312-50v11 Actual Exam Questions

Last updated on Dec. 19, 2024.
Vendor:ECCouncil
Exam Code:312-50v11
Exam Name:Certified Ethical Hacker v11 Exam
Exam Questions:400
 

Topic 1 - Single Topic

Question #1 Topic 1

While performing online banking using a Web browser, a user receives an email that contains a link to an interesting Web site. When the user clicks on the link, another Web browser session starts and displays a video of cats playing a piano. The next business day, the user receives what looks like an email from his bank, indicating that his bank account has been accessed from a foreign country. The email asks the user to call his bank and verify the authorization of a funds transfer that took place. What Web browser-based security vulnerability was exploited to compromise the user?

  • A. Clickjacking
  • B. Cross-Site Scripting
  • C. Cross-Site Request Forgery
  • D. Web form input validation
Reveal Solution Hide Solution   Discussion   29

Correct Answer: C 🗳️

Question #2 Topic 1

Which service in a PKI will vouch for the identity of an individual or company?

  • A. KDC
  • B. CR
  • C. CBC
  • D. CA
Reveal Solution Hide Solution   Discussion   15

Correct Answer: D 🗳️

Question #3 Topic 1

Identify the web application attack where the attackers exploit vulnerabilities in dynamically generated web pages to inject client-side script into web pages viewed by other users.

  • A. LDAP Injection attack
  • B. Cross-Site Scripting (XSS)
  • C. SQL injection attack
  • D. Cross-Site Request Forgery (CSRF)
Reveal Solution Hide Solution   Discussion   7

Correct Answer: B 🗳️

Question #4 Topic 1

User A is writing a sensitive email message to user B outside the local network. User A has chosen to use PKI to secure his message and ensure only user B can read the sensitive email. At what layer of the OSI layer does the encryption and decryption of the message take place?

  • A. Application
  • B. Transport
  • C. Session
  • D. Presentation
Reveal Solution Hide Solution   Discussion   9

Correct Answer: D 🗳️

Question #5 Topic 1

A new wireless client is configured to join a 802.11 network. This client uses the same hardware and software as many of the other clients on the network. The client can see the network, but cannot connect. A wireless packet sniffer shows that the Wireless Access Point (WAP) is not responding to the association requests being sent by the wireless client. What is a possible source of this problem?

  • A. The WAP does not recognize the client's MAC address
  • B. The client cannot see the SSID of the wireless network
  • C. Client is configured for the wrong channel
  • D. The wireless client is not configured to use DHCP
Reveal Solution Hide Solution   Discussion   6

Correct Answer: A 🗳️

Question #6 Topic 1

If you want to only scan fewer ports than the default scan using Nmap tool, which option would you use?

  • A. -r
  • B. -F
  • C. -P
  • D. -sP
Reveal Solution Hide Solution   Discussion   9

Correct Answer: B 🗳️

Question #7 Topic 1

Which of the following is the structure designed to verify and authenticate the identity of individuals within the enterprise taking part in a data exchange?

  • A. SOA
  • B. biometrics
  • C. single sign on
  • D. PKI
Reveal Solution Hide Solution   Discussion   6

Correct Answer: D 🗳️

Question #8 Topic 1

You are tasked to perform a penetration test. While you are performing information gathering, you find an employee list in Google. You find the receptionist's email, and you send her an email changing the source email to her boss's email (boss@company). In this email, you ask for a pdf with information. She reads your email and sends back a pdf with links. You exchange the pdf links with your malicious links (these links contain malware) and send back the modified pdf, saying that the links don't work. She reads your email, opens the links, and her machine gets infected. You now have access to the company network. What testing method did you use?

  • A. Social engineering
  • B. Piggybacking
  • C. Tailgating
  • D. Eavesdropping
Reveal Solution Hide Solution   Discussion   5

Correct Answer: A 🗳️

Question #9 Topic 1

If a tester is attempting to ping a target that exists but receives no response or a response that states the destination is unreachable, ICMP may be disabled and the network may be using TCP. Which other option could the tester use to get a response from a host using TCP?

  • A. Traceroute
  • B. Hping
  • C. TCP ping
  • D. Broadcast ping
Reveal Solution Hide Solution   Discussion   11

Correct Answer: B 🗳️

Question #10 Topic 1

Which is the first step followed by Vulnerability Scanners for scanning a network?

  • A. OS Detection
  • B. Firewall detection
  • C. TCP/UDP Port scanning
  • D. Checking if the remote host is alive
Reveal Solution Hide Solution   Discussion   7

Correct Answer: D 🗳️

file Viewing page 1 out of 40 pages.
Viewing questions 1-10 out of 400 questions
Next Questions
Browse atleast 50% to increase passing rate cup
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Loading ...
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago