• Home
  • Articles
  • [Jan 26, 2022] New 2022 EC-COUNCIL 312-50v11 Exam Dumps with PDF from Real4Prep (Updated 525 Questions) [Q107-Q131]

[Jan 26, 2022] New 2022 EC-COUNCIL 312-50v11 Exam Dumps with PDF from Real4Prep (Updated 525 Questions) [Q107-Q131]

Share

New 2022 312-50v11 exam questions Welcome to download the newest Real4Prep 312-50v11 PDF dumps (525  Q&As)

P.S. Free 2022 CEH v11 312-50v11  dumps are available on Google Drive shared by Real4Prep

NEW QUESTION 107
What would you enter if you wanted to perform a stealth scan using Nmap?

  • A. nmap -sU
  • B. nmap -sT
  • C. nmap -sS
  • D. nmap -sM

Answer: C

 

NEW QUESTION 108
When a normal TCP connection starts, a destination host receives a SYN (synchronize/start) packet from a source host and sends back a SYN/ACK (synchronize acknowledge). The destination host must then hear an ACK (acknowledge) of the SYN/ACK before the connection is established. This is referred to as the "TCP three-way handshake." While waiting for the ACK to the SYN ACK, a connection queue of finite size on the destination host keeps track of connections waiting to be completed. This queue typically empties quickly since the ACK is expected to arrive a few milliseconds after the SYN ACK.
How would an attacker exploit this design by launching TCP SYN attack?

  • A. Attacker floods TCP SYN packets with random source addresses towards a victim host
  • B. Attacker generates TCP SYN packets with random destination addresses towards a victim host
  • C. Attacker generates TCP ACK packets with random source addresses towards a victim host
  • D. Attacker generates TCP RST packets with random source addresses towards a victim host

Answer: A

 

NEW QUESTION 109
in this attack, an adversary tricks a victim into reinstalling an already-in-use key. This is achieved by manipulating and replaying cryptographic handshake messages. When the victim reinstall the key, associated parameters such as the incremental transmit packet number and receive packet number are reset to their initial values. What is this attack called?

  • A. Chop chop attack
  • B. Wardriving
  • C. Evil twin
  • D. KRACK

Answer: D

Explanation:
Explanation
In this attack KRACK is an acronym for Key Reinstallation Attack. KRACK may be a severe replay attack on Wi-Fi Protected Access protocol (WPA2), which secures your Wi-Fi connection. Hackers use KRACK to take advantage of a vulnerability in WPA2. When in close range of a possible victim, attackers can access and skim encrypted data using KRACK.
How KRACK WorksYour Wi-Fi client uses a four-way handshake when attempting to attach to a protected network. The handshake confirms that both the client - your smartphone, laptop, et cetera - and therefore the access point share the right credentials, usually a password for the network. This establishes the Pairwise passkey (PMK), which allows for encoding .Overall, this handshake procedure allows for quick logins and connections and sets up a replacement encryption key with each connection. this is often what keeps data secure on Wi-Fi connections, and every one protected Wi-Fi connections use the four-way handshake for security. This protocol is that the reason users are encouraged to use private or credential-protected Wi-Fi instead of public connections.KRACK affects the third step of the handshake, allowing the attacker to control and replay the WPA2 encryption key to trick it into installing a key already in use. When the key's reinstalled, other parameters related to it - the incremental transmit packet number called the nonce and therefore the replay counter - are set to their original values.Rather than move to the fourth step within the four-way handshake, nonce resets still replay transmissions of the third step. This sets up the encryption protocol for attack, and counting on how the attackers replay the third-step transmissions, they will take down Wi-Fi security.
Why KRACK may be a ThreatThink of all the devices you employ that believe Wi-Fi. it isn't almost laptops and smartphones; numerous smart devices now structure the web of Things (IoT). due to the vulnerability in WPA2, everything connected to Wi-Fi is in danger of being hacked or hijacked.Attackers using KRACK can gain access to usernames and passwords also as data stored on devices. Hackers can read emails and consider photos of transmitted data then use that information to blackmail users or sell it on the Dark Web.Theft of stored data requires more steps, like an HTTP content injection to load malware into the system. Hackers could conceivably take hold of any device used thereon Wi-Fi connection. Because the attacks require hackers to be on the brink of the target, these internet security threats could also cause physical security threats.On the opposite hand, the necessity to be in close proximity is that the only excellent news associated with KRACK, as meaning a widespread attack would be extremely difficult.Victims are specifically targeted. However, there are concerns that a experienced attacker could develop the talents to use HTTP content injection to load malware onto websites to make a more widespread affect.
Everyone is in danger from KRACK vulnerability. Patches are available for Windows and iOS devices, but a released patch for Android devices is currently in question (November 2017). There are issues with the discharge , and lots of question if all versions and devices are covered.The real problem is with routers and IoT devices. These devices aren't updated as regularly as computer operating systems, and for several devices, security flaws got to be addressed on the manufacturing side. New devices should address KRACK, but the devices you have already got in your home probably aren't protected.
The best protection against KRACK is to make sure any device connected to Wi-Fi is patched and updated with the newest firmware. that has checking together with your router's manufacturer periodically to ascertain if patches are available.
The safest connection option may be a private VPN, especially when publicly spaces. If you would like a VPN for private use, avoid free options, as they need their own security problems and there'll even be issues with HTTPs. Use a paid service offered by a trusted vendor like Kaspersky. Also, more modern networks use WPA3 for better security.Avoid using public Wi-Fi, albeit it's password protection. That password is out there to almost anyone, which reduces the safety level considerably.All the widespread implications of KRACK and therefore the WPA2 vulnerability aren't yet clear. what's certain is that everybody who uses Wi-Fi is in danger and wishes to require precautions to guard their data and devices.

 

NEW QUESTION 110
In the field of cryptanalysis, what is meant by a "rubber-hose" attack?

  • A. A backdoor placed into a cryptographic algorithm by its creator.
  • B. Extraction of cryptographic secrets through coercion or torture.
  • C. Attempting to decrypt cipher text by making logical assumptions about the contents of the original plain text.
  • D. Forcing the targeted key stream through a hardware-accelerated device such as an ASIC.

Answer: B

 

NEW QUESTION 111
Study the following log extract and identify the attack.

  • A. Multiple Domain Traversal Attack
  • B. Hexcode Attack
  • C. Unicode Directory Traversal Attack
  • D. Cross Site Scripting

Answer: C

 

NEW QUESTION 112
In both pharming and phishing attacks, an attacker can create websites that look similar to legitimate sites with the intent of collecting personal identifiable information from its victims.
What is the difference between pharming and phishing attacks?

  • A. Both pharming and phishing attacks are identical
  • B. In a pharming attack, a victim is redirected to a fake website by modifying their host configuration file or by exploiting vulnerabilities in DNS. In a phishing attack, an attacker provides the victim with a URL that is either misspelled or looks similar to the actual websites domain name
  • C. In a phishing attack, a victim is redirected to a fake website by modifying their host configuration file or by exploiting vulnerabilities in DNS. In a pharming attack, an attacker provides the victim with a URL that is either misspelled or looks very similar to the actual websites domain name
  • D. Both pharming and phishing attacks are purely technical and are not considered forms of social engineering

Answer: B

 

NEW QUESTION 113
A zone file consists of which of the following Resource Records (RRs)?

  • A. DNS, NS, PTR, and MX records
  • B. DNS, NS, AXFR, and MX records
  • C. SOA, NS, A, and MX records
  • D. SOA, NS, AXFR, and MX records

Answer: C

 

NEW QUESTION 114
Jim, a professional hacker, targeted an organization that is operating critical Industrial Infrastructure. Jim used Nmap to scan open pons and running services on systems connected to the organization's OT network. He used an Nmap command to identify Ethernet/IP devices connected to the Internet and further gathered Information such as the vendor name, product code and name, device name, and IP address. Which of the following Nmap commands helped Jim retrieve the required information?

  • A. nmap -Pn -sU -p 44818 --script enip-info < Target IP >
  • B. nmap -Pn -sT --scan-delay 1s --max-parallelism 1 -p < Port List > < Target IP >
  • C. nmap -Pn -sT -p 46824 < Target IP >
  • D. nmap -Pn -sT -p 102 --script s7-info < Target IP >

Answer: A

 

NEW QUESTION 115
Jude, a pen tester working in Keiltech Ltd., performs sophisticated security testing on his company's network infrastructure to identify security loopholes. In this process, he started to circumvent the network protection tools and firewalls used in the company. He employed a technique that can create forged TCP sessions by carrying out multiple SYN, ACK, and RST or FIN packets. Further, this process allowed Jude to execute DDoS attacks that can exhaust the network resources. What is the attack technique used by Jude for finding loopholes in the above scenario?

  • A. UDP flood attack
  • B. Spoofed session flood attack
  • C. Peer-to-peer attack
  • D. Ping-of-death attack

Answer: B

 

NEW QUESTION 116
Mirai malware targets loT devices. After infiltration, it uses them to propagate and create botnets that then used to launch which types of attack?

  • A. Birthday attack
  • B. Password attack
  • C. MITM attack
  • D. DDoS attack

Answer: D

 

NEW QUESTION 117
During a recent security assessment, you discover the organization has one Domain Name Server (DNS) in a Demilitarized Zone (DMZ) and a second DNS server on the internal network.
What is this type of DNS configuration commonly called?

  • A. DynDNS
  • B. DNS Scheme
  • C. DNSSEC
  • D. Split DNS

Answer: D

 

NEW QUESTION 118
Bob is doing a password assessment for one of his clients. Bob suspects that security policies are not in place.
He also suspects that weak passwords are probably the norm throughout the company he is evaluating. Bob is familiar with password weaknesses and key loggers.
Which of the following options best represents the means that Bob can adopt to retrieve passwords from his clients hosts and servers?

  • A. Passwords are always best obtained using Hardware key loggers.
  • B. Hardware and Software Keyloggers.
  • C. Hardware, Software, and Sniffing.
  • D. Software only, they are the most effective.

Answer: C

 

NEW QUESTION 119
Which of the following tools is used to analyze the files produced by several packet-capture programs such as tcpdump, WinDump, Wireshark, and EtherPeek?

  • A. tcptrace
  • B. Nessus
  • C. tcptraceroute
  • D. OpenVAS

Answer: A

 

NEW QUESTION 120
At what stage of the cyber kill chain theory model does data exfiltration occur?

  • A. Weaponization
  • B. Installation
  • C. Actions on objectives
  • D. Command and control

Answer: C

 

NEW QUESTION 121
Calvin, a software developer, uses a feature that helps him auto-generate the content of a web page without manual involvement and is integrated with SSI directives. This leads to a vulnerability in the developed web application as this feature accepts remote user inputs and uses them on the page. Hackers can exploit this feature and pass malicious SSI directives as input values to perform malicious activities such as modifying and erasing server files. What is the type of injection attack Calvin's web application is susceptible to?

  • A. Server-side includes injection
  • B. Server-side template injection
  • C. Server-side JS injection
  • D. CRLF injection

Answer: A

 

NEW QUESTION 122
An attacker is trying to redirect the traffic of a small office. That office is using their own mail server, DNS server and NTP server because of the importance of their job. The attacker gain access to the DNS server and redirect the direction www.google.com to his own IP address. Now when the employees of the office want to go to Google they are being redirected to the attacker machine. What is the name of this kind of attack?

  • A. MAC Flooding
  • B. DNS spoofing
  • C. Smurf Attack
  • D. ARP Poisoning

Answer: B

 

NEW QUESTION 123
An attacker, using a rogue wireless AP, performed an MITM attack and injected an HTML code to embed a malicious applet in all HTTP connections.
When users accessed any page, the applet ran and exploited many machines.
Which one of the following tools the hacker probably used to inject HTML code?

  • A. Ettercap
  • B. Aircrack-ng
  • C. Tcpdump
  • D. Wireshark

Answer: A

 

NEW QUESTION 124
An organization is performing a vulnerability assessment tor mitigating threats. James, a pen tester, scanned the organization by building an inventory of the protocols found on the organization's machines to detect which ports are attached to services such as an email server, a web server or a database server. After identifying the services, he selected the vulnerabilities on each machine and started executing only the relevant tests. What is the type of vulnerability assessment solution that James employed in the above scenario?

  • A. Product-based solutions
  • B. Tree-based assessment
  • C. inference-based assessment
  • D. Service-based solutions

Answer: D

Explanation:
Explanation
As systems approaches to the event of biological models become more mature, attention is increasingly that specialize in the matter of inferring parameter values within those models from experimental data. However, particularly for nonlinear models, it's not obvious, either from inspection of the model or from the experimental data, that the inverse problem of parameter fitting will have a singular solution, or maybe a non-unique solution that constrains the parameters to lie within a plausible physiological range. Where parameters can't be constrained they're termed 'unidentifiable'. We specialise in gaining insight into the causes of unidentifiability using inference-based methods, and compare a recently developed measure-theoretic approach to inverse sensitivity analysis to the favored Markov chain Monte Carlo and approximate Bayesian computation techniques for Bayesian inference. All three approaches map the uncertainty in quantities of interest within the output space to the probability of sets of parameters within the input space. The geometry of those sets demonstrates how unidentifiability are often caused by parameter compensation and provides an intuitive approach to inference-based experimental design.

 

NEW QUESTION 125
Jacob works as a system administrator in an organization. He wants to extract the source code of a mobile application and disassemble the application to analyze its design flaws. Using this technique, he wants to fix any bugs in the application, discover underlying vulnerabilities, and improve defense strategies against attacks.
What is the technique used by Jacob in the above scenario to improve the security of the mobile application?

  • A. App sandboxing
  • B. Reverse engineering
  • C. Jailbreaking
  • D. Social engineering

Answer: B

 

NEW QUESTION 126
which of the following Bluetooth hacking techniques refers to the theft of information from a wireless device through Bluetooth?

  • A. Bluesmacking
  • B. Bluebugging
  • C. Bluesnarfing
  • D. Bluejacking

Answer: D

Explanation:
Explanation
Bluejacking is maybe the foremost common sort of Bluetooth hacking. This happens once a hacker searches for discoverable devices within the space and so sends spam within the sort of text messages to the devices.
this manner of hacking is very immature and harmless.
It was once used primarily to prank individuals within the past once mobile devices came with Bluetooth that was mechanically set to ascertainable. Bluejacking is employed nowadays for spam electronic communication and also the hackers World Health Organization use this bonk simply to frustrate others. the tactic doesn't offer hackers access to your phone or the knowledge on that.
The best thanks to alter Bluejacking is to ignore the messages if you receive them. If you retain your Bluetooth settings to "invisible" or "non-discoverable" you're not going to receive these messages. Also, keeping your smartphone or device set to "invisible" whereas you're in a very busy or open Wi-Fi space. this can forestall Bluejacking and also the next 2 well-liked styles of hacks.

 

NEW QUESTION 127
Which of the following Metasploit post-exploitation modules can be used to escalate privileges on Windows systems?

  • A. keylogrecorder
  • B. getsystem
  • C. autoroute
  • D. getuid

Answer: B

 

NEW QUESTION 128
Sam is working as a system administrator In an organization. He captured the principal characteristics of a vulnerability and produced a numerical score to reflect Its severity using CVSS v3.0 to property assess and prioritize the organization's vulnerability management processes. The base score that Sam obtained after performing cvss rating was 4.0. What is the CVSS severity level of the vulnerability discovered by Sam in the above scenario?

  • A. Low
  • B. Critical
  • C. High
  • D. Medium

Answer: A

 

NEW QUESTION 129
Password cracking programs reverse the hashing process to recover passwords. (True/False.)

  • A. True
  • B. False

Answer: B

 

NEW QUESTION 130
Bob, a network administrator at BigUniversity, realized that some students are connecting their notebooks in the wired network to have Internet access. In the university campus, there are many Ethernet ports available for professors and authorized visitors but not for students.
He identified this when the IDS alerted for malware activities in the network. What should Bob do to avoid this problem?

  • A. Use the 802.1x protocol
  • B. Disable unused ports in the switches
  • C. Ask students to use the wireless network
  • D. Separate students in a different VLAN

Answer: A

 

NEW QUESTION 131
......

312-50v11 exam questions from Real4Prep dumps: https://lead2pass.real4prep.com/312-50v11-exam.html (525  Q&As)

Related Articles

more
EC-COUNCIL 312-50v11 Certification Practice Exam