Renew Certified Ethical Hacker Exam (CEH V11) 312-50v11 Free Practice Questions

NEW QUESTION 1
You have the SOA presented below in your Zone.
Your secondary servers have not been able to contact your primary server to synchronize information. How long will the secondary servers attempt to contact the primary server before it considers that zone is dead and stops responding to queries?
collegae.edu.SOA, cikkye.edu ipad.college.edu. (200302028 3600 3600 604800 3600)

• A. One day
• B. One hour
• C. One week
• D. One month

Answer: C

NEW QUESTION 2
What is one of the advantages of using both symmetric and asymmetric cryptography in SSL/TLS?

• A. Supporting both types of algorithms allows less-powerful devices such as mobile phones to use symmetric encryption instead.
• B. Symmetric algorithms such as AES provide a failsafe when asymmetric methods fail.
• C. Symmetric encryption allows the server to security transmit the session keys out-of-band.
• D. Asymmetric cryptography is computationally expensive in compariso
• E. However, it is well-suited to securely negotiate keys for use with symmetric cryptography.

Answer: A

NEW QUESTION 3
A penetration tester is conducting a port scan on a specific host. The tester found several ports opened that were confusing in concluding the Operating System (OS) version installed. Considering that NMAP result below, which of the following is likely to be installed on the target machine by the OS? Starting NMAP 5.21 at 2011-03-15 11:06 NMAP scan report for 172.16.40.65 Host is up (1.00s latency). Not shown: 993 closed ports PORT STATE SERVICE 21/tcp open ftp 23/tcp open telnet 80/tcp open http 139/tcp open netbios-ssn 515/tcp open 631/tcp open ipp 9100/tcp open MAC Address: 00:00:48:0D:EE:8

• A. The host is likely a Linux machine.
• B. The host is likely a printer.
• C. The host is likely a router.
• D. The host is likely a Windows machine.

Answer: B

NEW QUESTION 4
What is the minimum number of network connections in a multi homed firewall?

• A. 3
• B. 5
• C. 4
• D. 2

Answer: A

NEW QUESTION 5
Which of the following LM hashes represent a password of less than 8 characters? (Choose two.)

• A. BA810DBA98995F1817306D272A9441BB
• B. 44EFCE164AB921CQAAD3B435B51404EE
• C. 0182BD0BD4444BF836077A718CCDF409
• D. CEC52EB9C8E3455DC2265B23734E0DAC
• E. B757BF5C0D87772FAAD3B435B51404EE
• F. E52CAC67419A9A224A3B108F3FA6CB6D

Answer: BE

NEW QUESTION 6
Which of the following programming languages is most susceptible to buffer overflow attacks, due to its lack of a built-in bounds checking mechanism?
Code:
#include <string.h> int main(){char buffer[8];
strcpy(buffer, ““11111111111111111111111111111””);} Output: Segmentation fault

• A. C#
• B. Python
• C. Java
• D. C++

Answer: D

NEW QUESTION 7
Which Intrusion Detection System is the best applicable for large environments where critical assets on the network need extra scrutiny and is ideal for observing sensitive network segments?

• A. Honeypots
• B. Firewalls
• C. Network-based intrusion detection system (NIDS)
• D. Host-based intrusion detection system (HIDS)

Answer: C

NEW QUESTION 8
What is a “Collision attack” in cryptography?

• A. Collision attacks try to get the public key
• B. Collision attacks try to break the hash into three parts to get the plaintext value
• C. Collision attacks try to break the hash into two parts, with the same bytes in each part to get the private key
• D. Collision attacks try to find two inputs producing the same hash

Answer: D

NEW QUESTION 9
Fred is the network administrator for his company. Fred is testing an internal switch.
From an external IP address, Fred wants to try and trick this switch into thinking it already has established a session with his computer. How can Fred accomplish this?

• A. Fred can accomplish this by sending an IP packet with the RST/SIN bit and the source address of his computer.
• B. He can send an IP packet with the SYN bit and the source address of his computer.
• C. Fred can send an IP packet with the ACK bit set to zero and the source address of the switch.
• D. Fred can send an IP packet to the switch with the ACK bit and the source address of his machine.

Answer: D

NEW QUESTION 10
Yancey is a network security administrator for a large electric company. This company provides power for over 100, 000 people in Las Vegas. Yancey has worked for his company for over 15 years and has become very successful. One day, Yancey comes in to work and finds out that the company will be downsizing and he will be out of a job in two weeks. Yancey is very angry and decides to place logic bombs, viruses, Trojans, and backdoors all over the network to take down the company once he has left. Yancey does not care if his actions land him in jail for 30 or more years, he just wants the company to pay for what they are doing to him.
What would Yancey be considered?

• A. Yancey would be considered a Suicide Hacker
• B. Since he does not care about going to jail, he would be considered a Black Hat
• C. Because Yancey works for the company currently; he would be a White Hat
• D. Yancey is a Hacktivist Hacker since he is standing up to a company that is downsizing

Answer: A

NEW QUESTION 11
What is GINA?

• A. Gateway Interface Network Application
• B. GUI Installed Network Application CLASS
• C. Global Internet National Authority (G-USA)
• D. Graphical Identification and Authentication DLL

Answer: D

NEW QUESTION 12
The network team has well-established procedures to follow for creating new rules on the firewall. This includes having approval from a manager prior to implementing any new rules. While reviewing the firewall configuration, you notice a recently implemented rule but cannot locate manager approval for it. What would be a good step to have in the procedures for a situation like this?

• A. Have the network team document the reason why the rule was implemented without prior manager approval.
• B. Monitor all traffic using the firewall rule until a manager can approve it.
• C. Do not roll back the firewall rule as the business may be relying upon it, but try to get manager approval as soon as possible.
• D. Immediately roll back the firewall rule until a manager can approve it

Answer: D

NEW QUESTION 13
Peter extracts the SIDs list from Windows 2000 Server machine using the hacking tool "SIDExtractor". Here is the output of the SIDs:

From the above list identify the user account with System Administrator privileges.

• A. John
• B. Rebecca
• C. Sheela
• D. Shawn
• E. Somia
• F. Chang
• G. Micah

Answer: F

NEW QUESTION 14
The collection of potentially actionable, overt, and publicly available information is known as

• A. Open-source intelligence
• B. Real intelligence
• C. Social intelligence
• D. Human intelligence

Answer: A

NEW QUESTION 15
Steve, a scientist who works in a governmental security agency, developed a technological solution to identify people based on walking patterns and implemented this approach to a physical control access.
A camera captures people walking and identifies the individuals using Steve’s approach.
After that, people must approximate their RFID badges. Both the identifications are required to open the door. In this case, we can say:

• A. Although the approach has two phases, it actually implements just one authentication factor
• B. The solution implements the two authentication factors: physical object and physical characteristic
• C. The solution will have a high level of false positives
• D. Biological motion cannot be used to identify people

Answer: B

NEW QUESTION 16
Why should the security analyst disable/remove unnecessary ISAPI filters?

• A. To defend against social engineering attacks
• B. To defend against webserver attacks
• C. To defend against jailbreaking
• D. To defend against wireless attacks

Answer: B

NEW QUESTION 17
Which of the following is the structure designed to verify and authenticate the identity of individuals within the enterprise taking part in a data exchange?

• A. SOA
• B. biometrics
• C. single sign on
• D. PKI

Answer: D

NEW QUESTION 18
Which of the following describes the characteristics of a Boot Sector Virus?

• A. Modifies directory table entries so that directory entries point to the virus code instead of the actual program.
• B. Moves the MBR to another location on the RAM and copies itself to the original location of the MBR.
• C. Moves the MBR to another location on the hard disk and copies itself to the original location of the MBR.
• D. Overwrites the original MBR and only executes the new virus code.

Answer: C

NEW QUESTION 19
What did the following commands determine?

• A. That the Joe account has a SID of 500
• B. These commands demonstrate that the guest account has NOT been disabled
• C. These commands demonstrate that the guest account has been disabled
• D. That the true administrator is Joe
• E. Issued alone, these commands prove nothing

Answer: D

NEW QUESTION 20
Which of the following tools is used to detect wireless LANs using the 802.11a/b/g/n WLAN standards on a linux platform?

• A. Kismet
• B. Abel
• C. Netstumbler
• D. Nessus

Answer: A

NEW QUESTION 21
A technician is resolving an issue where a computer is unable to connect to the Internet using a wireless access point. The computer is able to transfer files locally to other machines, but cannot successfully reach the Internet. When the technician examines the IP address and default gateway they are both on the 192.168.1.0/24. Which of the following has occurred?

• A. The computer is not using a private IP address.
• B. The gateway is not routing to a public IP address.
• C. The gateway and the computer are not on the same network.
• D. The computer is using an invalid IP address.

Answer: B

NEW QUESTION 22
What type of analysis is performed when an attacker has partial knowledge of inner-workings of the application?

• A. Black-box
• B. Announced
• C. White-box
• D. Grey-box

Answer: D

NEW QUESTION 23
An attacker with access to the inside network of a small company launches a successful STP manipulation attack. What will he do next?

• A. He will create a SPAN entry on the spoofed root bridge and redirect traffic to his computer.
• B. He will activate OSPF on the spoofed root bridge.
• C. He will repeat this action so that it escalates to a DoS attack.
• D. He will repeat the same attack against all L2 switches of the network.

Answer: A

NEW QUESTION 24
While using your bank’s online servicing you notice the following string in the URL bar:
“http: // www. MyPersonalBank. com/ account?id=368940911028389&Damount=10980&Camount=21”
You observe that if you modify the Damount & Camount values and submit the request, that data on the web page reflects the changes.
Which type of vulnerability is present on this site?

• A. Cookie Tampering
• B. SQL Injection
• C. Web Parameter Tampering
• D. XSS Reflection

Answer: C

NEW QUESTION 25
......