Eccouncil 312-50 practice test

Certified Ethical Hacker v10 Exam

Last exam update: May 17 ,2024
Page 1 out of 49. Viewing questions 1-15 out of 742

Question 1

Which command can be used to show the current TCP/IP connections?

  • A. Netsh
  • B. Netstat
  • C. Net use connection
  • D. Net use
Answer:

A

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 2

While scanning with Nmap, Patin found several hosts which have the IP ID of incremental sequences.
He then decided to conduct: nmap -Pn -p- -si kiosk.adobe.com
www.riaa.com
. kiosk.adobe.com is
the host with incremental IP ID sequence. What is the purpose of using "-si" with Nmap?

  • A. Conduct stealth scan
  • B. Conduct ICMP scan
  • C. Conduct IDLE scan
  • D. Conduct silent scan
Answer:

A

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 3

Which of the following statements is FALSE with respect to Intrusion Detection Systems?
A. Intrusion Detection Systems can be configured to distinguish specific content in network packets
B. Intrusion Detection Systems can easily distinguish a malicious payload in an encrypted traffic
C. Intrusion Detection Systems require constant update of the signature library
D. Intrusion Detection Systems can examine the contents of the data n context of the network
protocol

Answer:

B

Discussions
0 / 1000

Question 4

Gavin owns a white-hat firm and is performing a website security audit for one of his clients. He
begins by running a scan which looks for common misconfigurations and outdated software versions.
Which of the following tools is he most likely using?

  • A. Nikto
  • B. Nmap
  • C. Metasploit
  • D. Armitage
Answer:

B

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 5

What kind of detection techniques is being used in antivirus softwares that identifies malware by
collecting data from multiple protected systems and instead of analyzing files locally it's made on the
premiers environment-

  • A. VCloud based
  • B. Honypot based
  • C. Behaviour based
  • D. Heuristics based
Answer:

A

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 6

Tremp is an IT Security Manager, and he is planning to deploy an IDS in his small company. He is
looking for an IDS with the following characteristics: - Verifies success or failure of an attack -
Monitors system activities Detects attacks that a network-based IDS fails to detect - Near real-time
detection and response - Does not require additional hardware - Lower entry cost Which type of IDS
is best suited for Tremp's requirements?

  • A. Gateway-based IDS
  • B. Network-based IDS
  • C. Host-based IDS
  • D. Open source-based
Answer:

C

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 7

What is the purpose of DNS AAAA record?

  • A. Authorization, Authentication and Auditing record
  • B. Address prefix record
  • C. Address database record
  • D. IPv6 address resolution record
Answer:

D

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 8

OpenSSL on Linux servers includes a command line tool for testing TLS. What is the name of the tool
and the correct syntax to connect to a web server?

  • A. openssl s_client -site www.website.com:443
  • B. openssl_client -site www.website.com:443
  • C. openssl s_client -connect www.website.com:443
  • D. openssl_client -connect www.website.com:443
Answer:

C

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 9

You are performing a penetration test for a client and have gained shell access to a Windows
machine on the internal network. You intend to retrieve all DNS records for the internal domain, if
the DNS server is at 192.168.10.2 and the domain name is abccorp.local, what command would you
type at the nslookup prompt to attempt a zone transfer?

  • A. list server=192.168.10.2 type=all
  • B. is-d abccorp.local
  • C. Iserver 192.168.10.2-t all
  • D. List domain=Abccorp.local type=zone
Answer:

B

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 10

John is an incident handler at a financial institution. His steps in a recent incident are not up to the
standards of the company. John frequently forgets some steps and procedures while handling
responses as they are very stressful to perform. Which of the following actions should John take to
overcome this problem with the least administrative effort?

  • A. Create an incident checklist.
  • B. Select someone else to check the procedures.
  • C. Increase his technical skills.
  • D. Read the incident manual every time it occurs.
Answer:

C

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 11

Elliot is in the process of exploiting a web application that uses SQL as a back-end database. Hes
determined that the application is vulnerable to SQL injection, and has introduced conditional timing
delays into injected queries to determine whether they are successful. What type of SQL injection is
Elliot most likely performing?

  • A. Error-based SQL injection
  • B. Blind SQL injection
  • C. Union-based SQL injection
  • D. NoSQL injection
Answer:

B

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 12

An LDAP directory can be used to store information similar to a SQL database. LDAP uses a _____
database structure instead of SQLs _____ structure. Because of this, LDAP has difficulty representing
many-to-one relationships.

  • A. Relational, Hierarchical
  • B. Strict, Abstract
  • C. Hierarchical, Relational
  • D. Simple, Complex
Answer:

C

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 13

Matthew, a black hat, has managed to open a meterpreter session to one of the kiosk machines in
Evil Corps lobby. He checks his current SID, which is S-1-5-21-1223352397-1872883824-861252104-
501. What needs to happen before Matthew has full administrator access?

  • A. He must perform privilege escalation.
  • B. He needs to disable antivirus protection.
  • C. He needs to gain physical access.
  • D. He already has admin privileges, as shown by the “501” at the end of the SID.
Answer:

A

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 14

During an Xmas scan what indicates a port is closed?

  • A. No return response
  • B. RST
  • C. ACK
  • D. SYN
Answer:

B

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 15

Which utility will tell you in real time which ports are listening or in another state?

  • A. Netstat
  • B. TCPView
  • C. Nmap
  • D. Loki
Answer:

B

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000
To page 2