This page was exported from Quickly Pass Test With Lead2pass New Brain Dumps [ ] Export date:Mon Oct 26 15:06:11 2020 / +0000 GMT ___________________________________________________ Title: [2017 Newest] Free Download Lead2pass EC-Council 312-50v9 VCE And PDF Dumps (261-280) --------------------------------------------------- Lead2pass 2017 September New EC-Council 312-50v9 Exam Dumps! 100% Free Download! 100% Pass Guaranteed! The 312-50v9 braindumps are the latest, authenticated by expert and covering each and every aspect of 312-50v9 exam. Comparing with others, our exam questions are rich in variety. We offer PDF dumps and 312-50v9 VCE dumps. Welcome to choose. Following questions and answers are all new published by EC-Council Official Exam Center: QUESTION 261The company ABC recently contracted a new accountant. The accountant will be working with the financial statements. Those financial statements need to be approved by the CFO and then they will be sent to the accountant but the CFO is worried because he wants to be sure that the information sent to the accountant was not modified once he approved it. What of the following options can be useful to ensure the integrity of the data? A.    The document can be sent to the accountant using an exclusive USB for that document.B.    The CFO can use a hash algorithm in the document once he approved the financial statements.C.    The financial statements can be sent twice, one by email and the other delivered in USB and the accountant can compare both to be sure it is the same document.D.    The CFO can use an excel file with a password.Answer: B QUESTION 262A hacker has managed to gain access to a Linux host and stolen the password file from /etc/passwd. How can he use it? A.    The password file does not contain the passwords themselves.B.    He can open it and read the user ids and corresponding passwords.C.    The file reveals the passwords to the root user only.D.    He cannot read it because it is encrypted. Answer: D QUESTION 263Eve stole a file named secret.txt, transferred it to her computer and she just entered these commands: [eve@localhost ~]$ john secret.txtLoaded 2 password hashes with no different salts (LM [DES 128/128 SSE2-16])Press 'q' or Ctrl-C to abort. almost any other key for status0g 0:00:00:03 3/3 0g/s 86168p/s 86168c/s 172336C/s MERO..SAMPLUI0g 0:00:00:04 3/3 0g/s 3296Kp/s 3296Kc/s 6592KC/s GOS..KARIS40g 0:00:00:07 3/3 0g/s 8154Kp/s 8154Kc/s 16309KC/s NY180K..NY18370g 0:00:00:10 3/3 0g/s 7958Kp/s 7958Kc/s 1591KC/s SHAGRN..SHENY9 What is she trying to achieve? A.    She is encrypting the file.B.    She is using John the Ripper to view the contents of the file.C.    She is using ftp to transfer the file to another hacker named John.D.    She is using John the Ripper to crack the passwords in the secret.txt file. Answer: DExplanation: QUESTION 264What is the way to decide how a packet will move from an untrusted outside host to a protected inside that is behind a firewall, which permits the hacker to determine which ports are open and if the packets can pass through the packet-filtering of the firewall. A.    FirewalkingB.    Session hijackingC.    Network sniffingD.    Man-in-the-middle attack Answer: A QUESTION 265Seth is starting a penetration test from inside the network. He hasn't been given any information about the network. What type of test is he conducting? A.    Internal WhiteboxB.    External, WhiteboxC.    Internal, BlackboxD.    External, Blackbox Answer: A QUESTION 266Which tier in the N-tier application architecture is responsible for moving and processing data between the tiers? A.    Application LayerB.    Data tierC.    Presentation tierD.    Logic tier Answer: D QUESTION 267An attacker tries to do banner grabbing on a remote web server and executes the following command. $ nmap -sV -p 80He gets the following output.Starting Nmap 6.47 ( ) at 2014-12-08 19:10 ESTNmap scan report for ( is up (0.032s latency).PORT    STATE    SERVICE    VERSION80/tcp    open        http         Apache httpd Service detection performed. Please report any incorrect results at done: 1 IP address (1 host up) scanned in 6.42 seconds What did the hacker accomplish? A.    nmap can't retrieve the version number of any running remote service.B.    The hacker successfully completed the banner grabbing.C.    The hacker should've used nmap -O    The hacker failed to do banner grabbing as he didn't get the version of the Apache web server. Answer: BExplanation: QUESTION 268_________ is a set of extensions to DNS that provide to DNS clients (resolvers) origin authentication of DNS data to reduce the threat of DNS poisoning, spoofing, and similar attacks types. A.    DNSSECB.    Zone transferC.    Resource transferD.    Resource records Answer: A QUESTION 269Sid is a judge for a programming contest. Before the code reaches him it goes through a restricted OS and is tested there. If it passes, then it moves onto Sid. What is this middle step called? A.    Fuzzy-testing the codeB.    Third party running the codeC.    Sandboxing the codeD.    String validating the code Answer: A QUESTION 270An IT employee got a call from one of our best customers. The caller wanted to know about the company's network infrastructure, systems, and team. New opportunities of integration are in sight for both company and customer. What should this employee do? A.    Since the company's policy is all about Customer Service, he/she will provide information.B.    Disregarding the call, the employee should hang up.C.    The employee should not provide any information without previous management authorization.D.    The employees can not provide any information; but, anyway, he/she will provide the name of the person in charge. Answer: C QUESTION 271A well-intentioned researcher discovers a vulnerability on the web site of a major corporation. What should he do? A.    Ignore it.B.    Try to sell the information to a well-paying party on the dark web.C.    Notify the web site owner so that corrective action be taken as soon as possible to patch the vulnerability.D.    Exploit the vulnerability without harming the web site owner so that attention be drawn to the problem. Answer: C QUESTION 272In both pharming and phishing attacks an attacker can create websites that look similar to legitimate sites with the intent of collecting personal identifiable information from its victims. What is the difference between pharming and phishing attacks? A.    In a pharming attack a victim is redirected to a fake website by modifying their host configuration file or by exploiting vulnerabilities in DNS. In a phishing attack an attacker provides the victim with a URL that is either misspelled or looks similar to the actual websites domain name.B.    Both pharming and phishing attacks are purely technical and are not considered forms of social engineering.C.    Both pharming and phishing attacks are identical.D.    In a phishing attack a victim is redirected to a fake website by modifying their host configuration file or by exploiting vulnerabilities in DNS. In a pharming attack an attacker provides the victim with a URL that is either misspelled or looks very similar to the actual websites domain name. Answer: AExplanation: QUESTION 273Cryptography is the practice and study of techniques for secure communication in the presence of third parties (called adversaries.) More generally, it is about constructing and analyzing protocols that overcome the influence of adversaries and that are related to various aspects in information security such as data confidentiality, data integrity, authentication, and non-repudiation. Modern cryptography intersects the disciplines of mathematics, computer science, and electrical engineering. Applications of cryptography include ATM cards, computer passwords, and electronic commerce. Basic example to understand how cryptography works is given below: SECURE (plain text)+1(+1 next letter, for example, the letter ““T”” is used for ““S”” to encrypt.)TFDVSF (encrypted text)+=logic=> Algorithm1=Factor=> Key Which of the following choices is true about cryptography? A.    Algorithm is not the secret, key is the secret.B.    Symmetric-key algorithms are a class of algorithms for cryptography that use the different cryptographic keys for both encryption of plaintext and decryption of ciphertext.C.    Secure Sockets Layer (SSL) use the asymmetric encryption both (public/private key pair) to deliver the shared session key and to achieve a communication way.D.    Public-key cryptography, also known as asymmetric cryptography, public key is for decrypt, private key is for encrypt. Answer: CExplanation: QUESTION 274Which of these is capable of searching for and locating rogue access points? A.    HIDSB.    WISSC.    WIPSD.    NIDS Answer: C QUESTION 275Which of the following is considered an exploit framework and has the ability to perform automated attacks on services, ports, applications and unpatched security flaws in a computer system? A.    WiresharkB.    MaltegoC.    MetasploitD.    Nessus Answer: C QUESTION 276Sophia travels a lot and worries that her laptop containing confidential documents might be stolen. What is the best protection that will work for her? A.    Password protected filesB.    Hidden foldersC.    BIOS passwordD.    Full disk encryption. Answer: D QUESTION 277The network in ABC company is using the network address with mask In the network the servers are in the addresses, and attacker is trying to find those servers but he cannot see them in his scanning. The command he is using is: nmap Why he cannot see the servers? A.    The network must be down and the nmap command and IP address are ok.B.    He needs to add the command ''''ip address'''' just before the IP address.C.    He is scanning from to because of the mask /28 and the servers are not in that range.D.    He needs to change the address to with the same mask. Answer: CExplanation: QUESTION 278Bob learned that his username and password for a popular game has been compromised. He contacts the company and resets all the information. The company suggests he use two-factor authentication, which option below offers that? A.    A new username and passwordB.    A fingerprint scanner and his username and password.C.    Disable his username and use just a fingerprint scanner.D.    His username and a stronger password. Answer: B QUESTION 279Rebecca commonly sees an error on her Windows system that states that a Data Execution Prevention (DEP) error has taken place. Which of the following is most likely taking place? A.    A race condition is being exploited, and the operating system is containing the malicious process.B.    A page fault is occurring, which forces the operating system to write data from the hard drive.C.    Malware is executing in either ROM or a cache memory area.D.    Malicious code is attempting to execute instruction in a non-executable memory region. Answer: D QUESTION 280Attempting an injection attack on a web server based on responses to True/False questions is called which of the following? A.    Blind SQLiB.    DMS-specific SQLiC.    Classic SQLiD.    Compound SQLi Answer: A More free Lead2pass 312-50v9 exam new questions on Google Drive: EC-Council 312-50v9 is often called the hardest of all EC-Council exams. Lead2pass helps you kill the EC-Council 312-50v9 exam challenge and achieve the perfect passing score with its latest practice test, packed into the revolutionary interactive VCE. This is the best way to prepare and pass the 312-50v9 exam. 2017 EC-Council 312-50v9 (All 589 Q&As) exam dumps (PDF&VCE) from Lead2pass: [100% Exam Pass Guaranteed] --------------------------------------------------- Images: --------------------------------------------------- --------------------------------------------------- Post date: 2017-09-30 06:44:53 Post date GMT: 2017-09-30 06:44:53 Post modified date: 2017-09-30 06:44:53 Post modified date GMT: 2017-09-30 06:44:53 ____________________________________________________________________________________________ Export of Post and Page as text file has been powered by [ Universal Post Manager ] plugin from