Skip to Content

EC-Council Certified Ethical Hacker CEH v10 312-50 Exam Questions and Answers – Page 2

The latest EC-Council Certified Ethical Hacker CEH v10 312-50 certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the EC-Council Certified Ethical Hacker CEH v10 312-50 exam and earn EC-Council Certified Ethical Hacker CEH v10 312-50 certification.

Exam Question 181

What is the minimum number of network connections in a multihomed firewall?

A. 3
B. 2
C. 5
D. 4

Correct Answer:
B. 2

Exam Question 182

Which of the following tools performs comprehensive tests against web servers, including dangerous files and CGIs?

A. Dsniff
B. John the Ripper
C. Snort
D. Nikto

Correct Answer:
D. Nikto

Exam Question 183

Hackers often raise the trust level of a phishing message by modeling the email to look similar to the internal email used by the target company. This includes using logos, formatting, and names of the target company. The phishing message will often use the name of the company CEO, President, or Managers.
The time a hacker spends performing research to locate this information about a company is known as?

A. Exploration
B. Investigation
C. Reconnaissance
D. Enumeration

Correct Answer:
C. Reconnaissance

Exam Question 184

Your business has decided to add credit card numbers to the data it backs up to tape. Which of the following represents the best practice your business should observe?

A. Do not back up either the credit card numbers or their hashes.
B. Encrypt backup tapes that are sent off-site.
C. Back up the hashes of the credit card numbers not the actual credit card numbers.
D. Hire a security consultant to provide direction.

Correct Answer:
D. Hire a security consultant to provide direction.

Exam Question 185

Which of the following Linux commands will resolve a domain name into IP address?

A. >host-t a hackeddomain.com
B. >host-t ns hackeddomain.com
C. >host -t soa hackeddomain.com
D. >host -t AXFR hackeddomain.com

Correct Answer:
A. >host-t a hackeddomain.com

Exam Question 186

Which of the following is a command line packet analyzer similar to GUI-based Wireshark?

A. Nessus
B. Jack the ripper
C. Tcpdump
D. Ethereal

Correct Answer:
C. Tcpdump

Exam Question 187

User A is writing a sensitive email message to user B outside the local network. User A has chosen to use PKI to secure his message and ensure only user B can read the sensitive email. At what layer of the OSI layer does the encryption and decryption of the message take place?

A. Application
B. Transport
C. Session
D. Presentation

Correct Answer:
D. Presentation

Exam Question 188

Which of the following steps for risk assessment methodology refers to vulnerability identification?

A. Assigns values to risk probabilities; Impact values
B. Determines risk probability that vulnerability will be exploited (High, Medium, Low)
C. Identifies sources of harm to an IT system (Natural, Human, Environmental)
D. Determines if any flaws exist in systems, policies, or procedures

Correct Answer:
D. Determines if any flaws exist in systems, policies, or procedures

Exam Question 189

An Intrusion Detection System (IDS) has alerted the network administrator to a possibly malicious sequence of packets sent to a Web server in the network’s external DMZ. The packet traffic was captured by the IDS and saved to a PCAP file. What type of network tool can be used to determine if these packets are genuinely malicious or simply a false positive?

A. Protocol analyzer
B. Network sniffer
C. Intrusion Prevention System (IPS)
D. Vulnerability scanner

Correct Answer:
A. Protocol analyzer

Exam Question 190

In the field of cryptanalysis, what is meant by a “rubber-hose” attack?

A. Forcing the targeted keystream through a hardware-accelerated device such as an ASIC.
B. A backdoor placed into a cryptographic algorithm by its creator.
C. Extraction of cryptographic secrets through coercion or torture.
D. Attempting to decrypt ciphertext by making logical assumptions about the contents of the original plaintext.

Correct Answer:
C. Extraction of cryptographic secrets through coercion or torture.

    Ads Blocker Image Powered by Code Help Pro

    Ads Blocker Detected!!!

    This site depends on revenue from ad impressions to survive. If you find this site valuable, please consider disabling your ad blocker.