312-50V11 Practice Questions
1,039 real 312-50V11 exam questions with expert-verified answers and explanations. Page 11 of 21.
- Question #501Information Security and Ethical Hacking Fundamentals
What is the term coined for logging, recording and resolving events in a company?
incident managementevent loggingsecurity operationsincident response - Question #502Cryptography
XOR is a common cryptographic tool. 10110001 XOR 00111010 is?
XOR operationbitwise arithmeticsymmetric encryptioncryptographic operations - Question #503Malware Threats
A server has been infected by a certain type of Trojan. The hacker intended to utilize it to send and host junk mails. What type of Trojan did the hacker use?
Botnet Trojanspam relaymalware classificationTrojan types - Question #504Social Engineering
First thing you do every office day is to check your email inbox. One morning, you received an email from your best friend and the subject line is quite strange. What should you do...
phishing awarenessemail securityincident reportingsocial engineering defense - Question #505Information Security and Ethical Hacking Fundamentals
Defining rules, collaborating human workforce, creating a backup plan, and testing the plans are within what phase of the Incident Handling Process?
incident handling phasespreparation phaseincident responsebackup planning - Question #506Sniffing
Which of the following BEST describes how Address Resolution Protocol (ARP) works?
ARP protocolMAC address resolutionbroadcast requestnetwork protocol - Question #507Social Engineering
Which of the following is a form of penetration testing that relies heavily on human interaction and often involves tricking people into breaking normal security procedures?
social engineeringhuman interactionpenetration testingsecurity awareness - Question #508Evading IDS, Firewalls, and Honeypots
What tool and process are you going to use in order to remain undetected by an IDS while pivoting and passing traffic over a server you've compromised and gained root access to?
IDS evasionCryptcatencrypted tunnelingpivoting - Question #509System Hacking
You've just gained root access to a Centos 6 server after days of trying. What tool should you use to maintain access?
persistencepost-exploitationmaintaining accesssystem hacking - Question #510Malware Threats
What type of malware is it that restricts access to a computer system that it infects and demands that the user pay a certain amount of money, cryptocurrency, etc. to the operators...
ransomwaremalware classificationcryptocurrency extortionaccess restriction - Question #511Hacking Wireless Networks
The following are types of Bluetooth attack EXCEPT_____?
Bluetooth attacksBluejackingBluesnarfingwireless attack types - Question #512Hacking Web Applications
Which of the following is the BEST approach to prevent Cross-site Scripting (XSS) flaws?
XSS preventioninput validationoutput escapingweb application security - Question #513Sniffing
A possibly malicious sequence of packets that were sent to a web server has been captured by an Intrusion Detection System (IDS) and was saved to a PCAP file. As a network administ...
protocol analyzerPCAP analysisnetwork forensicsIDS investigation - Question #514Hacking Web Applications
Which of the following is the BEST way to protect Personally Identifiable Information (PII) from being exploited due to vulnerabilities of varying web applications?
PII protectionencrypted communicationsweb application securitydata privacy - Question #515Sniffing
This configuration allows NIC to pass all traffic it receives to the Central Processing Unit (CPU), instead of passing only the frames that the controller is intended to receive. S...
promiscuous modeNIC configurationpacket capturenetwork sniffing - Question #516Cryptography
Which of the following is designed to verify and authenticate individuals taking part in a data exchange within an enterprise?
PKIdigital certificatesauthenticationenterprise identity - Question #517Vulnerability Analysis
A software tester is randomly generating invalid inputs in an attempt to crash the program. Which of the following is a software testing technique used to determine if a software p...
fuzzinginvalid input testingvulnerability discoverysoftware testing - Question #518System Hacking
What would you type on the Windows command line in order to launch the Computer Management Console provided that you are logged in as an admin?
Windows MMCcompmgmt.mscsystem administrationWindows commands - Question #519Hacking Wireless Networks
Which of the following is a wireless network detector that is commonly found on Linux?
Kismetwireless detectionLinux toolsnetwork scanning - Question #520Cryptography
Which specific element of security testing is being assured by using hash?
hashingdata integritycryptographic securityCIA triad - Question #521Information Security and Ethical Hacking Fundamentals
Which of the following is a restriction being enforced in "white box testing?"
white box testingpenetration testingtesting methodologiessecurity assessment - Question #522Vulnerability Analysis
Which of the following is a vulnerability in GNU's bash shell (discovered in September of 2014) that gives attackers access to run remote commands on a vulnerable system?
Shellshockbash vulnerabilityremote code executionCVE-2014-6271 - Question #523Cryptography
When security and confidentiality of data within the same LAN is of utmost priority, which IPSec mode should you implement?
IPSecESP transport modedata confidentialityLAN security - Question #524Scanning Networks
Jack was attempting to fingerprint all machines in the network using the following Nmap syntax: invictus@victim_server:~$ nmap -T4 -0 10.10.0.0/24 TCP/IP fingerprinting (for OS sca...
NmapOS fingerprintingroot privilegesTCP/IP fingerprinting - Question #525Hacking Web Applications
While performing online banking using a Web browser, Kyle receives an email that contains an image of a well-crafted art. Upon clicking the image, a new tab on the web browser open...
CSRFcross-site request forgerysession exploitationweb browser security - Question #526Hacking Web Applications
A hacker was able to easily gain access to a website. He was able to log in via the frontend user login form of the website using default or commonly used credentials. This exploit...
default credentialsdatabase hardeningauthentication weaknesssoftware design flaw - Question #527Information Security and Ethical Hacking Fundamentals
Supposed you are the Chief Network Engineer of a certain Telco. Your company is planning for a big business expansion and it requires that your network authenticate users connectin...
RADIUSAAA protocolauthenticationnetwork access control - Question #528Cryptography
Which type of cryptography does SSL, IKE and PGP belongs to?
public key cryptographySSLPGPIKE - Question #529Evading IDS, Firewalls, and Honeypots
A recent security audit revealed that there were indeed several occasions that the company's network was breached. After investigating, you discover that your IDS is not configured...
IDS alert typesfalse negativeintrusion detectionIDS misconfiguration - Question #530Evading IDS, Firewalls, and Honeypots
Which of the following is a hardware requirement that either an IDS/IPS system or a proxy server must have in order to properly function?
dual-homedIDS/IPS hardwareproxy servernetwork placement - Question #531Malware Threats
Which of the following is an application that requires a host application for replication?
virusmalware typeshost-dependent replicationmalware classification - Question #532Information Security and Ethical Hacking Fundamentals
Which of the following can the administrator do to verify that a tape backup can be recovered in its entirety?
backup recoverytape backupdata restorationbusiness continuity - Question #533Malware Threats
Which of the following describes the characteristics of a Boot Sector Virus?
boot sector virusMBR relocationdisk infectionmalware behavior - Question #534Hacking Web Applications
Which statement is TRUE regarding network firewalls preventing Web Application attacks?
network firewall limitationsweb application attacksports 80 443firewall bypass - Question #535Hacking Wireless Networks
Bluetooth uses which digital modulation technique to exchange information between paired devices?
Bluetoothphase-shift keyingwireless modulationPSK - Question #536Information Security and Ethical Hacking Fundamentals
In order to show improvement of security over time, what must be developed?
security metricssecurity improvementperformance measurementsecurity management - Question #537Footprinting and Reconnaissance
Passive reconnaissance involves collecting information through which of the following?
passive reconnaissanceOSINTpublic sourcesfootprinting - Question #538System Hacking
The following is a sample of output from a penetration tester's machine targeting a machine with the IP address of 192.168.1.106: What is most likely taking place?
brute forceremote service attackpassword crackingpenetration testing - Question #539Hacking Web Servers
Which statement best describes a server type under an N-tier architecture?
N-tier architectureserver rolesweb architectureapplication tiers - Question #540System Hacking
If an e-commerce site was put into a live environment and the programmers failed to remove the secret entry point that was used during the application development, what is this sec...
trap doorbackdoorSDLC securityinsecure development - Question #541Denial of Service
Which of the following network attacks relies on sending an abnormally large packet size that exceeds TCP/ IP specifications?
ping of deathoversized packetsDoS attacksTCP/IP - Question #542Scanning Networks
Which NMAP feature can a tester implement or adjust while scanning for open ports to avoid detection by the network's IDS?
NMAP timingIDS evasionport scanningstealth scanning - Question #543Information Security and Ethical Hacking Fundamentals
When comparing the testing methodologies of Open Web Application Security Project (OWASP) and Open Source Security Testing Methodology Manual (OSSTMM) the main difference is
OWASPOSSTMMtesting methodologiessecurity controls - Question #544Hacking Web Applications
Which Open Web Application Security Project (OWASP) implements a web application full of known vulnerabilities?
WebGoatOWASPvulnerable web applicationsecurity training - Question #545Information Security and Ethical Hacking Fundamentals
What are the three types of compliance that the Open Source Security Testing Methodology Manual (OSSTMM) recognizes?
OSSTMMcompliance typeslegislativetesting methodology - Question #546Cryptography
Which of the following algorithms provides better protection against brute force attacks by using a 160-bit message digest?
SHA-1message digesthash algorithmsbrute force resistance - Question #547Cryptography
Which cipher encrypts the plain text digit (bit or byte) one by one?
stream cipherblock ciphercipher typesencryption - Question #548Evading IDS, Firewalls, and Honeypots
Which of the following types of firewall inspects only header information in network traffic?
packet filterfirewall typesheader inspectionnetwork traffic - Question #549Scanning Networks
During a penetration test, the tester conducts an ACK scan using NMAP against the external interface of the DMZ firewall. NMAP reports that port 80 is unfiltered. Based on this res...
ACK scanNMAPstateless inspectionfirewall fingerprinting - Question #550Evading IDS, Firewalls, and Honeypots
Firewalk has just completed the second phase (the scanning phase) and a technician receives the output shown below. What conclusions can be drawn based on these scan results? TCP p...
FirewalkTTL exceededfirewall traversalport filtering