Skip to Content

EC-Council Certified Ethical Hacker CEH v10 312-50 Exam Questions and Answers – Page 2

The latest EC-Council Certified Ethical Hacker CEH v10 312-50 certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the EC-Council Certified Ethical Hacker CEH v10 312-50 exam and earn EC-Council Certified Ethical Hacker CEH v10 312-50 certification.

Exam Question 121

Which system consists of a publicly available set of databases that contain domain name registration contact information?

A. IANA
B. CAPTCHA
C. IETF
D. WHOIS

Correct Answer:
D. WHOIS

Exam Question 122

A penetration test was done at a company. After the test, a report was written and given to the company’s IT authorities. A section from the report is shown below:

  • Access List should be written between VLANs.
  • Port security should be enabled for the intranet.
  • A security solution which filters data packets should be set between intranet (LAN) and DMZ.
  • A WAF should be used in front of the web applications.

According to the section from the report, which of the following choice is true?

A. A stateful firewall can be used between intranet (LAN) and DMZ.
B. There is access control policy between VLANs.
C. MAC Spoof attacks cannot be performed.
D. Possibility of SQL Injection attack is eliminated.

Correct Answer:
A. A stateful firewall can be used between intranet (LAN) and DMZ.

Exam Question 123

It is a regulation that has a set of guidelines, which should be adhered to by anyone who handles any electronic medical data. These guidelines stipulate that all medical practices must ensure that all necessary measures are in place while saving, accessing, and sharing any electronic medical data to keep patient data secure.
Which of the following regulations best matches the description?

A. FISMA
B. ISO/IEC 27002
C. HIPAA
D. COBIT

Correct Answer:
C. HIPAA

Exam Question 124

Jesse receives an email with an attachment labeled “Court_Notice_21206.zip”. Inside the zip file named “Court_Notice_21206.docx.exe” disguised as a word document. Upon execution, a window appears stating, “This word document is corrupt”. In the background, the file copies itself to Jesse APPDATA\local directory and begins to beacon to a C2 server to download additional malicious binaries.
What type of malware has Jesse encountered?

A. Worm
B. Macro Virus
C. Key-Logger
D. Trojan

Correct Answer:
D. Trojan

Exam Question 125

A company’s Web development team has become aware of a certain type of security vulnerability in their Web software. To mitigate the possibility of this vulnerability being exploited, the team wants to modify the software requirements to disallow users from entering HTML as input into their Web application.
What kind of Web application vulnerability likely exists in their software?

A. Cross-site scripting vulnerability
B. Session management vulnerability
C. SQL injection vulnerability
D. Cross-site Request Forgery vulnerability

Correct Answer:
A. Cross-site scripting vulnerability

Exam Question 126

Which results will be returned with the following Google search query? site:target.com
site:Marketing.target.com accounting

A. Results from matches on the site marketing.target.com that are in the domain target.com but do not include the word accounting.
B. Results matching all words in the query.
C. Results for matches on target.com and Marketing.target.com that include the word “accounting”
D. Results matching “accounting” in domain target.com but not on the site Marketing.target.com

Correct Answer:
C. Results for matches on target.com and Marketing.target.com that include the word “accounting”

Exam Question 127

When analyzing the IDS logs, the system administrator noticed an alert was logged when the external router was accessed from the administrator’s Computer to update the router configuration. What type of an alert is this?

A. False negative
B. True negative
C. True positive
D. False positive

Correct Answer:
D. False positive

Exam Question 128

The Heartbleed bug was discovered in 2014 and is widely referred to under MITRE’s Common Vulnerabilities and Exposures (CVE) as CVE-2014-0160. This bug affects the OpenSSL implementation of the Transport Layer Security (TLS) protocols defined in RFC6520.
What type of key does this bug leave exposed to the Internet making exploitation of any compromised system very easy?

A. Public
B. Private
C. Shared
D. Root

Correct Answer:
B. Private

Exam Question 129

Eve stole a file named secret.txt, transferred it to her computer and she just entered these commands:

Eve stole a file named secret.txt, transferred it to her computer and she just entered these commands.

Eve stole a file named secret.txt, transferred it to her computer and she just entered these commands.

What is she trying to achieve?

A. She is using ftp to transfer the file to another hacker named John.
B. She is using John the Ripper to crack the passwords in the secret.txt file
C. She is encrypting the file.
D. She is using John the Ripper to view the contents of the file.

Correct Answer:
B. She is using John the Ripper to crack the passwords in the secret.txt file

Exam Question 130

What is the correct process for the TCP three-way handshake connection establishment and connection termination?

A. Connection Establishment: SYN, SYN-ACK, ACK Connection Termination: FIN, ACK-FIN, ACK
B. Connection Establishment: ACK, ACK-SYN, SYN Connection Termination: FIN, ACK-FIN, ACK
C. Connection Establishment: FIN, ACK-FIN, ACK Connection Termination: SYN, SYN-ACK, ACK
D. Connection Establishment: SYN, SYN-ACK, ACK Connection Termination: ACK, ACK-SYN, SYN

Correct Answer:
A. Connection Establishment: SYN, SYN-ACK, ACK Connection Termination: FIN, ACK-FIN, ACK

    Ads Blocker Image Powered by Code Help Pro

    Ads Blocker Detected!!!

    This site depends on revenue from ad impressions to survive. If you find this site valuable, please consider disabling your ad blocker.