312-50V10 Exam Questions
937 real 312-50V10 exam questions with expert-verified answers and explanations. Page 17 of 19.
- Question #809Information Security and Ethical Hacking Fundamentals
Nedved is an IT Security Manager of a bank in his country. One day. he found out that there is a security bre ch to his company's email server based on analysis of a suspicious con...
incident responsecontainmentemail server breachfirst responder steps - Question #810Social Engineering
Vlady works in a fishing company where the majority of the employees have very little understanding of IT let alone IT Security. Several information security issues that Vlady ofte...
security awareness trainingpassword hygieneinsider threatshuman-factor security - Question #811Scanning Networks
Techno Security Inc. recently hired John as a penetration tester. He was tasked with identifying open ports in the target network and determining whether the ports are online and a...
NmapTCP SYN ping scanhost discoveryfirewall detection - Question #812Cloud Computing
Heather's company has decided to use a new customer relationship management tool. After performing the appropriate research, they decided to purchase a subscription to a cloud-host...
SaaScloud service modelsmanaged servicescloud deployment - Question #813Vulnerability Analysis
A post-breach forensic investigation revealed that a known vulnerability in Apache Struts was to blame for the Equifax data breach that affected 143 million customers. A fix was av...
patch managementvulnerability managementApache Strutsdata breach - Question #814Cryptography
Bella, a security professional working at an it firm, finds that a security breach has occurred while transferring important files. Sensitive data, employee usernames. and password...
HTTPSdigital certificatesencryption in transitsecure protocols - Question #815Hacking Wireless Networks
There have been concerns in your network that the wireless network component is not sufficiently secure. You perform a vulnerability scan of the wireless network and find that it i...
WEPwireless encryptionwired equivalent privacylegacy wireless security - Question #816Hacking Web Applications
Judy created a forum, one day. she discovers that a user is posting strange images without writing comments. She immediately calls a security expert, who discovers that the followi...
XSScross-site scriptingcookie theftsession hijacking - Question #817Hacking Web Applications
Gilbert, a web developer, uses a centralized web API to reduce complexity and increase the Integrity of updating and changing data. For this purpose, he uses a web service that use...
REST APIweb servicesHTTP methodsAPI architecture - Question #818Vulnerability Analysis
An organization is performing a vulnerability assessment tor mitigating threats. James, a pen tester, scanned the organization by building an inventory of the protocols found on th...
service-based assessmentvulnerability assessmentprotocol inventoryinference-based scanning - Question #819Hacking Web Servers
What is the first step for a hacker conducting a DNS cache poisoning (DNS spoofing) attack against an organization?
DNS cache poisoningDNS spoofingnameserver queryDNS resolver - Question #820Footprinting and Reconnaissance
Emily, an extrovert obsessed with social media, posts a large amount of private information, photographs, and location tags of recently visited places. Realizing this. James, a pro...
OSINTgeolocation trackingsocial media reconnaissancefootprinting tools - Question #821Denial of Service
Abel, a security professional, conducts penetration testing in his client organization to check for any security loopholes. He launched an attack on the DHCP servers by broadcastin...
DHCP starvationDHCP exhaustionDoS attacknetwork flooding - Question #822Cloud Computing
Abel, a cloud architect, uses container technology to deploy applications/software including all its dependencies, such as libraries and configuration files, binaries, and other re...
container architectureimage signingtesting accreditationcontainer registries - Question #823Hacking Wireless Networks
in an attempt to increase the security of your network, you Implement a solution that will help keep your wireless network undiscoverable and accessible only to those that know It....
SSID broadcastingwireless concealmentnetwork discoverywireless security - Question #824SQL Injection
Suppose that you test an application for the SQL injection vulnerability. You know that the backend database is based on Microsoft SQL Server. In the login/password form, you enter...
SQL injectioncomment syntaxauthentication bypassMSSQL - Question #825Scanning Networks
If you want to only scan fewer ports than the default scan using Nmap tool, which option would you use?
Nmapport scanningscan optionsnetwork reconnaissance - Question #826IoT and OT Hacking
George is a security professional working for iTech Solutions. He was tasked with securely transferring sensitive data of the organization between industrial systems. In this proce...
ZigbeeIEEE 802.15.4short-range wirelessIoT protocols - Question #827Footprinting and Reconnaissance
is a set of extensions to DNS that provide the origin authentication of DNS data to DNS clients (resolvers) so as to reduce the threat of DNS poisoning, spoofing, and similar types...
DNSSECDNS securityDNS poisoning preventionzone integrity - Question #828Hacking Web Servers
Larry, a security professional in an organization, has noticed some abnormalities In the user accounts on a web server. To thwart evolving attacks, he decided to harden the securit...
web server hardeninguser account securityleast privilegeaccess control - Question #829System Hacking
By performing a penetration test, you gained access under a user account. During the test, you established a connection with your own machine via the SMB service and occasionally e...
covering tracksbash historylog clearingSMB - Question #830Cryptography
Ethical backer jane Doe is attempting to crack the password of the head of the it department of ABC company. She Is utilizing a rainbow table and notices upon entering a password t...
password saltingrainbow tablespassword hashingcryptographic countermeasures - Question #831Hacking Wireless Networks
Bobby, an attacker, targeted a user and decided to hijack and intercept all their wireless communications. He installed a fake communication tower between two authentic endpoints t...
KRACK attackwireless MITMfake base stationsession hijacking - Question #832Cryptography
in this form of encryption algorithm, every Individual block contains 64-bit data, and three keys are used, where each key consists of 56 bits. Which is this encryption algorithm?
Triple DESsymmetric encryptionblock cipher3DES key structure - Question #833Malware Threats
To create a botnet. the attacker can use several techniques to scan vulnerable machines. The attacker first collects Information about a large number of vulnerable machines to crea...
hit-list scanningbotnet propagationmalware spreadingscanning techniques - Question #834Footprinting and Reconnaissance
Which file is a rich target to discover the structure of a website during web-server footprinting?
web server footprintingrobots.txtwebsite structuredocument root - Question #835Information Security and Ethical Hacking Fundamentals
John, a professional hacker, performs a network attack on a renowned organization and gains unauthorized access to the target network. He remains in the network without being detec...
APTadvanced persistent threatstealthy intrusionnetwork attack techniques - Question #836Footprinting and Reconnaissance
Clark, a professional hacker, was hired by an organization lo gather sensitive Information about its competitors surreptitiously. Clark gathers the server IP address of the target...
ARINIP address lookupnetwork rangefootprinting tools - Question #837Footprinting and Reconnaissance
Louis, a professional hacker, had used specialized tools or search engines to encrypt all his browsing activity and navigate anonymously to obtain sensitive/hidden information abou...
dark web footprintinganonymous browsingTOROSINT techniques - Question #838SQL Injection
Daniel Is a professional hacker who Is attempting to perform an SQL injection attack on a target Injection attempts based on predefined signatures. To evade any comparison statemen...
SQL injection evasionnull bytesignature bypassIDS evasion - Question #839Evading IDS, Firewalls, and Honeypots
Clark is a professional hacker. He created and configured multiple domains pointing to the same host to switch quickly between the domains and avoid detection. Identify the behavio...
fast-flux DNSdomain rotationdetection evasionC2 infrastructure - Question #840Malware Threats
To invisibly maintain access to a machine, an attacker utilizes a toolkit that sits undetected In the core components of the operating system. What is this type of rootkit an examp...
kernel rootkitrootkit typesOS core persistencemalware stealth - Question #841Evading IDS, Firewalls, and Honeypots
which of the following information security controls creates an appealing isolated environment for hackers to prevent them from compromising critical targets while simultaneously g...
honeypotattacker deceptionintrusion detectionnetwork security controls - Question #842IoT and OT Hacking
Bob, an attacker, has managed to access a target loT device. He employed an online tool to gather information related to the model of the loT device and the certifications granted...
IoT reconnaissanceFCC IDdevice information gatheringonline tools - Question #843Session Hijacking
Samuel, a professional hacker, monitored and Intercepted already established traffic between Bob and a host machine to predict Bob's ISN. Using this ISN, Samuel sent spoofed packet...
TCP session hijackingISN predictionIP spoofingblind hijacking - Question #844Session Hijacking
Boney, a professional hacker, targets an organization for financial benefits. He performs an attack by sending his session ID using an MITM attack technique. Boney first obtains a...
session fixationsession donationMITMweb session attacks - Question #845Scanning Networks
During an Xmas scan what indicates a port is closed?
Xmas scanport scanningRST responseclosed port - Question #846Social Engineering
Steve, an attacker, created a fake profile on a social media website and sent a request to Stella. Stella was enthralled by Steve's profile picture and the description given for hi...
honey trapfake profilesocial mediasocial engineering - Question #847Malware Threats
The network users are complaining because their system are slowing down. Further, every time they attempt to go a website, they receive a series of pop-ups with advertisements. Wha...
adwaremalware typespop-up adssystem slowdown - Question #848Information Security and Ethical Hacking Fundamentals
Attacker Lauren has gained the credentials of an organization's internal server system, and she was often logging in during irregular times to monitor the network activities. The o...
incident triageincident handlingIH&R phasesattack analysis - Question #849Hacking Web Applications
Susan, a software developer, wants her web API to update other applications with the latest information. For this purpose, she uses a user-defined HTTP tailback or push APIs that a...
webhooksweb APIpush APIHTTP callbacks - Question #850Cloud Computing
Sam, a professional hacker. targeted an organization with intention of compromising AWS IAM credentials. He attempted to lure one of the employees of the organization by initiating...
AWS IAMcloud credential theftphishingsocial engineering - Question #851Vulnerability Analysis
Attacker Rony Installed a rogue access point within an organization's perimeter and attempted to Intrude into its internal network. Johnson, a security auditor, identified some unu...
wireless network assessmentrogue access pointvulnerability assessmentauthentication cracking - Question #852IoT and OT Hacking
what is the port to block first in case you are suspicious that an loT device has been compromised?
IoT securityport blockingcompromised devicenetwork ports - Question #853Scanning Networks
You have successfully comprised a server having an IP address of 10.10.0.5. You would like to enumerate all machines in the same network quickly. What is the best Nmap command you...
Nmapnetwork enumerationfast scansubnet scanning - Question #854Vulnerability Analysis
Morris, a professional hacker, performed a vulnerability scan on a target organization by sniffing the traffic on the network lo identify the active systems, network services, appl...
passive assessmentnetwork sniffingvulnerability assessmentcredentialed assessment - Question #855Hacking Wireless Networks
This wireless security protocol allows 192-bit minimum-strength security protocols and cryptographic tools to protect sensitive data, such as GCMP-2S6. MMAC-SHA384, and ECDSA using...
WPA3-Enterprise192-bit securityGCMP-256wireless encryption - Question #856Evading IDS, Firewalls, and Honeypots
What firewall evasion scanning technique make use of a zombie system that has low network activity as well as its fragment identification numbers?
idle scanningzombie systemfirewall evasionIP ID sequence - Question #857SQL Injection
SQL injection (SOU) attacks attempt to inject SOL syntax into web requests, which may Bypass authentication and allow attackers to access and/or modify data attached to a web appli...
out-of-band SQLiDNS exfiltrationSQL injection typesblind SQLi - Question #858Vulnerability Analysis
in the Common Vulnerability Scoring System (CVSS) v3.1 severity ratings, what range does medium vulnerability fall in?
CVSS v3.1vulnerability scoringseverity ratingsmedium vulnerability