• Home
  • Articles
  • Guaranteed Success in Certified Ethical Hacker 312-50v10 Exam Dumps [Q326-Q343]

Guaranteed Success in Certified Ethical Hacker 312-50v10 Exam Dumps [Q326-Q343]

Share

Guaranteed Success in Certified Ethical Hacker 312-50v10 Exam Dumps

EC-COUNCIL 312-50v10 Daily Practice Exam New 2022 Updated 745 Questions


Module 18: IoT Hacking

This area includes the learners’ knowledge of IoT concepts; cryptography tools; IoT security tools; different IoT threats & attacks; IoT hacking.

 

NEW QUESTION 326
Jimmy is standing outside a secure entrance to a facility. He is pretending to have a tense conversation on his cell phone as an authorized employee badges in. Jimmy, while still on the phone, grabs the door as it begins to close.
What just happened?

  • A. Phishing
  • B. Tailgating
  • C. Masquerading
  • D. Whaling

Answer: B

 

NEW QUESTION 327
Jesse receives an email with an attachment labeled "Court_Notice_21206.zip". Inside the zip file is a file named "Court_Notice_21206.docx.exe" disguised as a word document. Upon execution, a window appears stating, "This word document is corrupt." In the background, the file copies itself to Jesse APPDATA\local directory and begins to beacon to a C2 server to download additional malicious binaries.
What type of malware has Jesse encountered?

  • A. Trojan
  • B. Key-Logger
  • C. Macro Virus
  • D. Worm

Answer: A

Explanation:
Explanation
In computing, Trojan horse, or Trojan, is any malicious computer program which is used to hack into a computer by misleading users of its true intent. Although their payload can be anything, many modern forms act as a backdoor, contacting a controller which can then have unauthorized access to the affected computer.
References: https://en.wikipedia.org/wiki/Trojan_horse_(computing)

 

NEW QUESTION 328
Which of the following is a low-tech way of gaining unauthorized access to systems?

  • A. Social Engineering
  • B. Scanning
  • C. Sniffing
  • D. Eavesdropping

Answer: A

Explanation:
Social engineering, in the context of information security, refers to psychological manipulation of people into performing actions or divulging confidential information. A type of confidence trick for the purpose of information gathering, fraud, or system access.
References: https://en.wikipedia.org/wiki/Social_engineering_(security)

 

NEW QUESTION 329
Employees in a company are no longer able to access Internet web sites on their computers. The network administrator is able to successfully ping IP address of web servers on the Internet and is able to open web sites by using an IP address in place of the URL. The administrator runs the nslookup command for www.eccouncil.org and receives an error message stating there is no response from the server. What should the administrator do next?

  • A. Configure the firewall to allow traffic on TCP port 53.
  • B. Configure the firewall to allow traffic on TCP ports 80 and UDP port 443.
  • C. Configure the firewall to allow traffic on TCP ports 53 and UDP port 53.
  • D. Configure the firewall to allow traffic on TCP port 8080.

Answer: C

 

NEW QUESTION 330
It is a short-range wireless communication technology intended to replace the cables connecting portable of fixed devices while maintaining high levels of security. It allows mobile phones, computers and other devices to connect and communicate using a short- range wireless connection.
Which of the following terms best matches the definition?

  • A. WLAN
  • B. InfraRed
  • C. Bluetooth
  • D. Radio-Frequency Identification

Answer: C

Explanation:
Bluetooth is a standard for the short-range wireless interconnection of mobile phones, computers, and other electronic devices.
References: http://www.bbc.co.uk/webwise/guides/about-bluetooth

 

NEW QUESTION 331
An organization hires a tester to do a wireless penetration test. Previous reports indicate that the last test did not contain management or control packets in the submitted traces.
Which of the following is the most likely reason for lack of management or control packets?

  • A. On Linux and Mac OS X, only 802.11 headers are received in promiscuous mode.
  • B. The wrong network card drivers were in use by Wireshark.
  • C. Certain operating systems and adapters do not collect the management or control packets.
  • D. The wireless card was not turned on.

Answer: C

 

NEW QUESTION 332
A penetration test was done at a company. After the test, a report was written and given to the company's
IT authorities. A section from the report is shown below:
Access List should be written between VLANs.

Port security should be enabled for the intranet.

A security solution which filters data packets should be set between intranet (LAN) and DMZ.

A WAF should be used in front of the web applications.

According to the section from the report, which of the following choice is true?

  • A. There is access control policy between VLANs.
  • B. MAC Spoof attacks cannot be performed.
  • C. A stateful firewall can be used between intranet (LAN) and DMZ.
  • D. Possibility of SQL Injection attack is eliminated.

Answer: C

 

NEW QUESTION 333
Cryptography is the practice and study of techniques for secure communication in the presence of third parties (called adversaries). More generally, it is about constructing and analyzing protocols that overcome the influence of adversaries and that are related to various aspects in information security such as data confidentially, data integrity, authentication, and non-repudiation. Modern cryptography intersects the disciplines of mathematics, computer science, and electrical engineering. Applications of cryptography include ATM cards, computer passwords, and electronic commerce.
Basic example to understand how cryptography works is given below:

Which of the following choices true about cryptography?

  • A. Secure Sockets Layer (SSL) use the asymmetric encryption both (public/private key pair) to deliver the shared session key and to achieve a communication way.
  • B. Symmetric-key algorithms are a class of algorithms for cryptography that use the different cryptographic keys for both encryption of plaintext and decryption of ciphertext.
  • C. Algorithm is not the secret; key is the secret.
  • D. Public-key cryptography, also known as asymmetric cryptography, public key is for decrypt, private key is for encrypt.

Answer: A

 

NEW QUESTION 334
_________ is a tool that can hide processes from the process list, can hide files, registry entries, and intercept keystrokes.

  • A. Trojan
  • B. DoS tool
  • C. RootKit
  • D. Scanner
  • E. Backdoor

Answer: C

 

NEW QUESTION 335
A regional bank hires your company to perform a security assessment on their network after a recent data breach. The attacker was able to steal financial data from the bank by compromising only a single server.
Based on this information, what should be one of your key recommendations to the bank?

  • A. Issue new certificates to the web servers from the root certificate authority
  • B. Place a front-end web server in a demilitarized zone that only handles external web traffic
  • C. Require all employees to change their anti-virus program with a new one
  • D. Move the financial data to another server on the same IP subnet

Answer: B

Explanation:
Explanation/Reference:

 

NEW QUESTION 336
Which definition among those given below best describes a covert channel?

  • A. It is the multiplexing taking place on a communication link.
  • B. It is one of the weak channels used by WEP which makes it insecure
  • C. A server program using a port that is not well known.
  • D. Making use of a protocol in a way it is not intended to be used.

Answer: D

 

NEW QUESTION 337
The Open Web Application Security Project (OWASP) testing methodology addresses the need to secure web applications by providing which one of the following services?

  • A. A security certification for hardened web applications
  • B. Web application patches
  • C. A list of flaws and how to fix them
  • D. An extensible security framework named COBIT

Answer: C

 

NEW QUESTION 338
Which of the following is a component of a risk assessment?

  • A. Physical security
  • B. DMZ
  • C. Logical interface
  • D. Administrative safeguards

Answer: D

Explanation:
Explanation
Risk assessment include:
References: https://en.wikipedia.org/wiki/IT_risk_management#Risk_assessment

 

NEW QUESTION 339
Matthew, a black hat, has managed to open a meterpreter session to one of the kiosk machines in Evil Corp's lobby. He checks his current SID, which is S-1-5-21-1223352397-1872883824-861252104-501.
What needs to happen before Matthew has full administrator access?

  • A. He must perform privilege escalation.
  • B. He needs to disable antivirus protection.
  • C. He needs to gain physical access.
  • D. He already has admin privileges, as shown by the "501" at the end of the SID.

Answer: A

 

NEW QUESTION 340
Which of the following is the greatest threat posed by backups?

  • A. A backup is unavailable during disaster recovery.
  • B. An un-encrypted backup can be misplaced or stolen.
  • C. A backup is the source of Malware or illicit information.
  • D. A backup is incomplete because no verification was performed.

Answer: B

Explanation:
If the data written on the backup media is properly encrypted, it will be useless for anyone without the key.
References: http://resources.infosecinstitute.com/backup-media-encryption/

 

NEW QUESTION 341
Which of the following options represents a conceptual characteristic of an anomaly-based IDS over a signature-based IDS?

  • A. Produces less false positives
  • B. Can identify unknown attacks
  • C. Cannot deal with encrypted network traffic
  • D. Requires vendor updates for a new threat

Answer: B

 

NEW QUESTION 342
Which of the following tools are used for enumeration? (Choose three.)

  • A. USER2SID
  • B. DumpSec
  • C. Cheops
  • D. SolarWinds
  • E. SID2USER

Answer: A,B,E

 

NEW QUESTION 343
......


Module 2: Footprinting & Reconnaissance

Here the applicants need to demonstrate their competency in footprinting principles; footprinting via search engines; footprinting with the help of advanced Google hacking methods; footprinting via social networks; understanding various methods for website footprinting; understanding various methods for email footprinting; understanding various methods of competitive intelligence; understanding various methods for WHO IS footprinting; understanding various methods for network footprinting; understanding various methods of footprinting via social engineering; footprinting tools & countermeasures; footprinting Pen Testing.

 

Test Engine to Practice 312-50v10 Test Questions: https://www.troytecdumps.com/312-50v10-troytec-exam-dumps.html

Use Valid 312-50v10 Exam - Actual Exam Question & Answer: https://drive.google.com/open?id=1GtDIgdPsCR7UlToZKi8ymbBOObeo6G5J

Related Articles

more
EC-COUNCIL 312-50v10 Certification Practice Exam

Copyright © 2026 TroytecDumps NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy

Disclaimer:
TroytecDumps doesn't offer Real CompTIA Exam Questions.
Oracle and Java are registered trademarks of Oracle and/or its affiliates
TroytecDumps material do not contain actual actual Oracle Exam Questions or material.
TroytecDumps doesn't offer Real Microsoft Exam Questions.
Microsoft®, Azure®, Windows®, Windows Vista®, and the Windows logo are registered trademarks of Microsoft Corporation
TroytecDumps Materials do not contain actual questions and answers from Cisco's Certification Exams. The brand Cisco is a registered trademark of CISCO, Inc
CFA Institute does not endorse, promote or warrant the accuracy or quality of these questions. CFA® and Chartered Financial Analyst® are registered trademarks owned by CFA Institute.
TroytecDumps.com does not offer exam dumps or questions from actual exams. We offer learning material and practice tests created by subject matter experts to assist and help learners prepare for those exams. All certification brands used on the website are owned by the respective brand owners. TroytecDumps does not own or claim any ownership on any of the brands.