Skip to Content

EC-Council Certified Ethical Hacker CEH v10 312-50 Exam Questions and Answers – Page 2

The latest EC-Council Certified Ethical Hacker CEH v10 312-50 certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the EC-Council Certified Ethical Hacker CEH v10 312-50 exam and earn EC-Council Certified Ethical Hacker CEH v10 312-50 certification.

Exam Question 111

A hacker has successfully infected an internet-facing server which he will then use to send junk mail, take part in coordinated attacks, or host junk email content.
Which sort of trojan infects this server?

A. Botnet Trojan
B. Turtle Trojans
C. Banking Trojans
D. Ransomware Trojans

Correct Answer:
A. Botnet Trojan

Exam Question 112

In which phase of the ethical hacking process can Google hacking be employed? This is a technique that involves manipulating a search string with specific operators to search for vulnerabilities.

Example: allintitle: root passwd

A. Maintaining Access
B. Gaining Access
C. Reconnaissance
D. Scanning and Enumeration

Correct Answer:
C. Reconnaissance

Exam Question 113

Todd has been asked by the security officer to purchase a counter-based authentication system. Which of the following best describes this type of system?

A. A biometric system that bases authentication decisions on behavioral attributes.
B. A biometric system that bases authentication decisions on physical attributes.
C. An authentication system that creates one-time passwords that are encrypted with secret keys.
D. An authentication system that uses passphrases that are converted into virtual passwords.

Correct Answer:
C. An authentication system that creates one-time passwords that are encrypted with secret keys.

Exam Question 114

In many states sending spam is illegal. Thus, the spammers have techniques to try and ensure that no one knows they sent the spam out to thousands of users at a time. Which of the following best describes what spammers use to hide the origin of these types of e-mails?

A. A blacklist of companies that have their mail server relays configured to allow traffic only to their specific domain name.
B. Mail relaying, which is a technique of bouncing e-mail from internal to external mails servers continuously.
C. A blacklist of companies that have their mail server relays configured to be wide open.
D. Tools that will reconfigure a mail server’s relay component to send the e-mail back to the spammers occasionally.

Correct Answer:
B. Mail relaying, which is a technique of bouncing e-mail from internal to external mails servers continuously.

Exam Question 115

Which service in a PKI will vouch for the identity of an individual or company?

A. CBC
B. KDC
C. CA
D. CR

Correct Answer:
C. CA

Exam Question 116

What mechanism in Windows prevents a user from accidentally executing a potentially malicious batch (.bat) or PowerShell (.ps1) script?

A. User Access Control (UAC)
B. Data Execution Prevention (DEP)
C. Address Space Layout Randomization (ASLR)
D. Windows firewall

Correct Answer:
B. Data Execution Prevention (DEP)

Exam Question 117

Seth is starting a penetration test from inside the network. He hasn’t been given any information about the network. What type of test is he conducting?

A. Internal, Blackbox
B. External, Blackbox
C. External, Whitebox
D. Internal, Whitebox

Correct Answer:
A. Internal, Blackbox

Exam Question 118

What is the code written for?

What is the code written for?

What is the code written for?

A. Buffer Overflow
B. Encryption
C. Denial-of-service (DoS)
D. Bruteforce

Correct Answer:
A. Buffer Overflow

Exam Question 119

You are performing a penetration test. You achieved access via a buffer overflow exploit and you proceed to find interesting data, such as files with usernames and passwords. You find a hidden folder that has the administrator’s bank account password and login information for the administrator’s bitcoin account. What should you do?

A. Do not report it and continue the penetration test.
B. Transfer money from the administrator’s account to another account.
C. Do not transfer the money but steal the bitcoins.
D. Report immediately to the administrator.

Correct Answer:
D. Report immediately to the administrator.

Exam Question 120

An attacker attaches a rogue router in a network. He wants to redirect traffic to a LAN attached to his router as part of a man-in-the-middle attack. What measure on behalf of the legitimate admin can mitigate this attack?

A. Make sure that legitimate network routers are configured to run routing protocols with authentication.
B. Disable all routing protocols and only use static routes
C. Only using OSPFv3 will mitigate this risk.
D. Redirection of the traffic cannot happen unless the admin allows it explicitly.

Correct Answer:
A. Make sure that legitimate network routers are configured to run routing protocols with authentication.

    Ads Blocker Image Powered by Code Help Pro

    Ads Blocker Detected!!!

    This site depends on revenue from ad impressions to survive. If you find this site valuable, please consider disabling your ad blocker.