• Home
  • Articles
  • [Jan-2022] 312-50v10 Pre-Exam Practice Tests Exam Questions and Answers for Certified Ethical Hacker Study Guide [Q176-Q194]

[Jan-2022] 312-50v10 Pre-Exam Practice Tests Exam Questions and Answers for Certified Ethical Hacker Study Guide [Q176-Q194]

Share

[Jan-2022] 312-50v10 Pre-Exam Practice Tests | Exam Questions and Answers for Certified Ethical Hacker Study Guide

Certified Ethical Hacker Exam (CEH v10) Certification Sample Questions

NEW QUESTION 176
The following is a sample of output from a penetration tester's machine targeting a machine with the IP address of 192.168.1.106:

What is most likely taking place?

  • A. Remote service brute force attempt
  • B. Port scan of 192.168.1.106
  • C. Denial of service attack on 192.168.1.106
  • D. Ping sweep of the 192.168.1.106 network

Answer: A

 

NEW QUESTION 177
You need a tool that can do network intrusion prevention and intrusion detection, function as a network
sniffer, and record network activity. What tool would you most likely select?

  • A. Nessus
  • B. Snort
  • C. Nmap
  • D. Cain & Abel

Answer: B

 

NEW QUESTION 178
Shellshock had the potential for an unauthorized user to gain access to a server. It affected many internet-facing services, which OS did it not directly affect?

  • A. OS X
  • B. Unix
  • C. Linux
  • D. Windows

Answer: D

 

NEW QUESTION 179
An unauthorized individual enters a building following an employee through the employee entrance after
the lunch rush. What type of breach has the individual just performed?

  • A. Piggybacking
  • B. Tailgating
  • C. Reverse Social Engineering
  • D. Announced

Answer: B

 

NEW QUESTION 180
Which utility will tell you in real time which ports are listening or in another state?

  • A. Netstat
  • B. Loki
  • C. Nmap
  • D. TCPView

Answer: D

 

NEW QUESTION 181
What is the known plaintext attack used against DES which gives the result that encrypting plaintext with one DES key followed by encrypting it with a second DES key is no more secure than using a single key?

  • A. Replay attack
  • B. Traffic analysis attack
  • C. Man-in-the-middle attack
  • D. Meet-in-the-middle attack

Answer: D

 

NEW QUESTION 182
Which results will be returned with the following Google search query?
site:target.com -site:Marketing.target.com accounting

  • A. Results for matches on target.com and Marketing.target.com that include the word "accounting"
  • B. Results from matches on the site marketing.target.com that are in the domain target.com but do not include the word accounting
  • C. Results matching "accounting" in domain target.com but not on the site Marketing.target.com
  • D. Results matching all words in the query

Answer: C

 

NEW QUESTION 183
Which component of IPsec performs protocol-level functions that are required to encrypt and decrypt the packets?

  • A. IPsec Policy Agent
  • B. Internet Key Exchange (IKE)
  • C. Oakley
  • D. IPsec driver

Answer: B

 

NEW QUESTION 184
Which of these options is the most secure procedure for storing backup tapes?

  • A. Inside the data center for faster retrieval in a fireproof safe
  • B. On a different floor in the same building
  • C. In a cool dry environment
  • D. In a climate controlled facility offsite

Answer: D

 

NEW QUESTION 185
You are monitoring the network of your organizations. You notice that:
1. There are huge outbound connections from your Internal Network to External IPs
2. On further investigation, you see that the external IPs are blacklisted
3. Some connections are accepted, and some are dropped
4. You find that it is a CnC communication
Which of the following solution will you suggest?

  • A. Clean the Malware which are trying to Communicate with the External Blacklist IP's
  • B. Block the Blacklist IP's @ Firewall
  • C. Both B and C
  • D. Update the Latest Signatures on your IDS/IPS

Answer: C

 

NEW QUESTION 186
A company has five different subnets: 192.168.1.0, 192.168.2.0, 192.168.3.0, 192.168.4.0 and 192.168.5.0. How can NMAP be used to scan these adjacent Class C networks?

  • A. NMAP -P 192.168.1-5.
  • B. NMAP -P 192.168.1/17
  • C. NMAP -P 192.168.0.0/16
  • D. NMAP -P 192.168.1.0,2.0,3.0,4.0,5.0

Answer: A

 

NEW QUESTION 187
What term describes the amount of risk that remains after the vulnerabilities are classified and the countermeasures have been deployed?

  • A. Impact risk
  • B. Inherent risk
  • C. Residual risk
  • D. Deferred risk

Answer: C

 

NEW QUESTION 188
An attacker has installed a RAT on a host. The attacker wants to ensure that when a user attempts to go to "www.MyPersonalBank.com", that the user is directed to a phishing site.
Which file does the attacker need to modify?

  • A. Networks
  • B. Sudoers
  • C. Boot.ini
  • D. Hosts

Answer: D

Explanation:
The hosts file is a computer file used by an operating system to map hostnames to IP addresses. The hosts file contains lines of text consisting of an IP address in the first text field followed by one or more host names.
References: https://en.wikipedia.org/wiki/Hosts_(file)

 

NEW QUESTION 189
Which of the following tools is used to analyze the files produced by several packet-capture programs such as tcpdump, WinDump, Wireshark, and EtherPeek?

  • A. tcptrace
  • B. Nessus
  • C. tcptraceroute
  • D. OpenVAS

Answer: A

Explanation:
Explanation
tcptrace is a tool for analysis of TCP dump files. It can take as input the files produced by several popular packet-capture programs, including tcpdump/WinDump/Wireshark, snoop, EtherPeek, and Agilent NetMetrix.
References: https://en.wikipedia.org/wiki/Tcptrace

 

NEW QUESTION 190
You are a security officer of a company. You had an alert from IDS that indicates that one PC on your Intranet is connected to a blacklisted IP address (C2 Server) on the Internet.
The IP address was blacklisted just before the alert. You are staring an investigation to roughly analyze the severity of the situation. Which of the following is appropriate to analyze?

  • A. Internet Firewall/Proxy log
  • B. Event logs on domain controller
  • C. Event logs on the PC
  • D. IDS log

Answer: A

 

NEW QUESTION 191
A recent security audit revealed that there were indeed several occasions that the company's network was breached. After investigating, you discover that your IDS is not configured properly and therefore is unable to trigger alarms when needed. What type of alert is the IDS giving?

  • A. False Negative
  • B. True Positive
  • C. False Positive
  • D. False Positive

Answer: A

Explanation:
Explanation
New questions

 

NEW QUESTION 192
Which of the following is the BEST approach to prevent Cross-site Scripting (XSS) flaws?

  • A. Verify access right before allowing access to protected information and UI controls.
  • B. Use digital certificates to authenticate a server prior to sending data.
  • C. Verify access right before allowing access to protected information and UI controls.
  • D. Validate and escape all information sent to a server.

Answer: D

 

NEW QUESTION 193
When conducting a penetration test, it is crucial to use all means to get all available information about the target network. One of the ways to do that is by sniffing the network.
Which of the following cannot be performed by the passive network sniffing?

  • A. Capturing a network traffic for further analysis
  • B. Collecting unencrypted information about usernames and passwords
  • C. Identifying operating systems, services, protocols and devices
  • D. Modifying and replaying captured network traffic

Answer: D

 

NEW QUESTION 194
......

EC-COUNCIL Exam Practice Test To Gain Brilliante Result: https://torrentpdf.practicedump.com/312-50v10-exam-questions.html

Related Articles

more
EC-COUNCIL 312-50v10 Certification Practice Exam

Copyright © 2026 PracticeDump NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy