Download Certified Ethical Hacker v11 Exam.CertDumps.312-50v11.2021-11-24.1e.161q.vcex

An attacker identified that a user and an access point are both compatible with WPA2 and WPA3 encryption. The attacker installed a rogue access point with only WPA2 compatibility in the vicinity and forced the victim to go through the WPA2 four-way handshake to get connected. After the connection was established, the attacker used automated tools to crack WPA2-encrypted messages. What is the attack performed in the above scenario?

• A: Timing-based attack
• B: Side-channel attack
• C: Downgrade security attack
• D: Cache-based attack

Correct Answer: B

Clark is a professional hacker. He created and configured multiple domains pointing to the same host to switch quickly between the domains and avoid detection. 
Identify the behavior of the adversary In the above scenario.

• A: use of command-line interface
• B: Data staging
• C: Unspecified proxy activities
• D: Use of DNS tunneling

Correct Answer: C

Elante company has recently hired James as a penetration tester. He was tasked with performing enumeration on an organization's network. In the process of enumeration, James discovered a service that is accessible to external sources. This service runs directly on port 21. What is the service enumerated byjames in the above scenario?

• A: Border Gateway Protocol (BGP)
• B: File Transfer Protocol (FTP)
• C: Network File System (NFS)
• D: Remote procedure call (RPC)

Correct Answer: B

When considering how an attacker may exploit a web server, what is web server footprinting ?

• A: When an attacker implements a vulnerability scanner to identify weaknesses
• B: When an attacker creates a complete profile of the site's external links and file structures
• C: When an attacker gathers system-level data, including account details and server names
• D: When an attacker uses a brute-force attack to crack a web-server password

Correct Answer: B

You receive an e-mail like the one shown below. When you click on the link contained in the mail, you are redirected to a website seeking you to download free Anti-Virus software. 
Dear valued customers, 
We are pleased to announce the newest version of Antivirus 2010 for Windows which will probe you with total security against the latest spyware, malware, viruses, Trojans and other online threats. Simply visit the link below and enter your antivirus code:

• A: Look at the website design, if it looks professional then it is a Real Anti-Virus website
• B: Connect to the site using SSL, if you are successful then the website is genuine
• C: Search using the URL and Anti-Virus product name into Google and lookout for suspicious warnings against this site
• D: Download and install Anti-Virus software from this suspicious looking site, your Windows 7 will prompt you and stop the installation if the downloaded file is a malware
• E: Download and install Anti-Virus software from this suspicious looking site, your Windows 7 will prompt you and stop the installation if the downloaded file is a malware

Correct Answer: C

Which of the following is the structure designed to verify and authenticate the identity of individuals within the enterprise taking part in a data exchange? 

• A: SOA
• B: biometrics
• C: single sign on
• D: PKI

Correct Answer: D

What is the BEST alternative if you discover that a rootkit has been installed on one of your computers?

• A: Copy the system files from a known good system
• B: Perform a trap and trace
• C: Delete the files and try to determine the source
• D: Reload from a previous backup
• E: Reload from known good media

Correct Answer: E

A large mobile telephony and data network operator has a data center that houses network elements. These are essentially large computers running on Linux. The perimeter of the data center is secured with firewalls and IPS systems. 
What is the best security policy concerning this setup?

• A: Network elements must be hardened with user ids and strong passwords. Regular security tests and audits should be performed.
• B: As long as the physical access to the network elements is restricted, there is no need for additional measures.
• C: There is no need for specific security measures on the network elements as long as firewalls and IPS systems exist.
• D: The operator knows that attacks and down time are inevitable and should have a backup site.

Correct Answer: A

In both pharming and phishing attacks, an attacker can create websites that look similar to legitimate sites with the intent of collecting personal identifiable information from its victims. What is the difference between pharming and phishing attacks?

• A: In a pharming attack, a victim is redirected to a fake website by modifying their host configuration file or by exploiting vulnerabilities in DNS. In a phishing attack, an attacker provides the victim with a URL that is either misspelled or looks similar to the actual websites domain name
• B: In a phishing attack, a victim is redirected to a fake website by modifying their host configuration file or by exploiting vulnerabilities in DNS. In a pharming attack, an attacker provides the victim with a URL that is either misspelled or looks very similar to the actual websites domain name
• C: Both pharming and phishing attacks are purely technical and are not considered forms of social engineering
• D: Both pharming and phishing attacks are identical

Correct Answer: A

A company's Web development team has become aware of a certain type of security vulnerability in their Web software. To mitigate the possibility of this vulnerability being exploited, the team wants to modify the software requirements to disallow users from entering HTML as input into their Web application. 
What kind of Web application vulnerability likely exists in their software?

• A: Cross-site scripting vulnerability
• B: SQL injection vulnerability
• C: Web site defacement vulnerability
• D: Gross-site Request Forgery vulnerability

Correct Answer: A