312-50V11 Practice Questions
1,039 real 312-50V11 exam questions with expert-verified answers and explanations. Page 20 of 21.
- Question #953Malware Threats
What type of virus is most likely to remain undetected by antivirus software?
stealth virusantivirus evasionmalware detectionvirus types - Question #954Hacking Mobile Platforms
Ben purchased a new smartphone and received some updates on it through the OTA method. He received two messages: one with a PIN from the network operator and another asking him to...
OTA attackadvanced SMS phishingSIM provisioningmobile exploitation - Question #955Vulnerability Analysis
Jack, a professional hacker, targets an organization and performs vulnerability scanning on the target web server to identify any possible weaknesses, vulnerabilities, and misconfi...
Netsparkervulnerability scanningweb server assessmentautomated tools - Question #956IoT and OT Hacking
Stephen, an attacker, targeted the industrial control systems of an organization. He generated a fraudulent email with a malicious attachment and sent it to employees of the target...
spear phishingICS attackindustrial control systemsOT security - Question #957Scanning Networks
Shiela is an information security analyst working at HiTech Security Solutions. She is performing service version discovery using Nmap to obtain information about the running servi...
Nmapservice version discovery-sV flagnetwork scanning - Question #958Hacking Mobile Platforms
Kate dropped her phone and subsequently encountered an issue with the phone's internal speaker. Thus, she is using the phone's loudspeaker for phone calls and other activities. Bob...
Spearphone attackloudspeaker eavesdroppinghardware exploitationmobile privacy - Question #959Vulnerability Analysis
Jude, a pen tester, examined a network from a hacker's perspective to identify exploits and vulnerabilities accessible to the outside world by using devices such as firewalls, rout...
external assessmentvulnerability assessment typespenetration testingnetwork perimeter - Question #960Information Security and Ethical Hacking Fundamentals
Roma is a member of a security team. She was tasked with protecting the internal network of an organization from imminent threats. To accomplish this task, Roma fed threat intellig...
technical threat intelligencethreat feedsmalicious traffic blockingnetwork defense - Question #961Footprinting and Reconnaissance
Becky has been hired by a client from Dubai to perform a penetration test against one of their remote offices. Working from her location in Columbus, Ohio, Becky runs her usual rec...
RIPE NCCregional Internet registryWhois lookupIP geolocation - Question #962Social Engineering
Joel, a professional hacker, targeted a company and identified the types of websites frequently visited by its employees. Using this information, he searched for possible loopholes...
watering hole attackdrive-by downloadmalicious script injectionweb-based malware - Question #963Footprinting and Reconnaissance
Juliet, a security researcher in an organization, was tasked with checking for the authenticity of images to be used in the organization's magazines. She used these images as a sea...
reverse image searchOSINTimage trackingfootprinting techniques - Question #964Scanning Networks
A security analyst uses Zenmap to perform an ICMP timestamp ping scan to acquire information related to the current time from the target host machine. Which of the following Zenmap...
ICMP timestamp pingNmap flagsZenmapnetwork scanning - Question #965Enumeration
Elante company has recently hired James as a penetration tester. He was tasked with performing enumeration on an organization's network. In the process of enumeration, James discov...
FTPport 21service enumerationnetwork ports - Question #966Vulnerability Analysis
Given below are different steps involved in the vulnerability-management life cycle. 1) Remediation 2) Identify assets and create a baseline 3) Verification 4) Monitor 5) Vulnerabi...
vulnerability management lifecyclerisk assessmentremediationvulnerability scanning - Question #967System Hacking
Tony is a penetration tester tasked with performing a penetration test. After gaining initial access to a target system, he finds a list of hashed passwords. Which of the following...
password crackinghash crackingpenetration testing toolsnetcat - Question #968Evading IDS, Firewalls, and Honeypots
Which Nmap switch helps evade IDS or firewalls?
Nmap decoy scanIDS evasionfirewall evasion-D flag - Question #969Cryptography
Harper, a software engineer, is developing an email application. To ensure the confidentiality of email messages. Harper uses a symmetric-key block cipher having a classical 12- or...
CAST-128Feistel networkblock ciphersymmetric encryption - Question #970Footprinting and Reconnaissance
Which of the following Google advanced search operators helps an attacker in gathering information about websites that are similar to a specified target URL?
Google dorkingrelated operatorOSINTweb footprinting - Question #971Hacking Wireless Networks
The security team of Debry Inc. decided to upgrade Wi-Fi security to thwart attacks such as dictionary attacks and key recovery attacks. For this purpose, the security team started...
WPA3SAEdragonfly key exchangewireless security protocols - Question #972Hacking Web Applications
Stella, a professional hacker, performs an attack on web services by exploiting a vulnerability that provides additional routing information in the SOAP header to support asynchron...
WS-Address spoofingSOAP headerweb services attacksXML routing - Question #973Footprinting and Reconnaissance
James is working as an ethical hacker at Technix Solutions. The management ordered James to discover how vulnerable its network is towards footprinting attacks. James took the help...
OSINT frameworkautomated reconnaissanceopen-source intelligencefootprinting tools - Question #974Cloud Computing
Thomas, a cloud security professional, is performing security assessment on cloud services to identify any loopholes. He detects a vulnerability in a bare-metal cloud server that c...
cloudborne attackbare-metal serverfirmware backdoorIaaS vulnerability - Question #975Information Security and Ethical Hacking Fundamentals
Which among the following is the best example of the third step (delivery) in the cyber kill chain?
cyber kill chaindelivery phaseattack lifecyclemalware stages - Question #976Evading IDS, Firewalls, and Honeypots
Dayn, an attacker, wanted to detect if any honeypots are installed in a target network. For this purpose, he used a time-based TCP fingerprinting method to validate the response to...
honeypot detectionHoneydTCP fingerprintingtime-based analysis - Question #977Malware Threats
Which type of malware spreads from one system to another or from one network to another and causes similar types of damage as viruses do to the infected system?
computer wormmalware typesnetwork propagationself-replicating malware - Question #978Hacking Wireless Networks
A group of hackers were roaming around a bank office building in a city, driving a luxury car. They were using hacking tools on their laptop with the intention to find a free-acces...
wardrivingwireless network discoveryWi-Fi hackingrogue access point - Question #979Information Security and Ethical Hacking Fundamentals
John, a security analyst working for an organization, found a critical vulnerability on the organization's LAN that allows him to view financial and personal information about the...
cybercriminalhacker ethicsunauthorized accessinsider threat - Question #980Cryptography
BitLocker encryption has been implemented for all the Windows-based computers in an organization. You are concerned that someone might lose their cryptographic key. Therefore, a me...
key archivalBitLockercryptographic key managementActive Directory - Question #981Sniffing
Miley, a professional hacker, decided to attack a target organization's network. To perform the attack, she used a tool to send fake ARP messages over the target network to link he...
ARP spoofingBetterCAPMAC address spoofingMITM attack - Question #982Malware Threats
Mason, a professional hacker, targets an organization and spreads Emotet malware through malicious script. After infecting the victim's device. Mason further used Emotet to spread...
Emotet malwarecredential enumeratornetwork sharesbotnet propagation - Question #983Hacking Wireless Networks
Which wireless security protocol replaces the personal pre-shared key (PSK) authentication with Simultaneous Authentication of Equals (SAE) and is therefore resistant to offline di...
WPA3-PersonalSAE authenticationPSK replacementoffline dictionary attacks - Question #984Hacking Web Servers
A "Server-Side Includes" attack refers to the exploitation of a web application by injecting scripts in HTML pages or executing arbitrary code remotely. Which web-page file type, i...
Server-Side IncludesSSI injectionweb server vulnerabilityfile extensions - Question #985Hacking Web Applications
Which of the following web vulnerabilities would an attacker be attempting to exploit if they delivered the following input? <!DOCTYPE blah [ < IENTITY trustme SYSTEM "file:///etc/...
XXE injectionXML external entityDOCTYPE payloadfile disclosure - Question #986Enumeration
Which of the following allows attackers to draw a map or outline the target organization's network infrastructure to know about the actual environment that they are going to hack.
network mappinginfrastructure reconnaissanceenumerationattack phases - Question #987Cloud Computing
Eric, a cloud security engineer, implements a technique for securing the cloud resources used by his organization. This technique assumes by default that a user attempting to acces...
zero trust networkcloud securityleast privilegeaccess control - Question #988Hacking Web Applications
Calvin, a software developer, uses a feature that helps him auto-generate the content of a web page without manual involvement and is integrated with SSI directives. This leads to...
SSI injectionserver-side includesinput validationcode injection - Question #989IoT and OT Hacking
John, a professional hacker, targeted CyberSol Inc., an MNC. He decided to discover the loT devices connected in the target network that are using default credentials and are vulne...
IoT securitydefault credentialsIoTSeekerdevice scanning - Question #990Information Security and Ethical Hacking Fundamentals
Josh has finished scanning a network and has discovered multiple vulnerable services. He knows that several of these usually have protections against external sources but are frequ...
cyber kill chainreconnaissanceweaponizationattack stages - Question #991Vulnerability Analysis
An organization decided to harden its security against web-application and web-server attacks. John, a security personnel in the organization, employed a security scanner to automa...
web application scannervulnerability scanningXSS detectionSQL injection testing - Question #992System Hacking
To hide the file on a Linux system, you have to start the filename with a specific character. What is the character?
Linux file hidinghidden filesperiod prefixpost-exploitation - Question #993Scanning Networks
Harris is attempting to identify the OS running on his target machine. He inspected the initial TTL in the IP header and the related TCP window size and obtained the following resu...
OS fingerprintingTTL valuesTCP window sizepassive OS detection - Question #994Vulnerability Analysis
Attacker Rony installed a rogue access point within an organization's perimeter and attempted to intrude into its internal network. Johnson, a security auditor, identified some unu...
wireless network assessmentrogue access pointvulnerability assessment typesauthentication weakness - Question #995Cryptography
Jane is working as a security professional at CyberSol Inc. She was tasked with ensuring the authentication and integrity of messages being transmitted in the corporate network. To...
web of trustpublic key ringasymmetric encryptionmessage integrity - Question #996Scanning Networks
While performing an Nmap scan against a host, Paola determines the existence of a firewall. In an attempt to determine whether the firewall is stateful or stateless, which of the f...
Nmap ACK scanfirewall detectionstateful firewall-sA flag - Question #997Cryptography
Bob wants to ensure that Alice can check whether his message has been tampered with. He creates a checksum of the message and encrypts it using asymmetric cryptography. What key do...
digital signatureprivate key signingmessage integrityasymmetric cryptography - Question #998IoT and OT Hacking
Mirai malware targets loT devices. After infiltration, it uses them to propagate and create botnets that then used to launch which types of attack?
Mirai malwareIoT botnetDDoS attackmalware propagation - Question #999Information Security and Ethical Hacking Fundamentals
What information security law or standard aims at protecting stakeholders and the general public from accounting errors and fraudulent activities within organizations?
SOXcompliance frameworkaccounting fraudregulatory law - Question #1000Cryptography
Kevin, an encryption specialist, implemented a technique that enhances the security of keys used for encryption and authentication. Using this technique, Kevin input an initial key...
key derivation functionkey stretchingbrute-force resistanceencryption keys - Question #1001Hacking Web Applications
Ron, a security professional, was pen testing web applications and SaaS platforms used by his company. While testing, he found a vulnerability that allows hackers to gain unauthori...
API securityCORS misconfigurationunauthorized API accessOWASP API - Question #1002Information Security and Ethical Hacking Fundamentals
Leverox Solutions hired Arnold, a security professional, for the threat intelligence process. Arnold collected information about specific threats against the organization. From thi...
threat intelligencestrategic intelligencethreat analysisattacker methodology