The latest EC-Council Certified Ethical Hacker CEH v10 312-50 certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the EC-Council Certified Ethical Hacker CEH v10 312-50 exam and earn EC-Council Certified Ethical Hacker CEH v10 312-50 certification.
Exam Question 151
Which command can be used to show the current TCP/IP connections?
A. Netsh
B. Net use connection
C. Netstat
D. Net use
Correct Answer:
C. Netstat
Exam Question 152
You are performing information gathering for an important penetration test. You have found pdf, doc, and images in your objective. You decide to extract metadata from these files and analyze it. What tool will help you with the task?
A. Armitage
B. DMitry
C. Metagoofil
D. cdpsnarf
Correct Answer:
C. Metagoofil
Exam Question 153
When you are collecting information to perform a data analysis, Google commands are very useful to find sensitive information and files. These files may contain information about passwords, system functions, or documentation. What command will help you to search files using Google as a search engine?
A. site: target.com filetype:xls username password email
B. domain: target.com archieve:xls username password email
C. inurl: target.com filename:xls username password email
D. site: target.com file:xls username password email
Correct Answer:
A. site: target.com filetype:xls username password email
Exam Question 154
You have successfully gained access to your client’s internal network and successfully comprised a Linux server which is part of the internal IP network. You want to know which Microsoft Windows workstations have file sharing enabled. Which port would you see listening on these Windows machines in the network?
A. 161
B. 3389
C. 445
D. 1433
Correct Answer:
C. 445
Exam Question 155
Which of the following is assured by the use of a hash?
A. Authentication
B. Confidentially
C. Availability
D. Integrity
Correct Answer:
D. Integrity
Exam Question 156
Risks=Threats x Vulnerabilities is referred to as the:
A. BIA equation
B. Disaster recovery formula
C. Risk equation
D. Threat assessment
Correct Answer:
C. Risk equation
Exam Question 157
You have just been hired to perform a pen test on an organization that has been subjected to a large-scale attack. The CIO is concerned with mitigating threats and vulnerabilities to totally eliminate risk. What is one of the first things you should do when given the job?
A. Establish attribution to suspected attackers
B. Interview all employees in the company to rule out possible insider threats
C. Explain to the CIO that you cannot eliminate all risk, but you will be able to reduce risk to acceptable levels.
D. Start the wireshark application to start sniffing network traffic.
Correct Answer:
C. Explain to the CIO that you cannot eliminate all risk, but you will be able to reduce risk to acceptable levels.
Exam Question 158
During an Xmas scan, what indicates a port is closed?
A. RST
B. SYN
C. ACK
D. No return response
Correct Answer:
A. RST
Exam Question 159
Tremp is an IT Security Manager, and he is planning to deploy an IDS in his small company. He is looking for an IDS with the following characteristics: -Verifies success or failure of an attack – Monitors system activities – Detects attacks that a network-based IDS fails to detect. – Near real-time detection and response – Does not require additional hardware – Lower entry cost. Which type of IDS is best suited for Tremp’s requirements?
A. Network-based IDS
B. Open source-based IDS
C. Host-based IDS
D. Gateway-based IDS
Correct Answer:
C. Host-based IDS
Exam Question 160
Which of the following is not a Bluetooth attack?
A. Bluesnarfing
B. Bluedriving
C. Bluesmacking
D. Bluejacking
Correct Answer:
B. Bluedriving