312-50v9 Exam Dumps (PDF & VCE):
Available on:
http://www.surepassexam.com/312-50v9-exam-dumps.html
Q11. A common cryptographically tool is the use of XOR. XOR the following binary value: 10110001
00111010
A. 10001011
B. 10011101
C. 11011000
D. 10111100
Answer: A
Q12. Which of the following is not a Bluetooth attack?
A. Bluejacking
B. Bluedriving
C. Bluesnarfing
D. Bluesmaking
Answer: B
Q13. You are performing a penetration test. You achieved access via a bufferoverflow exploit and you proceed to find interesting data, such as files with usernames and passwords. You find a hidden folder that has the administrator’s bank account password and login information for the administrator’s bitcoin account.
What should you do?
A. Do not transfer the money but steal the bitcoins.
B. Report immediately to the administrator.
A. C. Transfer money from the administrator’s account to another account.
D. Do not report it and continue the penetration test.
Answer: B
Q14. Which of the followingtypes of firewalls ensures that the packets are part of the established session?
A. Switch-level firewall
B. Stateful inspection firewall
C. Application-level firewall
D. Circuit-level firewall
Answer: B
Q15. The “Gray box testing” methodology enforces what kind of restriction?
A. Only the external operation of a system is accessible to the tester.
B. Only the internal operation of a system is known to the tester.
C. The internal operation of a system is completely known to the tester.
D. The internal operation of a system is only partly accessible to the tester.
Answer: D
Q16. To determine if a software program properly handles a wide range of invalid input, a form of automated testing can be used randomly generate invalid input in an attempt to crash the program.
What term is commonly used when referring to this type of testing?
A. Bounding
B. Mutating
C. Puzzing
D. Randomizing
Answer: C
Q17. During a blackbox pen test you attempt to pass IRC traffic over post 80/TCP from a compromised web enabled host. The traffic gets blocked; however outbound HTTP traffic is unimpeded.
What type of firewall is inspecting outbound traffic?
A. Circuit
B. Packet Filtering
C. Application
D. Stateful
Answer: C
Q18. While performing online banking using a web browser, a user receives an email that contains alink to an interesting Web site. When the user clicks on the link, another web browser session starts and displays a video of cats playing a piano. The next business day, the user receives what looks like an email from his bank, indicating that his bank account has been accessed from a foreign country. The email asks the user to call his bank and verify the authorization of a funds transfer that took place.
What web browser-based security vulnerability was exploited to compromise the user?
A. Cross-Site Request Forgery
B. Cross-Site Scripting
C. Web form input validation
D. Clickjacking
Answer: A
Q19. This tool is an 802.11 WEP and WPA-PSK keys cracking program that can recover keys once enough data packets have been captured. It implements the standard FMS attach along with some optimizations like Korek attacks, as well as the PTW attack, thus making the attack much faster compared to other WEP cracking tools.
Which of the following tools is being described?
A. Wificracker
B. WLAN-crack
C. Airguard
D. Aircrack-ng
Answer: D
Q20. An attacker changes the profile information of a particular user on a target website (the victim). The attacker uses this string to update the victim's profile to a text file and then submit the data to the attacker’s database.
<frame src=http://www/vulnweb.com/updataif.php Style=”display:none”></iframe> What is this type of attack (that can use either HTTP GET or HRRP POST) called?
A. Cross-Site Request Forgery
B. Cross-Site Scripting
C. SQL Injection
D. Browser Hacking
Answer: A
