The latest EC-Council Certified Ethical Hacker CEH v10 312-50 certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the EC-Council Certified Ethical Hacker CEH v10 312-50 exam and earn EC-Council Certified Ethical Hacker CEH v10 312-50 certification.
Exam Question 111
A hacker has successfully infected an internet-facing server which he will then use to send junk mail, take part in coordinated attacks, or host junk email content.
Which sort of trojan infects this server?
A. Botnet Trojan
B. Turtle Trojans
C. Banking Trojans
D. Ransomware Trojans
Correct Answer:
A. Botnet Trojan
Exam Question 112
In which phase of the ethical hacking process can Google hacking be employed? This is a technique that involves manipulating a search string with specific operators to search for vulnerabilities.
Example: allintitle: root passwd
A. Maintaining Access
B. Gaining Access
C. Reconnaissance
D. Scanning and Enumeration
Correct Answer:
C. Reconnaissance
Exam Question 113
Todd has been asked by the security officer to purchase a counter-based authentication system. Which of the following best describes this type of system?
A. A biometric system that bases authentication decisions on behavioral attributes.
B. A biometric system that bases authentication decisions on physical attributes.
C. An authentication system that creates one-time passwords that are encrypted with secret keys.
D. An authentication system that uses passphrases that are converted into virtual passwords.
Correct Answer:
C. An authentication system that creates one-time passwords that are encrypted with secret keys.
Exam Question 114
In many states sending spam is illegal. Thus, the spammers have techniques to try and ensure that no one knows they sent the spam out to thousands of users at a time. Which of the following best describes what spammers use to hide the origin of these types of e-mails?
A. A blacklist of companies that have their mail server relays configured to allow traffic only to their specific domain name.
B. Mail relaying, which is a technique of bouncing e-mail from internal to external mails servers continuously.
C. A blacklist of companies that have their mail server relays configured to be wide open.
D. Tools that will reconfigure a mail server’s relay component to send the e-mail back to the spammers occasionally.
Correct Answer:
B. Mail relaying, which is a technique of bouncing e-mail from internal to external mails servers continuously.
Exam Question 115
Which service in a PKI will vouch for the identity of an individual or company?
A. CBC
B. KDC
C. CA
D. CR
Correct Answer:
C. CA
Exam Question 116
What mechanism in Windows prevents a user from accidentally executing a potentially malicious batch (.bat) or PowerShell (.ps1) script?
A. User Access Control (UAC)
B. Data Execution Prevention (DEP)
C. Address Space Layout Randomization (ASLR)
D. Windows firewall
Correct Answer:
B. Data Execution Prevention (DEP)
Exam Question 117
Seth is starting a penetration test from inside the network. He hasn’t been given any information about the network. What type of test is he conducting?
A. Internal, Blackbox
B. External, Blackbox
C. External, Whitebox
D. Internal, Whitebox
Correct Answer:
A. Internal, Blackbox
Exam Question 118
What is the code written for?
What is the code written for?
A. Buffer Overflow
B. Encryption
C. Denial-of-service (DoS)
D. Bruteforce
Correct Answer:
A. Buffer Overflow
Exam Question 119
You are performing a penetration test. You achieved access via a buffer overflow exploit and you proceed to find interesting data, such as files with usernames and passwords. You find a hidden folder that has the administrator’s bank account password and login information for the administrator’s bitcoin account. What should you do?
A. Do not report it and continue the penetration test.
B. Transfer money from the administrator’s account to another account.
C. Do not transfer the money but steal the bitcoins.
D. Report immediately to the administrator.
Correct Answer:
D. Report immediately to the administrator.
Exam Question 120
An attacker attaches a rogue router in a network. He wants to redirect traffic to a LAN attached to his router as part of a man-in-the-middle attack. What measure on behalf of the legitimate admin can mitigate this attack?
A. Make sure that legitimate network routers are configured to run routing protocols with authentication.
B. Disable all routing protocols and only use static routes
C. Only using OSPFv3 will mitigate this risk.
D. Redirection of the traffic cannot happen unless the admin allows it explicitly.
Correct Answer:
A. Make sure that legitimate network routers are configured to run routing protocols with authentication.