[Free] 2018(Jan) EnsurePass Testking ECCouncil 312-50v9 Dumps with VCE and PDF 11-20

Ensurepass.com : Ensure you pass the IT Exams
2018 Jan ECCouncil Official New Released 312-50v9
100% Free Download! 100% Pass Guaranteed!

Certified Ethical Hacker Exam V9

Question No: 11

Which regulationdefines security and privacy controls for Federal information systems and organizations?

  1. HIPAA

  2. EU Safe Harbor

  3. PCI-DSS

D. NIST-800-53

Answer: D

Question No: 12

Which of the following is component of a risk assessment?

  1. Logical interface

  2. DMZ

  3. Administrative safeguards

  4. Physical security

Answer: C

Question No: 13

You’ve gained physical access to a Windows 2008 R2 server which has as accessible disc drive. When you attempt to boot the server and log in, you are unable to guess the password. In your tool kit you have an Ubuntu 9.10 Linux LiveCD.Which Linux tool has the ability to change any user’s password or to activate disabled Windows Accounts?

  1. John the Ripper


  3. Cain amp; Abel

  4. SET

Answer: A

Question No: 14

You are the Systems Administrator for a large corporate organization. You need to monitor all network traffic on your local network for suspicious activities and receive notifications when an attack is occurring. Which tool would allow you to accomplish this goal?

  1. Host-based IDS

  2. Firewall

  3. Network-Based IDS

  4. Proxy

Answer: C

Question No: 15

gt; NMAP -sn

The NMAP command above performs which of the following?

  1. A ping scan

  2. A trace sweep

  3. An operating system detect

  4. A port scan

Answer: A

Question No: 16

Which of the following is the structure designed to verify and authenticate the identity of individuals within the enterprise taking part in a data exchange?

  1. PKI

  2. biometrics

  3. SOA

  4. single sign on

Answer: A

Question No: 17

The “Gray box testing” methodology enforces what kind of restriction?

  1. Only the external operation of a system is accessible to the tester.

  2. Only the internal operation of a system is known to the tester.

  3. The internal operation of a system is completely known to the tester.

  4. The internal operation of a system is only partly accessible to the tester.

Answer: D

Question No: 18

Which of the following is one of the most effective ways to prevent Cross-site Scripting (XSS) flaws in software applications?

  1. Verity access right before allowing access to protected information and UI controls

  2. Use security policies and procedures to define and implement proper security settings

  3. Validate and escape all information sent over to a server

  4. Use digital certificates to authenticate a server prior to sending data

Answer: A

Question No: 19

A company’s security states that all web browsers must automatically delete their HTTP browser cookies upon terminating. What sort of security breach is this policy attempting to mitigate?

  1. Attempts by attackers to determine the user#39;s Web browser usage patterns, including when sites were visited and for how long.

  2. Attempts by attackers to access passwords stored on the user#39;s computer without the user#39;s knowledge.

  3. Attempts by attackers to access Web sites that trust the Web browser user by stealing the user#39;s authentication credentials.

  4. Attempts by attacks to access the user and password information stores in the company#39;s SQL database.

Answer: C

Question No: 20

env x= ‘(){ :;};echo exploit ‘ bash -c ‘cat/etc/passwd

What is the Shellshock bash vulnerability attempting to do on an vulnerable Linux host?

  1. Add new user to the passwd file

  2. Display passwd contents to prompt

  3. Change all password in passwd

  4. Remove the passwd file.

Answer: B

100% Ensurepass Free Download!
Download Free Demo:312-50v9 Demo PDF
100% Ensurepass Free Guaranteed!
312-50v9 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.