312-50V10 Exam Questions
937 real 312-50V10 exam questions with expert-verified answers and explanations. Page 7 of 19.
- Question #304Evading IDS, Firewalls, and Honeypots
One advantage of an application-level firewall is the ability to
application firewallHTTP command filteringproxypacket filtering - Question #305Evading IDS, Firewalls, and Honeypots
Which of the statements concerning proxy firewalls is correct?
proxy firewallfirewall typesnetwork connectioncentralization - Question #306Vulnerability Analysis
On a Linux device, which of the following commands will start the Nessus client in the background so that the Nessus server can be configured?
NessusLinux commandsbackground processvulnerability scanner - Question #307Vulnerability Analysis
Which of the following tools will scan a network to perform vulnerability checks and compliance auditing?
Nessusvulnerability scanningcompliance auditingsecurity tools - Question #308System Hacking
What is the best defense against privilege escalation vulnerability?
privilege escalationleast privilegemulti-factor authenticationdefense hardening - Question #309Malware Threats
How can a rootkit bypass Windows 7 operating system's kernel mode, code signing policy?
rootkitkernel mode signingMBRboot sector infection - Question #310Malware Threats
Which of the following items of a computer system will an anti-virus program scan for viruses?
antivirusboot sectorvirus scanningmalware detection - Question #311Evading IDS, Firewalls, and Honeypots
Which protocol and port number might be needed in order to send log messages to a log analysis tool that resides behind a firewall?
syslogUDP 514log analysisfirewall ports - Question #312System Hacking
A pentester is using Metasploit to exploit an FTP server and pivot to a LAN. How will the pentester pivot using Metasploit?
Metasploitpivotingmeterpreterroute statement - Question #313Scanning Networks
What is the outcome of the comm"nc -l -p 2222 | nc 10.1.0.43 1234"?
Netcattraffic relayport pipingcommand syntax - Question #314Evading IDS, Firewalls, and Honeypots
Which of the following is a client-server tool utilized to evade firewall inspection?
tcp-over-dnsfirewall evasionDNS tunnelingcovert channel - Question #315SQL Injection
Which tool is used to automate SQL injections and exploit a database by forcing a given web application to connect to another database controlled by a hacker?
SQL injectionDataThiefdatabase exploitationautomated tools - Question #316Evading IDS, Firewalls, and Honeypots
Which of the following identifies the three modes in which Snort can be configured to run?
SnortIDS modespacket loggersniffer - Question #317Sniffing
When using Wireshark to acquire packet capture on a network, which device would enable the capture of all traffic on the wire?
Wiresharknetwork tappacket capturepromiscuous mode - Question #318System Hacking
Which of the following programming languages is most vulnerable to buffer overflow attacks?
buffer overflowC++memory managementunsafe languages - Question #319Cryptography
Smart cards use which protocol to transfer the certificate in a secure manner?
smart cardEAPcertificate transferauthentication protocol - Question #320Cryptography
Which of the following is a hashing algorithm?
MD5hashing algorithmcryptographic hashintegrity - Question #321Sniffing
Which of the following problems can be solved by using Wireshark?
Wiresharkpacket analysisnetwork troubleshootingprotocol analysis - Question #322Sniffing
What is the correct PCAP filter to capture all TCP traffic going to or from host 192.168.0.125 on port 25?
PCAP filterWiresharkTCP filterBPF syntax - Question #323Hacking Wireless Networks
Which tool would be used to collect wireless packet data?
wireless packet captureNetStumblerwireless toolspacket collection - Question #324Information Security and Ethical Hacking Fundamentals
Which of the following is an example of two factor authentication?
two-factor authenticationmulti-factor authenticationauthentication factorsbiometrics - Question #325Cryptography
Diffie-Hellman (DH) groups determine the strength of the key used in the key exchange process. Which of the following is the correct bit size of the Diffie-Hellman (DH) group 5?
Diffie-Hellmankey exchangeDH groupskey strength - Question #326Cryptography
After gaining access to the password hashes used to protect access to a web based application, knowledge of which cryptographic algorithms would be useful to gain access to the app...
password hashingSHA1cryptographic algorithmshash cracking - Question #327System Hacking
What statement is true regarding LM hashes?
LM hashesWindows authenticationpassword hashingNTLM - Question #328Hacking Web Applications
A developer for a company is tasked with creating a program that will allow customers to update their billing and shipping information. The billing address field used is limited to...
buffer overflowinput validationsecure codingboundary checking - Question #329Hacking Web Applications
A security analyst in an insurance company is assigned to test a new web application that will be used by clients to help them choose and apply for an insurance plan. The analyst d...
cross-site scriptingXSSASPweb application security - Question #330SQL Injection
A security administrator notices that the log file of the company's webserver contains suspicious entries: Based on source code analysis, the analyst concludes that the login.php s...
SQL injectionlogin formweb applicationdatabase attack - Question #331Evading IDS, Firewalls, and Honeypots
Which solution can be used to emulate computer services, such as mail and ftp, and to capture information related to logins or actions?
honeypotdeception technologyservice emulationintrusion detection - Question #332Scanning Networks
Which command lets a tester enumerate alive systems in a class C network via ICMP using native Windows tools?
ICMP ping sweepWindows commandnetwork enumerationhost discovery - Question #333Scanning Networks
What results will the following command yield: 'NMAP -sS -O -p 123-153 192.168.100.3'?
Nmapstealth scanOS detectionport scanning - Question #334Scanning Networks
Which of the following parameters enables NMAP's operating system detection feature?
NmapOS detectionscan flagsoperating system fingerprinting - Question #335Scanning Networks
Which of the following open source tools would be the best choice to scan a network for potential targets?
Nmapnetwork scanningopen source toolstarget discovery - Question #336Scanning Networks
A hacker is attempting to see which IP addresses are currently active on a network. Which NMAP switch would the hacker use?
Nmaphost discoveryping scannetwork mapping - Question #337Sniffing
A hacker, who posed as a heating and air conditioning specialist, was able to install a sniffer program in a switched environment network. Which attack could the hacker use to snif...
MAC floodingswitched networksniffingARP attack - Question #338Vulnerability Analysis
Which of the following settings enables Nessus to detect when it is sending too many packets and the network pipe is approaching capacity?
Nessusvulnerability scanningcongestion controlscan settings - Question #339Cryptography
How does an operating system protect the passwords used for account logins?
password hashingone-way hashOS securitycredential storage - Question #340Hacking Web Applications
An attacker has been successfully modifying the purchase price of items purchased on the company's web site. The security administrators verify the web server and Oracle database h...
hidden form fieldsweb application attackparameter tamperingprice manipulation - Question #341System Hacking
Which tool can be used to silently copy files from USB devices?
USB Dumperdata theftphysical securityremovable media - Question #342SQL Injection
Which of the following is used to indicate a single-line comment in structured query language (SQL)?
SQL comment syntaxsingle-line commentSQL injection basicsquery structure - Question #343Scanning Networks
A security engineer is attempting to map a company's internal network. The engineer enters in the following NMAP command: NMAP -n -sS -P0 -p 80 ***.***.**.** What type of scan is t...
NMAPSYN scanstealth scanport scanning - Question #344Scanning Networks
What is the broadcast address for the subnet 190.86.168.0/22?
subnettingbroadcast addressCIDR notationIPv4 - Question #345System Hacking
A company is using Windows Server 2003 for its Active Directory (AD). What is the most efficient way to crack the passwords for the AD users?
rainbow tablepassword crackingActive DirectoryLM hash - Question #346Evading IDS, Firewalls, and Honeypots
Which of the following does proper basic configuration of snort as a network intrusion detection system require?
SnortNIDS configurationpacket captureintrusion detection - Question #347Sniffing
How is sniffing broadly categorized?
active sniffingpassive sniffingnetwork sniffingsniffing categories - Question #348Information Security and Ethical Hacking Fundamentals
What are the three types of authentication?
authentication factorsmulti-factor authenticationsomething you know have areidentity verification - Question #349Cryptography
The use of technologies like IPSec can help guarantee the following: authenticity, integrity, confidentiality and
IPSecnon-repudiationVPN securityCIA triad - Question #350Information Security and Ethical Hacking Fundamentals
What is the main disadvantage of the scripting languages as opposed to compiled programming languages?
scripting languagescompiled languagesinterpreter overheadmalware scripting - Question #351Malware Threats
A botnet can be managed through which of the following?
botnetIRCcommand and controlC2 infrastructure - Question #352Scanning Networks
Fingerprinting VPN firewalls is possible with which of the following tools?
ike-scanVPN fingerprintingIKE protocolfirewall enumeration - Question #353Denial of Service
What is a successful method for protecting a router from potential smurf attacks?
smurf attackICMP broadcastDoS mitigationamplification attack