312-50V11 Practice Questions
1,039 real 312-50V11 exam questions with expert-verified answers and explanations. Page 17 of 21.
- Question #803Cryptography
What is the main security service a cryptographic hash provide?
cryptographic hashintegritycomputational infeasibilitycollision resistance - Question #804Vulnerability Analysis
When a security analyst prepares for the formal security assessment, what of the following should be done in order to determine inconsistencies in the secure assets database and ve...
vulnerability scanningsecurity baselinecomplianceasset inventory - Question #805Information Security and Ethical Hacking Fundamentals
These hackers have limited or no training and know how to use only basic techniques or tools. What kind of hackers are we talking about?
hacker typesscript kiddiesthreat actors - Question #806Cryptography
How is the public key distributed in an orderly, controlled fashion so that the users can be sure of the sender's identity?
PKIdigital certificatepublic key distributionkey management - Question #807Information Security and Ethical Hacking Fundamentals
The network team has well-established procedures to follow for creating new rules on the firewall. This includes having approval from a manager prior to implementing any new rules....
firewall policychange managementunauthorized changessecurity governance - Question #808Information Security and Ethical Hacking Fundamentals
The Payment Card Industry Data Security Standard (PCI DSS) con ai s six different categories of control objectives. Each objective contains one or more requirements, which must be...
PCI DSSaccess controlcomplianceunique user ID - Question #809Information Security and Ethical Hacking Fundamentals
Nedved is an IT Security Manager of a bank in his country. One day. he found out that there is a security bre ch to his company's email server based on analysis of a suspicious con...
incident responsecontainmentbreach responsenetwork isolation - Question #810Social Engineering
Vlady works in a fishing company where the majority of the employees have very little understanding of IT let alone IT Security. Several information security issues that Vlady ofte...
security awarenesspassword policyhuman factorinsider threat - Question #811Scanning Networks
Techno Security Inc. recently hired John as a penetration tester. He was tasked with identifying open ports in the target network and determining whether the ports are online and a...
NmapTCP SYN pinghost discoverynetwork scanning - Question #812Cloud Computing
Heather's company has decided to use a new customer relationship management tool. After performing the appropriate research, they decided to purchase a subscription to a cloud-host...
SaaScloud service modelsmanaged servicescloud deployment - Question #813Vulnerability Analysis
A post-breach forensic investigation revealed that a known vulnerability in Apache Struts was to blame for the Equifax data breach that affected 143 million customers. A fix was av...
patch managementvulnerability managementApache Strutsdata breach - Question #814Cryptography
Bella, a security professional working at an it firm, finds that a security breach has occurred while transferring important files. Sensitive data, employee usernames. and password...
FTPSsecure file transferencryptiondigital certificates - Question #815Hacking Wireless Networks
There have been concerns in your network that the wireless network component is not sufficiently secure. You perform a vulnerability scan of the wireless network and find that it i...
WEPwireless encryptionlegacy protocols802.11 - Question #816Hacking Web Applications
Judy created a forum, one day. she discovers that a user is posting strange images without writing comments. She immediately calls a security expert, who discovers that the followi...
XSSsession cookie theftcross-site scriptingJavaScript injection - Question #817Hacking Web Applications
Gilbert, a web developer, uses a centralized web API to reduce complexity and increase the Integrity of updating and changing data. For this purpose, he uses a web service that use...
RESTful APIweb servicesHTTP methodsAPI types - Question #818Vulnerability Analysis
An organization is performing a vulnerability assessment tor mitigating threats. James, a pen tester, scanned the organization by building an inventory of the protocols found on th...
vulnerability assessmentinference-based assessmentservice identificationport scanning - Question #819Hacking Web Servers
What is the first step for a hacker conducting a DNS cache poisoning (DNS spoofing) attack against an organization?
DNS cache poisoningDNS spoofingnameserver queryattack methodology - Question #820Footprinting and Reconnaissance
Emily, an extrovert obsessed with social media, posts a large amount of private information, photographs, and location tags of recently visited places. Realizing this. James, a pro...
OSINTgeolocationsocial media reconnaissanceHootsuite - Question #821Denial of Service
Abel, a security professional, conducts penetration testing in his client organization to check for any security loopholes. He launched an attack on the DHCP servers by broadcastin...
DHCP starvationDHCP exhaustionDoSnetwork attack - Question #822Cloud Computing
Abel, a cloud architect, uses container technology to deploy applications/software including all its dependencies, such as libraries and configuration files, binaries, and other re...
container technologyimage signingcontainer registrytier architecture - Question #823Hacking Wireless Networks
in an attempt to increase the security of your network, you Implement a solution that will help keep your wireless network undiscoverable and accessible only to those that know It....
SSID broadcastingwireless securitynetwork concealmentaccess control - Question #824SQL Injection
Suppose that you test an application for the SQL injection vulnerability. You know that the backend database is based on Microsoft SQL Server. In the login/password form, you enter...
SQL injectionauthentication bypasscomment syntaxMSSQL - Question #825Scanning Networks
If you want to only scan fewer ports than the default scan using Nmap tool, which option would you use?
Nmapport scanningfast scanscan options - Question #826IoT and OT Hacking
George is a security professional working for iTech Solutions. He was tasked with securely transferring sensitive data of the organization between industrial systems. In this proce...
ZigbeeIEEE 802.15.4short-range wirelessIoT protocols - Question #827Footprinting and Reconnaissance
is a set of extensions to DNS that provide the origin authentication of DNS data to DNS clients (resolvers) so as to reduce the threat of DNS poisoning, spoofing, and similar types...
DNSSECDNS securityDNS poisoning preventionspoofing mitigation - Question #828Hacking Web Servers
Larry, a security professional in an organization, has noticed some abnormalities In the user accounts on a web server. To thwart evolving attacks, he decided to harden the securit...
web server hardeningleast privilegeuser account managementaccess control - Question #829System Hacking
By performing a penetration test, you gained access under a user account. During the test, you established a connection with your own machine via the SMB service and occasionally e...
bash historycovering trackscredential cleanupSMB - Question #830Cryptography
Ethical backer jane Doe is attempting to crack the password of the head of the it department of ABC company. She Is utilizing a rainbow table and notices upon entering a password t...
password saltingrainbow table defensepassword hashingcredential security - Question #831Hacking Mobile Platforms
Bobby, an attacker, targeted a user and decided to hijack and intercept all their wireless communications. He installed a fake communication tower between two authentic endpoints t...
aLTEr attackLTE securityrogue base stationman-in-the-middle - Question #832Cryptography
in this form of encryption algorithm, every Individual block contains 64-bit data, and three keys are used, where each key consists of 56 bits. Which is this encryption algorithm?
Triple DES3DESblock ciphersymmetric encryption - Question #833Malware Threats
To create a botnet. the attacker can use several techniques to scan vulnerable machines. The attacker first collects Information about a large number of vulnerable machines to crea...
botnethit-list scanningmalware propagationscanning techniques - Question #834Footprinting and Reconnaissance
Which file is a rich target to discover the structure of a website during web-server footprinting?
web server footprintingrobots.txtwebsite structureinformation gathering - Question #835Malware Threats
John, a professional hacker, performs a network attack on a renowned organization and gains unauthorized access to the target network. He remains in the network without being detec...
APTpersistent accessstealthy intrusionlong-term compromise - Question #836Footprinting and Reconnaissance
Clark, a professional hacker, was hired by an organization lo gather sensitive Information about its competitors surreptitiously. Clark gathers the server IP address of the target...
ARINWHOISnetwork rangeIP footprinting - Question #837Footprinting and Reconnaissance
Louis, a professional hacker, had used specialized tools or search engines to encrypt all his browsing activity and navigate anonymously to obtain sensitive/hidden information abou...
dark web footprintingTor networkanonymous browsingOSINT - Question #838SQL Injection
Daniel Is a professional hacker who Is attempting to perform an SQL injection attack on a target Injection attempts based on predefined signatures. To evade any comparison statemen...
SQL injection evasionvariation techniqueIDS bypasssignature evasion - Question #839Evading IDS, Firewalls, and Honeypots
Clark is a professional hacker. He created and configured multiple domains pointing to the same host to switch quickly between the domains and avoid detection. Identify the behavio...
proxy activitiesdomain switchingC2 infrastructuredetection evasion - Question #840Malware Threats
To invisibly maintain access to a machine, an attacker utilizes a toolkit that sits undetected In the core components of the operating system. What is this type of rootkit an examp...
kernel rootkitrootkit typesOS core componentspersistent access - Question #841Evading IDS, Firewalls, and Honeypots
which of the following information security controls creates an appealing isolated environment for hackers to prevent them from compromising critical targets while simultaneously g...
honeypotdeception technologyattacker profilingintrusion detection - Question #842IoT and OT Hacking
Bob, an attacker, has managed to access a target loT device. He employed an online tool to gather information related to the model of the loT device and the certifications granted...
IoT reconnaissanceFCC IDdevice information gatheringonline tools - Question #843Session Hijacking
Samuel, a professional hacker, monitored and Intercepted already established traffic between Bob and a host machine to predict Bob's ISN. Using this ISN, Samuel sent spoofed packet...
TCP session hijackingISN predictionIP spoofingblind hijacking - Question #844Session Hijacking
Boney, a professional hacker, targets an organization for financial benefits. He performs an attack by sending his session ID using an MITM attack technique. Boney first obtains a...
session donationsession fixationMITMpayment fraud - Question #845Scanning Networks
During an Xmas scan what indicates a port is closed?
Xmas scanport scanningRST responseclosed port - Question #846Social Engineering
Steve, an attacker, created a fake profile on a social media website and sent a request to Stella. Stella was enthralled by Steve's profile picture and the description given for hi...
honey trapsocial media manipulationsocial engineeringpretexting - Question #847Malware Threats
The network users are complaining because their system are slowing down. Further, every time they attempt to go a website, they receive a series of pop-ups with advertisements. Wha...
adwaremalware typespop-up adssystem slowdown - Question #848Information Security and Ethical Hacking Fundamentals
Attacker Lauren has gained the credentials of an organization's internal server system, and she was often logging in during irregular times to monitor the network activities. The o...
incident triageincident handlingIH&R phasesattack analysis - Question #849Hacking Web Applications
Susan, a software developer, wants her web API to update other applications with the latest information. For this purpose, she uses a user-defined HTTP tailback or push APIs that a...
webhookspush APIreal-time dataHTTP callbacks - Question #850Cloud Computing
Sam, a professional hacker. targeted an organization with intention of compromising AWS IAM credentials. He attempted to lure one of the employees of the organization by initiating...
AWS IAMcredential theftphishingsocial engineering - Question #851Vulnerability Analysis
Attacker Rony Installed a rogue access point within an organization's perimeter and attempted to Intrude into its internal network. Johnson, a security auditor, identified some unu...
wireless network assessmentrogue access pointvulnerability assessmentauthentication cracking - Question #852IoT and OT Hacking
what is the port to block first in case you are suspicious that an loT device has been compromised?
IoT securityport blockingdevice compromisenetwork ports