This page was exported from New Lead2pass PDF And VCE Ensure IT Exam Pass 100% [ ] Export date:Sat Jul 11 14:12:40 2020 / +0000 GMT ___________________________________________________ Title: [Lead2pass New] Lead2pass EC-Council 312-50v9 Exam Dumps Free Download (321-340) --------------------------------------------------- Lead2pass 2017 November New EC-Council 312-50v9 Exam Dumps! 100% Free Download! 100% Pass Guaranteed! 312-50v9 exam questions and answers provided by Lead2pass will guarantee you pass 312-50v9 exam, because Lead2pass is the top IT Certification study training materials vendor. Many candidates have passed exam with the help of Lead2pass. We offer the latest 312-50v9 PDF and VCE dumps with new version VCE player for free download, you can pass the exam beyond any doubt. Following questions and answers are all new published by EC-Council Official Exam Center: QUESTION 321As an Ethical Hacker you are capturing traffic from your customer network with Wireshark and you need to find and verify just SMTP traffic. What command in Wireshark will help you to find this kind of traffic? A.    request smtp 25B.    tcp.port eq 25C.    smtp portD.    tcp.contains port 25Answer: B QUESTION 322Which service in a PKI will vouch for the identity of an individual or company? A.    KDCB.    CAC.    CRD.    CBC Answer: B QUESTION 323In IPv6 what is the major difference concerning application layer vulnerabilities compared to IPv4? A.    Implementing IPv4 security in a dual-stack network offers protection from IPv6 attacks too.B.    Vulnerabilities in the application layer are independent of the network layer. Attacks and mitigation techniques are almost identical.C.    Due to the extensive security measures built in IPv6, application layer vulnerabilities need not be addresses.D.    Vulnerabilities in the application layer are greatly different from IPv4. Answer: B QUESTION 324In which phase of the ethical hacking process can Google hacking be employed? This is a technique that involves manipulating a search string with specific operators to search for vulnerabilities. Example:allintitle: root passwd A.    Maintaining AccessB.    Gaining AccessC.    ReconnaissanceD.    Scanning and Enumeration Answer: C QUESTION 325Which type of security feature stops vehicles from crashing through the doors of a building? A.    TurnstileB.    BollardsC.    MantrapD.    Receptionist Answer: B QUESTION an attack type for a rogue Wi-Fi access point that appears to be a legitimate one offered on the premises, but actually has been set up to eavesdrop on wireless communications. It is the wireless version of the phishing scam. An attacker fools wireless users into connecting a laptop or mobile phone to a tainted hotspot by posing as a legitimate provider. This type of attack may be used to steal the passwords of unsuspecting users by either snooping the communication link or by phishing, which involves setting up a fraudulent web site and luring people there. Fill in the blank with appropriate choice. A.    Collision AttackB.    Evil Twin AttackC.    Sinkhole AttackD.    Signal Jamming Attack Answer: B QUESTION 327Which access control mechanism allows for multiple systems to use a central authentication server (CAS) that permits users to authenticate once and gain access to multiple systems? A.    Role Based Access Control (RBAC)B.    Discretionary Access Control (DAC)C.    Windows authenticationD.    Single sign-on Answer: D QUESTION 328What attack is used to crack passwords by using a precomputed table of hashed passwords? A.    Brute Force AttackB.    Hybrid AttackC.    Rainbow Table AttackD.    Dictionary Attack Answer: C QUESTION 329Your next door neighbor, that you do not get along with, is having issues with their network, so he yells to his spouse the network's SSID and password and you hear them both clearly. What do you do with this information? A.    Nothing, but suggest to him to change the network's SSID and password.B.    Sell his SSID and password to friends that come to your house, so it doesn't slow down your network.C.    Log onto to his network, after all it's his fault that you can get in.D.    Only use his network when you have large downloads so you don't tax your own network. Answer: A QUESTION 330Shellshock had the potential for an unauthorized user to gain access to a server. It affected many internet- facing services, which OS did it not directly affect? A.    WindowsB.    UnixC.    LinuxD.    OS X Answer: D QUESTION 331You want to analyze packets on your wireless network. Which program would you use? A.    Wireshark with AirpcapB.    Airsnort with AirpcapC.    Wireshark with WinpcapD.    Ethereal with Winpcap Answer: A QUESTION 332It has been reported to you that someone has caused an information spillage on their computer. You go to the computer, disconnect it from the network, remove the keyboard and mouse, and power it down. What step in incident handling did you just complete? A.    ContainmentB.    EradicationC.    RecoveryD.    Discovery Answer: A QUESTION 333What is the code written for? #!/usr/bin/pythonimport socketbuffer=[“A”]counter=50while len(buffer)<=100:buffer.apend (“A”*counter)counter=counter+50commands=[“HELP”,“STATS.”,“RTIME.”,“LTIME.”,“SRUN.”,“TRUN.”,“GMON.”,“GDOG.”,“KSTET.”,“GTER.”,“HTER.”,“LTER.”,“KSTAN.”]for command in commands:for buffstring in buffer:  print “Exploiting” +command+“:”+str(len(buffstring))  s=socket.socket(socket.AF_INET.socket.SOCK_STREAM)  s.connect(('',9999))  s.recv(50)  s.send(command+buffstring)  s.close() A.    Buffer OverflowB.    EncryptionC.    BruteforceD.    Denial-of-service (Dos) Answer: AExplanation: QUESTION 334An enterprise recently moved to a new office and the new neighborhood is a little risky. The CEO wants to monitor the physical perimeter and the entrance doors 24 hours. What is the best option to do this job? A.    Use fences in the entrance doors.B.    Install a CCTV with cameras pointing to the entrance doors and the street.C.    Use an IDS in the entrance doors and install some of them near the corners.D.    Use lights in all the entrance doors and along the company's perimeter. Answer: B QUESTION 335Which of the following is a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. A.    Heartbleed BugB.    POODLEC.    SSL/TLS Renegotiation VulnerabilityD.    Shellshock Answer: A QUESTION 336There are several ways to gain insight on how a cryptosystem works with the goal of reverse engineering the process. A term describes when two pieces of data result in the same value is? A.    CollisionB.    CollusionC.    PolymorphismD.    Escrow Answer: C QUESTION 337Which of the following security policies defines the use of VPN for gaining access to an internal corporate network? A.    Network security policyB.    Remote access policyC.    Information protection policyD.    Access control policy Answer: B QUESTION 338One of the Forbes 500 companies has been subjected to a large scale attack. You are one of the shortlisted pen testers that they may hire. During the interview with the CIO, he emphasized that he wants to totally eliminate all risks. What is one of the first things you should do when hired? A.    Interview all employees in the company to rule out possible insider threats.B.    Establish attribution to suspected attackers.C.    Explain to the CIO that you cannot eliminate all risk, but you will be able to reduce risk to acceptable levels.D.    Start the Wireshark application to start sniffing network traffic. Answer: C QUESTION 339Which of the following is an NMAP script that could help detect HTTP Methods such as GET, POST, HEAD, PUT, DELETE, TRACE? A.    http-gitB.    http-headersC.    http enumD.    http-methods Answer: D QUESTION 340Which of the following is the most important phase of ethical hacking wherein you need to spend considerable amount of time? A.    Gaining accessB.    Escalating privilegesC.    Network mappingD.    Footprinting Answer: D More free Lead2pass 312-50v9 exam new questions on Google Drive: Lead2pass is the leader in supplying candidates with current and up-to-date training materials for EC-Council certification and exam preparation. Comparing with others, our 312-50v9 exam questions are more authoritative and complete. We offer the latest 312-50v9 PDF and VCE dumps with new version VCE player for free download, and the new 312-50v9 dump ensures your exam 100% pass. 2017 EC-Council 312-50v9 (All 589 Q&As) exam dumps (PDF&VCE) from Lead2pass: [100% Exam Pass Guaranteed] --------------------------------------------------- Images: --------------------------------------------------- --------------------------------------------------- Post date: 2017-11-15 05:55:09 Post date GMT: 2017-11-15 05:55:09 Post modified date: 2017-11-15 05:55:09 Post modified date GMT: 2017-11-15 05:55:09 ____________________________________________________________________________________________ Export of Post and Page as text file has been powered by [ Universal Post Manager ] plugin from