The latest EC-Council Certified Ethical Hacker CEH v10 312-50 certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the EC-Council Certified Ethical Hacker CEH v10 312-50 exam and earn EC-Council Certified Ethical Hacker CEH v10 312-50 certification.
Exam Question 181
What is the minimum number of network connections in a multihomed firewall?
A. 3
B. 2
C. 5
D. 4
Correct Answer:
B. 2
Exam Question 182
Which of the following tools performs comprehensive tests against web servers, including dangerous files and CGIs?
A. Dsniff
B. John the Ripper
C. Snort
D. Nikto
Correct Answer:
D. Nikto
Exam Question 183
Hackers often raise the trust level of a phishing message by modeling the email to look similar to the internal email used by the target company. This includes using logos, formatting, and names of the target company. The phishing message will often use the name of the company CEO, President, or Managers.
The time a hacker spends performing research to locate this information about a company is known as?
A. Exploration
B. Investigation
C. Reconnaissance
D. Enumeration
Correct Answer:
C. Reconnaissance
Exam Question 184
Your business has decided to add credit card numbers to the data it backs up to tape. Which of the following represents the best practice your business should observe?
A. Do not back up either the credit card numbers or their hashes.
B. Encrypt backup tapes that are sent off-site.
C. Back up the hashes of the credit card numbers not the actual credit card numbers.
D. Hire a security consultant to provide direction.
Correct Answer:
D. Hire a security consultant to provide direction.
Exam Question 185
Which of the following Linux commands will resolve a domain name into IP address?
A. >host-t a hackeddomain.com
B. >host-t ns hackeddomain.com
C. >host -t soa hackeddomain.com
D. >host -t AXFR hackeddomain.com
Correct Answer:
A. >host-t a hackeddomain.com
Exam Question 186
Which of the following is a command line packet analyzer similar to GUI-based Wireshark?
A. Nessus
B. Jack the ripper
C. Tcpdump
D. Ethereal
Correct Answer:
C. Tcpdump
Exam Question 187
User A is writing a sensitive email message to user B outside the local network. User A has chosen to use PKI to secure his message and ensure only user B can read the sensitive email. At what layer of the OSI layer does the encryption and decryption of the message take place?
A. Application
B. Transport
C. Session
D. Presentation
Correct Answer:
D. Presentation
Exam Question 188
Which of the following steps for risk assessment methodology refers to vulnerability identification?
A. Assigns values to risk probabilities; Impact values
B. Determines risk probability that vulnerability will be exploited (High, Medium, Low)
C. Identifies sources of harm to an IT system (Natural, Human, Environmental)
D. Determines if any flaws exist in systems, policies, or procedures
Correct Answer:
D. Determines if any flaws exist in systems, policies, or procedures
Exam Question 189
An Intrusion Detection System (IDS) has alerted the network administrator to a possibly malicious sequence of packets sent to a Web server in the network’s external DMZ. The packet traffic was captured by the IDS and saved to a PCAP file. What type of network tool can be used to determine if these packets are genuinely malicious or simply a false positive?
A. Protocol analyzer
B. Network sniffer
C. Intrusion Prevention System (IPS)
D. Vulnerability scanner
Correct Answer:
A. Protocol analyzer
Exam Question 190
In the field of cryptanalysis, what is meant by a “rubber-hose” attack?
A. Forcing the targeted keystream through a hardware-accelerated device such as an ASIC.
B. A backdoor placed into a cryptographic algorithm by its creator.
C. Extraction of cryptographic secrets through coercion or torture.
D. Attempting to decrypt ciphertext by making logical assumptions about the contents of the original plaintext.
Correct Answer:
C. Extraction of cryptographic secrets through coercion or torture.