Skip to Content

EC-Council Certified Ethical Hacker CEH v10 312-50 Exam Questions and Answers – Page 2

The latest EC-Council Certified Ethical Hacker CEH v10 312-50 certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the EC-Council Certified Ethical Hacker CEH v10 312-50 exam and earn EC-Council Certified Ethical Hacker CEH v10 312-50 certification.

Exam Question 141

Gavin owns a white-hat firm and is performing a website security audit for one of his clients. He begins by running a scan which looks for common misconfigurations and outdated software versions. Which of the following tools is he most likely using?

A. Armitage
B. Nikto
C. Metasploit
D. Nmap

Correct Answer:
B. Nikto

Exam Question 142

Matthew, a black hat, has managed to open a meterpreter session to one of the kiosk machines in Evil Corp’s lobby. He checks his current SID, which is S-1-5-21-1223352397-1872883824-861252104-501.
What needs to happen before Matthew has full administrator access?

A. He needs to gain physical access.
B. He must perform privilege escalation.
C. He already has admin privileges, as shown by the “501” at the end of the SID.
D. He needs to disable antivirus protection.

Correct Answer:
B. He must perform privilege escalation.

Exam Question 143

Elliot is in the process of exploiting a web application that uses SQL as a back-end database. He is determined that the application is vulnerable to SQL injection and has introduced conditional timing delays into injected queries to determine whether they are successful. What type of SQL injection is Elliot most likely performing?

A. NoSQL injection
B. Blind SQL injection
C. Union-based SQL injection
D. Error-based SQL injection

Correct Answer:
B. Blind SQL injection

Exam Question 144

You have successfully logged on a Linux system. You want to now cover your track. Your login attempt may be logged on several files located in /var/log. Which file does NOT belong to the list:

A. wtmp
B. user.log
C. btmp
D. auth.log

Correct Answer:
B. user.log

Exam Question 145

Log monitoring tools performing behavioral analysis have alerted several suspicious logins on a Linux server occuring during non-business hours. After further examination of all login activities, it is notices that none of the logins have occurred during typical work hours. A Linux administrator who is investigating this problem realized the system time on the Linux server is wrong by more than twelve hours. What protocol used on Linux serves to synchronize the time has stopped working?

A. NTP
B. TimeKeeper
C. OSPF
D. PPP

Correct Answer:
A. NTP

Exam Question 146

The “black box testing” methodology enforces what kind of restriction?

A. Only the internal operation of a system is known to the tester.
B. The internal operation of a system is completely known to the tester.
C. The internal operation of a system is only partly accessible to the tester.
D. Only the external operation of a system is accessible to the tester.

Correct Answer:
D. Only the external operation of a system is accessible to the tester.

Exam Question 147

>NMAP –sn 192.168.11.200-215 The NMAP command above performs which of the following?

A. A port scan
B. A ping scan
C. An operating system detect
D. A trace sweep

Correct Answer:
B. A ping scan

Exam Question 148

An LDAP directory can be used to store information similar to a SQL database. LDAP uses a ____ database structure instead of SQL’s ______ structure. Because of this, LDAP has difficulty representing many-to-one relationships.

A. Strict, Abstract
B. Simple, Complex
C. Relational, Hierarchical
D. Hierarchical, Relational

Correct Answer:
D. Hierarchical, Relational

Exam Question 149

Which of the following statements is FALSE with respect to Intrusion Detection Systems?

A. Intrusion Detection Systems can easily distinguish a malicious payload in an encrypted traffic
B. Intrusion Detection Systems can examine the contents of the data in context of the network protocol
C. Intrusion Detection Systems can be configured to distinguish specific content in network packets
D. Intrusion Detection Systems require constant update of the signature library

Correct Answer:
A. Intrusion Detection Systems can easily distinguish a malicious payload in an encrypted traffic

Exam Question 150

You are performing a penetration test for a client and have gained shell access to a Windows machine on the internal network. You intend to retrieve all DNS records for the internal domain. If the DNS server is at 192.168.10.2 and the domain name is abccorp.local, what command would you type at the nslookup prompt to attempt a zone transfer?

A. list domain=abccorp.local type=zone
B. Is –d accorp.local
C. list server=192.168.10.2 type=all
D. Iserver 192.168.10.2 –t all

Correct Answer:
B. Is –d accorp.local

    Ads Blocker Image Powered by Code Help Pro

    Ads Blocker Detected!!!

    This site depends on revenue from ad impressions to survive. If you find this site valuable, please consider disabling your ad blocker.