EC-Council 312-50v10 Certified Ethical Hacker Exam (C|EH v10) Online Training
EC-Council 312-50v10 Online Training
The questions for 312-50v10 were last updated at Nov 23,2024.
- Exam Code: 312-50v10
- Exam Name: Certified Ethical Hacker Exam (C|EH v10)
- Certification Provider: EC-Council
- Latest update: Nov 23,2024
Code injection is a form of attack in which a malicious user.
- A . Inserts text into a data field that gets interpreted as code
- B . Gets the server to execute arbitrary code using a buffer overflow
- C . Inserts additional code into the JavaScript running in the browser
- D . Gains access to the codebase on the server and inserts new code
Bob, your senior colleague, has sent you a mail regarding a a deal with one of the clients. You are requested to accept the offer and you oblige.
After 2 days, Bob denies that he had ever sent a mail.
What do you want to “know" to prove yourself that it was Bob who had send a mail?
- A . Confidentiality
- B . Integrity
- C . Non-Repudiation
- D . Authentication
To determine if a software program properly handles a wide range of invalid input, a form of automated testing can be used to randomly generate invalid input in an attempt to crash the program.
What term is commonly used when referring to this type of testing?
- A . Randomizing
- B . Bounding
- C . Mutating
- D . Fuzzing
You have gained physical access to a Windows 2008R 2 server which has an accessible disc drive.
When you attempt to boot the server and login, you are unable to guess the password. In your toolkit, you have an Ubuntu 9.10 Linux Live CD.
Which Linux-based tool can change any user’s password or activate disabled Windows accounts?
- A . John the Ripper
- B . SET
- C . CHNTPW
- D . Cain & Abel
Which of the following options represents a conceptual characteristic of an anomaly-based IDS over a signature-based IDS?
- A . Produces less false positives
- B . Can identify unknown attacks
- C . Requires vendor updates for a new threat
- D . Cannot deal with encrypted network traffic
…..is an attack type for a rogue Wi-Fi access point that appears to be a legitimate one offered on the premises, but actually has been setup to eavesdrop on wireless communications. It is the wireless version of the phishing scam. An attacker fools wireless users into connecting a laptop or mobile phone to a tainted hotspot by posing as a legitimate provider. This type of attack maybe used to steal the passwords of unsuspecting users by either snooping the communication link or by phishing, which involves setting up a fraudulent website and luring people there.
Fill in the blank with appropriate choice.
- A . Evil Twin Attack
- B . Sinkhole Attack
- C . Collision Attack
- D . Signal Jamming Attack
Which of the following program infects the system boot sector and the executable files at the same time?
- A . Stealth virus
- B . Polymorphic virus
- C . Macro virus
- D . Multipartite Virus
Although FTP traffic is not encrypted by default, which layer 3 protocol would allow for end-to-end encryption of the connection?
- A . IPsec
- B . SFTP
- C . FTPS
- D . SSL
Why should the security analyst disable/remove unnecessary ISAPI filters?
- A . To defend against social engineering attacks
- B . To defend against webserver attacks
- C . To defend against jail breaking
- D . To defend against wireless attacks
In which of the following password protection technique, random strings of characters are added to the password before calculating their hashes?
- A . Keyed Hashing
- B . Key Stretching
- C . Salting
- D . Double Hashing
Latest 312-50v10 Dumps Valid Version with 736 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund
