Download Certified Ethical Hacker v11 Exam.CertDumps.312-50v11.2021-11-15.1e.143q.vcex

Download Exam

File Info

Exam Certified Ethical Hacker v11 Exam
Number 312-50v11
File Name Certified Ethical Hacker v11 Exam.CertDumps.312-50v11.2021-11-15.1e.143q.vcex
Size 566 Kb
Posted November 15, 2021
Downloads 30
Download Certified Ethical Hacker v11 Exam.CertDumps.312-50v11.2021-11-15.1e.143q.vcex

How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.


With discount: 20%


Demo Questions

Question 1

Clark is a professional hacker. He created and configured multiple domains pointing to the same host to switch quickly between the domains and avoid detection. 
Identify the behavior of the adversary In the above scenario.

  • A: use of command-line interface
  • B: Data staging
  • C: Unspecified proxy activities
  • D: Use of DNS tunneling

Correct Answer: C

A proxy server acts as a gateway between you and therefore the internet. It's an intermediary server separating end users from the websites they browse. Proxy servers provide varying levels of functionality, security, and privacy counting on your use case, needs, or company policy.If you're employing a proxy server, internet traffic flows through the proxy server on its thanks to the address you requested. A proxy server is essentially a computer on the web with its own IP address that your computer knows. once you send an internet request, your request goes to the proxy server first. The proxy server then makes your web request on your behalf, collects the response from the online server, and forwards you the online page data so you'll see the page in your browser.  

Question 2

Elante company has recently hired James as a penetration tester. He was tasked with performing enumeration on an organization's network. In the process of enumeration, James discovered a service that is accessible to external sources. This service runs directly on port 21. What is the service enumerated byjames in the above scenario?

  • A: Border Gateway Protocol (BGP)
  • B: File Transfer Protocol (FTP)
  • C: Network File System (NFS)
  • D: Remote procedure call (RPC)

Correct Answer: B

Question 3

When considering how an attacker may exploit a web server, what is web server footprinting ?

  • A: When an attacker implements a vulnerability scanner to identify weaknesses
  • B: When an attacker creates a complete profile of the site's external links and file structures
  • C: When an attacker gathers system-level data, including account details and server names
  • D: When an attacker uses a brute-force attack to crack a web-server password

Correct Answer: B

Question 4

You receive an e-mail like the one shown below. When you click on the link contained in the mail, you are redirected to a website seeking you to download free Anti-Virus software. 
Dear valued customers, 
We are pleased to announce the newest version of Antivirus 2010 for Windows which will probe you with total security against the latest spyware, malware, viruses, Trojans and other online threats. Simply visit the link below and enter your antivirus code:


or you may contact us at the following address:
Media Internet Consultants, Edif. Neptuno, Planta 
Baja, Ave. Ricardo J. Alfaro, Tumba Muerto, n/a Panama 
How will you determine if this is Real Anti-Virus or Fake Anti-Virus website?

  • A: Look at the website design, if it looks professional then it is a Real Anti-Virus website
  • B: Connect to the site using SSL, if you are successful then the website is genuine
  • C: Search using the URL and Anti-Virus product name into Google and lookout for suspicious warnings against this site
  • D: Download and install Anti-Virus software from this suspicious looking site, your Windows 7 will prompt you and stop the installation if the downloaded file is a malware
  • E: Download and install Anti-Virus software from this suspicious looking site, your Windows 7 will prompt you and stop the installation if the downloaded file is a malware

Correct Answer: C

Question 5

A large mobile telephony and data network operator has a data center that houses network elements. These are essentially large computers running on Linux. The perimeter of the data center is secured with firewalls and IPS systems. 
What is the best security policy concerning this setup?

  • A: Network elements must be hardened with user ids and strong passwords. Regular security tests and audits should be performed.
  • B: As long as the physical access to the network elements is restricted, there is no need for additional measures.
  • C: There is no need for specific security measures on the network elements as long as firewalls and IPS systems exist.
  • D: The operator knows that attacks and down time are inevitable and should have a backup site.

Correct Answer: A

Question 6

A company's Web development team has become aware of a certain type of security vulnerability in their Web software. To mitigate the possibility of this vulnerability being exploited, the team wants to modify the software requirements to disallow users from entering HTML as input into their Web application. 
What kind of Web application vulnerability likely exists in their software?

  • A: Cross-site scripting vulnerability
  • B: SQL injection vulnerability
  • C: Web site defacement vulnerability
  • D: Gross-site Request Forgery vulnerability

Correct Answer: A

Question 7

You are a penetration tester working to test the user awareness of the employees of the client xyz. You harvested two employees' emails from some public sources and are creating a client-side backdoor to send it to the employees via email. Which stage of the cyber kill chain are you at?

  • A: Reconnaissance
  • B: Command and control
  • C: Weaponization
  • D: Exploitation

Correct Answer: C

The adversary analyzes the data collected in the previous stage to identify the vulnerabilities and techniques that can exploit and gain unauthorized access to the target organization. 
Based on the vulnerabilities identified during analysis, the adversary selects or creates a tailored deliverable malicious payload (remote-access malware weapon) using an exploit and a backdoor to send it to the victim. An adversary may target specific network devices, operating systems, endpoint devices, or even individuals within the organization to carry out their attack. For example, the adversary may send a phishing email to an employee of the target organization, which may include a malicious attachment such as a virus or worm that, when downloaded, installs a backdoor on the system that allows remote access to the adversary. The following are the activities of the adversary: o Identifying appropriate malware payload based on the analysis o Creating a new malware payload or selecting, reusing, modifying the available malware payloads based on the identified vulnerability o Creating a phishing email campaign o Leveraging exploit kits and botnets

Question 8

When purchasing a biometric system, one of the considerations that should be reviewed is the processing speed. Which of the following best describes what it is meant by processing?

  • A: The amount of time and resources that are necessary to maintain a biometric system
  • B: How long it takes to setup individual user accounts
  • C: The amount of time it takes to be either accepted or rejected from when an individual provides identification and authentication information
  • D: The amount of time it takes to convert biometric data into a template on a smart card

Correct Answer: C

Question 9

Which of the following antennas is commonly used in communications for a frequency band of 10 MHz to VHF and UHF?

  • A: Yagi antenna
  • B: Dipole antenna
  • C: Parabolic grid antenna
  • D: Omnidirectional antenna

Correct Answer: A

Question 10

Null sessions are un-authenticated connections (not using a username or password.) to an NT or 2000 system. 
Which TCP and UDP ports must you filter to check null sessions on your network?

  • A: 137 and 139
  • B: 137 and 443
  • C: 139 and 443
  • D: 139 and 445

Correct Answer: D





You can buy ProfExam with a 20% discount!


Use ProfExam Simulator to open VCEX and EXAM files