312-50V9 Exam Questions
613 real 312-50V9 exam questions with expert-verified answers and explanations. Page 1 of 13.
- Question #1Scanning Networks
You have successfully comprised a server having an IP address of 10.10.0.5. You would like to enumerate all machines in the same network quickly. What is the best nmap command you...
nmapnetwork scanninghost discoverysubnet enumeration - Question #2Scanning Networks
You have compromised a server on a network and successfully opened a shell. You aimed to identify all operating systems running on the network. However, as you attempt to fingerpri...
nmapOS fingerprintingroot privilegesTCP/IP fingerprinting - Question #3Sniffing
Which of the following statements is TRUE?
sniffersOSI modelLayer 2data link layer - Question #4System Hacking
You are logged in as a local admin on a Windows 7 system and you need to launch the Computer Management Console from command line. Which command would you use?
Windows administrationMMC consolecommand linesystem tools - Question #5SQL Injection
What is the best description of SQL Injection?
SQL injectiondatabase attackunauthorized accessdefinition - Question #6Sniffing
Which of the following is the BEST way to defend against network sniffing?
sniffing countermeasuresencryptionnetwork defenseprotocol security - Question #7Evading IDS, Firewalls, and Honeypots
You have successfully gained access to a linux server and would like to ensure that the succeeding outgoing traffic from this server will not be caught by a Network Based Intrusion...
NIDS evasionencryptiontraffic obfuscationIDS bypass - Question #8Evading IDS, Firewalls, and Honeypots
You just set up a security system in your network. In what kind of system would you find the following string of characters used as a rule within its configuration? alert tcp any a...
IDS rulesSnortrule syntaxintrusion detection - Question #9Introduction to Ethical Hacking
What is the benefit of performing an unannounced Penetration Testing?
penetration testingunannounced testingsecurity posturepentest methodology - Question #10Scanning Networks
You have successfully compromised a machine on the network and found a server that is alive on the same network. You tried to ping it but you didn't get any response back. What is...
ICMPpinghost discoverynetwork troubleshooting - Question #11Introduction to Ethical Hacking
Under the "Post-attack Phase and Activities", it is the responsibility of the tester to restore the systems to a pre-test state. Which of the following activities should not be inc...
post-attack phasesystem restorationpentest methodologycleanup activities - Question #12Introduction to Ethical Hacking
It is a regulation that has a set of guidelines, which should be adhered to by anyone who handles any electronic medical data. These guidelines stipulate that all medical practices...
HIPAAhealthcare complianceelectronic medical dataregulatory framework - Question #13Introduction to Ethical Hacking
Which of the following is a component of a risk assessment?
risk assessmentadministrative safeguardssecurity controlsrisk components - Question #14Introduction to Ethical Hacking
A medium-sized healthcare IT business decides to implement a risk management strategy. Which of the following is NOT one of the five basic responses to risk?
risk managementrisk responsesrisk strategyrisk treatment - Question #15Vulnerability Analysis
Your company was hired by a small healthcare provider to perform a technical assessment on the network. What is the best approach for discovering vulnerabilities on a Windows-based...
vulnerability scanningNessusWindows vulnerabilitiesvulnerability assessment tools - Question #16Malware Threats
Nation-state threat actors often discover vulnerabilities and hold on to them until they want to launch a sophisticated attack. The Stuxnet attack was an unprecedented style of att...
zero-day exploitStuxnetnation-state attackAPT - Question #17Hacking Web Applications
An attacker changes the profile information of a particular user (victim) on the target website. The attacker uses this string to update the victim's profile to a text file and the...
CSRFcross-site request forgeryHTTP GET/POSTweb application attack - Question #18System Hacking
It is a vulnerability in GNU's bash shell, discovered in September of 2014, that gives attackers access to run remote commands on a vulnerable system. The malicious software can ta...
Shellshockbash vulnerabilityremote code executionCVE-2014-6271 - Question #19Social Engineering
When you return to your desk after a lunch break, you notice a strange email in your inbox. The sender is someone you did business with recently, but the subject line has strange c...
phishingemail securityincident responsesocial engineering awareness - Question #20Sniffing
The network administrator contacts you and tells you that she noticed the temperature on the internal wireless router increases by more than 20% during weekend hours when the offic...
Wiresharkpacket capturewireless traffic analysisnetwork monitoring - Question #21Introduction to Ethical Hacking
A regional bank hires your company to perform a security assessment on their network after a recent data breach. The attacker was able to steal financial data from the bank by comp...
DMZnetwork segmentationsecurity architecturedefense in depth - Question #22Scanning Networks
Port scanning can be used as part of a technical assessment to determine network vulnerabilities. The TCP XMAS scan is used to identify listening ports on the targeted system. If a...
TCP XMAS scanport scanningopen port behaviorstealth scanning - Question #23Footprinting and Reconnaissance
During a recent security assessment, you discover the organization has one Domain Name Server (DNS) in a Demilitarized Zone (DMZ) and a second DNS server on the internal network. W...
Split DNSDNS architectureDMZinternal DNS - Question #24Hacking Wireless Networks
This tool is an 802.11 WEP and WPA-PSK keys cracking program that can recover keys once enough data packets have been captured. It implements the standard FMS attack along with som...
Aircrack-ngWEP crackingFMS attackPTW attack - Question #25Cryptography
The Heartbleed bug was discovered in 2014 and is widely referred to under MITRE's Common Vulnerabilities and Exposures (CVE) as CVE-2014-0160. This bug affects the OpenSSL implemen...
HeartbleedOpenSSLprivate key exposureTLS vulnerability - Question #26Hacking Wireless Networks
In 2007, this wireless security algorithm was rendered useless by capturing packets and discovering the passkey in a matter of seconds. This security flaw led to a network invasion...
WEPwardrivingwireless encryptionpacket capture - Question #27Introduction to Ethical Hacking
Which of the following is considered an acceptable option when managing a risk?
risk managementrisk mitigationrisk treatmentsecurity policy - Question #28Cryptography
Which security control role does encryption meet?
encryptionpreventative controlsecurity control typescryptography - Question #29Introduction to Ethical Hacking
Which type of access control is used on a router or firewall to limit network activity?
rule-based access controlACLfirewall policynetwork access control - Question #30Enumeration
At a Windows Server command prompt, which command could be used to list the running services?
sc queryWindows services enumerationcommand promptrunning services - Question #31Social Engineering
A security consultant decides to use multiple layers of anti-virus defense, such as end user desktop anti- virus and E-mail gateway. This approach can be used to mitigate which kin...
defense in depthanti-virus layeringsocial engineering defenseemail gateway - Question #32Vulnerability Analysis
Which of the following resources does NMAP need to be used as a basic vulnerability scanner covering several vectors like SMB, HTTP and FTP?
NMAP scripting engineNSEvulnerability scanningSMB HTTP FTP - Question #33Vulnerability Analysis
Which of the following scanning tools is specifically designed to find potential exploits in Microsoft Windows products?
MBSAMicrosoft Baseline Security AnalyzerWindows vulnerability scanningsecurity tools - Question #34Introduction to Ethical Hacking
A security analyst is performing an audit on the network to determine if there are any deviations from the security policies in place. The analyst discovers that a user from the IT...
remote access policydial-out modemsecurity policy auditacceptable use - Question #35Introduction to Ethical Hacking
When creating a security program, which approach would be used if senior management is supporting and enforcing the security policy?
top-down approachsecurity programsenior managementsecurity policy - Question #36Introduction to Ethical Hacking
Which of the following processes evaluates the adherence of an organization to its stated security policy?
security auditingpolicy complianceassessment typesorganizational security - Question #37Introduction to Ethical Hacking
A security consultant is trying to bid on a large contract that involves penetration testing and reporting. The company accepting bids wants proof of work so the consultant prints...
professional ethicsconfidentialitypenetration test reportingdata disclosure - Question #38Introduction to Ethical Hacking
Which type of scan is used on the eye to measure the layer of blood vessels?
retinal scanbiometricsauthentication factorsblood vessel layer - Question #39Introduction to Ethical Hacking
What is the main reason the use of a stored biometric is vulnerable to an attack?
stored biometricbiometric vulnerabilityimpersonation attackauthentication weakness - Question #40Hacking Wireless Networks
During a wireless penetration test, a tester detects an access point using WPA2 encryption. Which of the following attacks should be used to obtain the key?
WPA2 cracking4-way handshake capturewireless attack methodology802.11i - Question #41Hacking Wireless Networks
Which type of antenna is used in wireless communication?
antenna typesomnidirectionalwireless communication - Question #42Introduction to Ethical Hacking
What is the name of the international standard that establishes a baseline level of confidence in the security functionality of IT products by providing a set of requirements for e...
Common CriteriaIT security standardsproduct evaluationsecurity certification - Question #43Cryptography
One way to defeat a multi-level security solution is to leak data via
covert channelmulti-level securitydata exfiltrationinformation leakage - Question #44Hacking Web Applications
Which of the following conditions must be given to allow a tester to exploit a Cross-Site Request Forgery (CSRF) vulnerable web application?
CSRFanti-CSRF tokenweb application securitysession management - Question #45SQL Injection
What is the main difference between a "Normal" SQL Injection and a "Blind" SQL Injection vulnerability?
blind SQL injectionerror-based SQLiSQL injection typesapplication error handling - Question #46SQL Injection
During a penetration test, a tester finds a target that is running MS SQL 2000 with default credentials. The tester assumes that the service is running with Local System account. H...
xp_cmdshellMS SQL Serverstored proceduresprivilege escalation - Question #47Introduction to Ethical Hacking
The precaution of prohibiting employees from bringing personal computing devices into a facility is what type of security control?
security controlsprocedural controlphysical security policyBYOD policy - Question #48Evading IDS, Firewalls, and Honeypots
A pentester gains access to a Windows application server and needs to determine the settings of the built- in Windows firewall. Which command would be used?
Windows firewallnetsh commandfirewall configurationpost-exploitation - Question #49Introduction to Ethical Hacking
In the software security development life cycle process, threat modeling occurs in which phase?
threat modelingSDLCsecure developmentdesign phase - Question #50Evading IDS, Firewalls, and Honeypots
A network administrator received an administrative alert at 3:00 a.m. from the intrusion detection system. The alert was generated because a large number of packets were coming int...
false positiveIDS alert classificationFTP trafficintrusion detection