[Free] 2018(Jan) EnsurePass Testking ECCouncil 312-50v9 Dumps with VCE and PDF 61-70

Ensurepass.com : Ensure you pass the IT Exams
2018 Jan ECCouncil Official New Released 312-50v9
100% Free Download! 100% Pass Guaranteed!

Certified Ethical Hacker Exam V9

Question No: 61

Which of the following statements is TRUE?

  1. Sniffers operation on Layer 3 of the OSI model

  2. Sniffers operation on Layer 2 of the OSI model

  3. Sniffers operation on the Layer 1 of the OSI model

  4. Sniffers operation on both Layer 2 amp; Layer 3 of the OSImodel

Answer: D

Question No: 62

What is the benefit of performing an unannounced Penetration Testing?

  1. The tester will have an actual security posture visibility of thetarget network.

  2. The tester could not provide an honest analysis.

  3. Network security would be in a “best state” posture.

  4. It is best to catch critical infrastructure unpatched.

Answer: A

Question No: 63

It is a short-range wireless communication technology intended to replace the cables connecting portables of fixed deviceswhile maintaining high levels of security. It allows mobile phones, computers and other devices to connect and communicate using a short- range wireless connection.

Which of the following terms best matches the definition?

  1. Bluetooth

  2. Radio-Frequency Identification

  3. WLAN

  4. InfraRed

Answer: A

Question No: 64

You have several plain-text firewall logs that you must review to evaluate network traffic. You know that in order to do this fast and efficiently you must user regular expressions.

Which command-line utility are you most likely to use?

  1. Notepad

  2. MS Excel

  3. Grep

  4. Relational Database

Answer: C

Question No: 65

A Regional bank hires your company to perform a security assessment on their network after a recent data breach. The attacker was able to steal financial data from the bank by compromising only a single server.

Based on this information, what should be one of your key recommendations to the bank?

  1. Move the financial data to another server on the same IP subnet

  2. Place a front-end web server in a demilitarized zone that only handles external web traffic

  3. Issue new certificates to the web servers from the root certificate authority

  4. Require all employees to change their passwords immediately

Answer: A

Question No: 66

What does a firewall check to prevent particularports and applications from getting packets into an organizations?

  1. Transport layer port numbers and application layer headers

  2. Network layer headers and the session layer port numbers

  3. Application layer port numbers and the transport layer headers

  4. Presentation layer headers and the session layer port numbers

Answer: A

Question No: 67

You are tasked to perform a penetration test. While you are performinginformation gathering, you find ab employee list in Google. You find receptionist’s email, and you send her an email changing the source email to her boss’s email ( boss@company ). In this email, you ask for a pdf with information. She reads your email and sends back a pdf with links. You exchange the pdf links with your malicious links (these links contain malware) and send back the modified pdf, saying that the links don’t work. She reads your email, opens the links, and her machine gets infected.

What testing method did you use?

  1. Piggybacking

  2. Tailgating

  3. Evesdropping

  4. Social engineering

Answer: D

Question No: 68

Perspective clients wantto see sample reports from previous penetration tests. What should you do next?

  1. Share full reports, not redacted.

  2. Share full reports, with redacted.

  3. Decline but, provide references.

  4. Share reports, after NDA is signed.

Answer: B

Question No: 69

While using your bank’s online servicing you notice the following stringin the URL bar: “http://www.MyPersonalBank/Account?


You observe that if you modify the Damount amp; Camount values and submit the request, that data on the web page reflect the changes.

What type of vulnerability is present on this site?

  1. SQL injection

  2. XSS Reflection

  3. Web Parameter Tampering

  4. Cookie Tampering

Answer: C

Question No: 70

During a security audit of IT processes, an IS auditor found that there was no documented security procedures. What should the IS auditor do?

  1. Terminate the audit.

  2. Identify and evaluate existing practices.

  3. Create a procedures document

  4. Conduct compliance testing

Answer: B

100% Ensurepass Free Download!
Download Free Demo:312-50v9 Demo PDF
100% Ensurepass Free Guaranteed!
312-50v9 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.