312-50V11 Practice Questions
1,039 real 312-50V11 exam questions with expert-verified answers and explanations. Page 1 of 21.
- Question #1Hacking Web Applications
Insecure direct object reference is a type of vulnerability where the application does not verify if the user is authorized to access the internal object via its name or key. Suppo...
IDORweb authorizationobject referenceHTTP requests - Question #2Footprinting and Reconnaissance
Which tool allows analysts and pen testers to examine links between data using graphs and link analysis?
Maltegolink analysisOSINTgraph visualization - Question #3Hacking Wireless Networks
Which of these is capable of searching for and locating rogue access points?
WIPSrogue access pointswireless detection802.11 - Question #4Information Security and Ethical Hacking Fundamentals
A hacker is an intelligent individual with excellent computer skills and the ability to explore a computer's software and hardware without the owner's permission. Their intention c...
hacker typesgray hatethical hackinghacker classification - Question #5Hacking Web Applications
Websites and web portals that provide web services commonly use the Simple Object Access Protocol (SOAP). Which of the following is an incorrect definition or characteristics of th...
SOAPweb servicesXML protocolapplication protocols - Question #6System Hacking
You have gained physical access to a Windows 2008 R2 server which has an accessible disc drive. When you attempt to boot the server and log in, you are unable to guess the password...
CHNTPWpassword resetWindows authenticationoffline attack - Question #7Hacking Web Applications
What type of vulnerability/attack is it when the malicious person forces the user's browser to send an authenticated request to a server?
CSRFcross-site request forgeryauthenticated requestweb attacks - Question #8Information Security and Ethical Hacking Fundamentals
When does the Payment Card Industry Data Security Standard (PCI-DSS) require organizations to perform external and internal penetration testing?
PCI-DSSpenetration testingcompliancesecurity standards - Question #9Scanning Networks
If a tester is attempting to ping a target that exists but receives no response or a response that states the destination is unreachable, ICMP may be disabled and the network may b...
HpingTCP pingICMP bypassnetwork scanning - Question #10Hacking Mobile Platforms
Which of the following types of jailbreaking allows user-level access but does not allow iboot-level access?
jailbreakinguserland exploitiOS securitymobile privilege - Question #11Information Security and Ethical Hacking Fundamentals
What is not a PCI compliance recommendation?
PCI-DSScompliance requirementsaccess controlcardholder data - Question #12Information Security and Ethical Hacking Fundamentals
The "white box testing" methodology enforces what kind of restriction?
white box testingpenetration testing methodologytesting typesfull disclosure - Question #13Hacking Web Applications
Identify the web application attack where the attackers exploit vulnerabilities in dynamically generated web pages to inject client-side script into web pages viewed by other users...
XSScross-site scriptingclient-side injectionweb vulnerabilities - Question #14Hacking Wireless Networks
This tool is an 802.11 WEP and WPA-PSK keys cracking program that can recover keys once enough data packets have been captured. It implements the standard FMS attack along with som...
Aircrack-ngWEP crackingWPA-PSKwireless key recovery - Question #15Scanning Networks
The following is part of a log file taken from the machine on the network with the IP address of 192.168.0.110: What type of activity has been logged?
port scanlog analysisnetwork scanningtraffic analysis - Question #16Evading IDS, Firewalls, and Honeypots
You are attempting to run an Nmap port scan on a web server. Which of the following commands would result in a scan of common ports with the least amount of noise in order to evade...
NmapIDS evasiontiming templatesstealth scanning - Question #17Information Security and Ethical Hacking Fundamentals
Bob, your senior colleague, has sent you a mail regarding aa deal with one of the clients. You are requested to accept the offer and you oblige. After 2 days, Bob denies that he ha...
non-repudiationCIA triaddigital proofinformation security principles - Question #18SQL Injection
What is attempting an injection attack on a web server based on responses to True/False questions called?
blind SQL injectionboolean-based SQLitrue/false inferenceSQL injection types - Question #19Scanning Networks
The establishment of a TCP connection involves a negotiation called three-way handshake. What type of message does the client send to the server in order to begin this negotiation?
TCP handshakeSYN packetthree-way handshakenetwork fundamentals - Question #20Sniffing
You need a tool that can do network intrusion prevention and intrusion detection, function as a network sniffer, and record network activity. What tool would you most likely select...
SnortIDSnetwork snifferintrusion detection - Question #21Scanning Networks
Which of the following will perform an Xmas scan using NMAP?
NMAPXmas scanTCP flagsport scanning - Question #22Hacking Web Applications
Code injection is a form of attack in which a malicious user:
code injectioninput validationweb vulnerabilitiesdata field injection - Question #23Footprinting and Reconnaissance
The collection of potentially actionable, overt, and publicly available information is known as
OSINTopen-source intelligencepassive reconnaissancepublic information - Question #24Footprinting and Reconnaissance
Which one of the following Google advanced search operators allows an attacker to restrict the results to those websites in the given domain?
Google hackingsearch operatorssite operatorfootprinting - Question #25Cryptography
This asymmetry cipher is based on factoring the product of two large prime numbers. What cipher is described above?
RSAasymmetric encryptionprime factoringpublic key cryptography - Question #26Evading IDS, Firewalls, and Honeypots
Firewalls are the software or hardware systems that are able to control and monitor the traffic coming in and out the target network based on pre-defined set of rules. Which of the...
web application firewallWAFfirewall typesSQL injection protection - Question #27Enumeration
During a recent security assessment, you discover the organization has one Domain Name Server (DNS) in a Demilitarized Zone (DMZ) and a second DNS server on the internal network. W...
Split DNSDNS architectureDMZDNS configuration - Question #28Cryptography
In which of the following cryptography attack methods, the attacker makes a series of interactive queries, choosing subsequent plaintexts based on the information from the previous...
adaptive chosen-plaintext attackcryptanalysisplaintext attackinteractive queries - Question #29Hacking Web Applications
Which of the following attacks exploits web age vulnerabilities that allow an attacker to force an unsuspecting user's browser to send malicious requests they did not intend?
CSRFcross-site request forgeryweb vulnerabilitiesbrowser-based attack - Question #30Vulnerability Analysis
Which is the first step followed by Vulnerability Scanners for scanning a network?
vulnerability scanninghost discoveryping sweepscanning methodology - Question #31Vulnerability Analysis
Shellshock allowed an unauthorized user to gain access to a server. It affected many Internet- facing services, which OS did it not directly affect?
Shellshockbash vulnerabilityOS impactCVE - Question #32Cryptography
Alice encrypts her data using her public key PK and stores the encrypted data in the cloud. Which of the following attack scenarios will compromise the privacy of her data?
public key encryptionprivate key exposurecloud securitydata privacy - Question #33Enumeration
A hacker named Jack is trying to compromise a bank's computer system. He needs to know the operating system of that computer to launch further attacks. What process would help him?
banner grabbingOS fingerprintingservice detectionenumeration - Question #34Cryptography
What two conditions must a digital signature meet?
digital signatureunforgeabilityauthenticityPKI - Question #35Hacking Wireless Networks
Bob, a network administrator at BigUniversity, realized that some students are connecting their notebooks in the wired network to have Internet access. In the university campus, th...
802.1xnetwork access controlNACport security - Question #36Hacking Mobile Platforms
Which of the following Bluetooth hacking techniques does an attacker use to send messages to users without the recipient's consent, similar to email spamming?
BluejackingBluetoothunsolicited messagingwireless attacks - Question #37System Hacking
Which method of password cracking takes the most time and effort?
brute forcepassword crackingauthentication attacksexhaustive search - Question #38Malware Threats
Which of the following program infects the system boot sector and the executable files at the same time?
multipartite virusboot sector infectionexecutable infectionvirus types - Question #39Scanning Networks
You are a Penetration Tester and are assigned to scan a server. You need to use a scanning technique wherein the TCP Header is split into many packets so that it becomes difficult...
IP fragment scanningpacket fragmentationfirewall evasionstealth scanning - Question #40Social Engineering
An IT employee got a call from one of our best customers. The caller wanted to know about the company's network infrastructure, systems, and team. New opportunities of integration...
social engineeringvishinginformation disclosurepretexting - Question #41Scanning Networks
Which Nmap option would you use if you were not concerned about being detected and wanted to perform a very fast scan?
Nmap timingscan speedstealth vs speednetwork scanning - Question #42Footprinting and Reconnaissance
Which of the following provides a security professional with most information about the system's security posture?
security posturereconnaissance techniquesport scanningbanner grabbing - Question #43Hacking Web Servers
What is the most common method to exploit the "Bash Bug" or "ShellShock" vulnerability?
ShellShockBash BugCGI exploitationweb server vulnerability - Question #44Information Security and Ethical Hacking Fundamentals
What term describes the amount of risk that remains after the vulnerabilities are classified and the countermeasures have been deployed?
residual riskrisk managementcountermeasuresrisk classification - Question #45System Hacking
A hacker has managed to gain access to a Linux host and stolen the password file from /etc/passwd. How can he use it?
/etc/passwdLinux authenticationpassword storageshadow passwords - Question #46Scanning Networks
A technician is resolving an issue where a computer is unable to connect to the Internet using a wireless access point. The computer is able to transfer files locally to other mach...
default gatewayIP addressingnetwork routing192.168.1.0/24 - Question #47Malware Threats
Chandler works as a pen-tester in an IT-firm in New York. As a part of detecting viruses in the systems, he uses a detection method where the anti-virus executes the malicious code...
code emulationvirus detectionvirtual machinemalware analysis - Question #48Scanning Networks
An attacker scans a host with the below command. Which three flags are set? #nmap -sX host.domain.com
Xmas scanNmap flagsURG PUSH FINTCP scanning - Question #49Information Security and Ethical Hacking Fundamentals
Due to a slowdown of normal network operations, the IT department decided to monitor internet traffic for all of the employees. From a legal stand point, what would be troublesome...
employee monitoringprivacylegal considerationsacceptable use policy - Question #50Cryptography
Which component of IPsec performs protocol-level functions that are required to encrypt and decrypt the packets?
IPsecIPsec driverencryption decryptionVPN protocols