312-50v11 Certified Ethical Hacker v11 Exams demo

Exam A
QUESTION 1
While performing online banking using a Web browser, a user receives an email that contains a link to an
interesting Web site. When the user clicks on the link, another Web browser session starts and displays a
video of cats playing a piano. The next business day, the user receives what looks like an email from his bank,
indicating that his bank account has been accessed from a foreign country. The email asks the user to call his
bank and verify the authorization of a funds transfer that took place. What Web browser-based security
vulnerability was exploited to compromise the user?
A. Clickjacking
B. Cross-Site Scripting
C. Cross-Site Request Forgery
D. Web form input validation
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
QUESTION 2
Which service in a PKI will vouch for the identity of an individual or company?
A. KDC
B. CR
C. CBC
D. CA
Correct Answer: D
Section: (none)
Explanation
Explanation/Reference:
QUESTION 3
Identify the web application attack where the attackers exploit vulnerabilities in dynamically generated web
pages to inject client-side script into web pages viewed by other users.
A. LDAP Injection attack
B. Cross-Site Scripting (XSS)
C. SQL injection attack
D. Cross-Site Request Forgery (CSRF)
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
QUESTION 4
User A is writing a sensitive email message to user B outside the local network. User A has chosen to use PKI
to secure his message and ensure only user B can read the sensitive email. At what layer of the OSI layer
96CE4376707A97CE80D4B1916F054522
does the encryption and decryption of the message take place?
A. Application
B. Transport
C. Session
D. Presentation
Correct Answer: D
Section: (none)
Explanation
Explanation/Reference:
QUESTION 5
A new wireless client is configured to join a 802.11 network. This client uses the same hardware and software
as many of the other clients on the network. The client can see the network, but cannot connect. A wireless
packet sniffer shows that the Wireless Access Point (WAP) is not responding to the association requests being
sent by the wireless client. What is a possible source of this problem?
A. The WAP does not recognize the client’s MAC address
B. The client cannot see the SSID of the wireless network
C. Client is configured for the wrong channel
D. The wireless client is not configured to use DHCP
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
QUESTION 6
If you want to only scan fewer ports than the default scan using Nmap tool, which option would you use?
A. –r
B. –F
C. –P
D. –sP
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
QUESTION 7
Which of the following is the structure designed to verify and authenticate the identity of individuals within the
enterprise taking part in a data exchange?
A. SOA
B. biometrics
C. single sign on
D. PKI
96CE4376707A97CE80D4B1916F054522
Correct Answer: D
Section: (none)
Explanation
Explanation/Reference:
QUESTION 8
You are tasked to perform a penetration test. While you are performing information gathering, you find an
employee list in Google. You find the receptionist’s email, and you send her an email changing the source
email to her boss’s email (boss@company). In this email, you ask for a pdf with information. She reads your
email and sends back a pdf with links. You exchange the pdf links with your malicious links (these links contain
malware) and send back the modified pdf, saying that the links don’t work. She reads your email, opens the
links, and her machine gets infected. You now have access to the company network. What testing method did
you use?
A. Social engineering
B. Piggybacking
C. Tailgating
D. Eavesdropping
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
QUESTION 9
If a tester is attempting to ping a target that exists but receives no response or a response that states the
destination is unreachable, ICMP may be disabled and the network may be using TCP. Which other option
could the tester use to get a response from a host using TCP?
A. Traceroute
B. Hping
C. TCP ping
D. Broadcast ping
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
QUESTION 10
Which is the first step followed by Vulnerability Scanners for scanning a network?
A. OS Detection
B. Firewall detection
C. TCP/UDP Port scanning
D. Checking if the remote host is alive
Correct Answer: D
Section: (none)
96CE4376707A97CE80D4B1916F054522
Explanation
Explanation/Reference:
QUESTION 11
Which of the following programs is usually targeted at Microsoft Office products?
A. Polymorphic virus
B. Multipart virus
C. Macro virus
D. Stealth virus
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
QUESTION 12
In an internal security audit, the white hat hacker gains control over a user account and attempts to acquire
access to another account's confidential files and information. How can he achieve this?
A. Privilege Escalation
B. Shoulder-Surfing
C. Hacking Active Directory
D. Port Scanning
Correct Answer: A
Section: (none)

BUY full version for more questions