• Home
  • Articles
  • 312-50v10 Practice Exam Tests Latest Updated on Jan-2022 [Q67-Q90]

312-50v10 Practice Exam Tests Latest Updated on Jan-2022 [Q67-Q90]

Share

312-50v10 Practice Exam Tests Latest Updated on Jan-2022

Pass 312-50v10 Exam in First Attempt Guaranteed Dumps!


Module 9: Social Engineering

The section evaluates the examinees’ competency in social engineering; different social engineering methods; insider threats; impersonation on social networks; identity theft; social engineering countermeasures; identifying theft countermeasures; Social Engineering Pen Testing.

 

NEW QUESTION 67
A medium-sized healthcare IT business decides to implement a risk management strategy.
Which of the following is NOT one of the five basic responses to risk?

  • A. Accept
  • B. Delegate
  • C. Mitigate
  • D. Avoid

Answer: B

Explanation:
There are five main ways to manage risk: acceptance, avoidance, transference, mitigation or exploitation.
References: http://www.dbpmanagement.com/15/5-ways-to-manage-risk

 

NEW QUESTION 68
You are a Penetration Tester and are assigned to scan a server. You need to use a scanning technique
wherein the TCP Header is split into many packets so that it becomes difficult to detect what the packets
are meant for.
Which of the below scanning technique will you use?

  • A. Inverse TCP flag scanning
  • B. ACK flag scanning
  • C. IP Fragment Scanning
  • D. TCP Scanning

Answer: C

 

NEW QUESTION 69
Which of the following describes the characteristics of a Boot Sector Virus?

  • A. Moves the MBR to another location on the RAM and copies itself to the original location of the MBR
  • B. Overwrites the original MBR and only executes the new virus code
  • C. Modifies directory table entries so that directory entries point to the virus code instead of the actual program
  • D. Moves the MBR to another location on the hard disk and copies itself to the original location of the MBR

Answer: D

Explanation:
A boot sector virus is a computer virus that infects a storage device's master boot record (MBR). The virus moves the boot sector to another location on the hard drive.
References: https://www.techopedia.com/definition/26655/boot-sector-virus

 

NEW QUESTION 70
Which statement is TRUE regarding network firewalls preventing Web Application attacks?

  • A. Network firewalls can prevent attacks if they are properly configured.
  • B. Network firewalls cannot prevent attacks because ports 80 and 443 must be opened.
  • C. Network firewalls cannot prevent attacks because they are too complex to configure.
  • D. Network firewalls can prevent attacks because they can detect malicious HTTP traffic.

Answer: B

Explanation:
Explanation
Network layer firewalls, also called packet filters, operate at a relatively low level of the TCP/IP protocol stack, not allowing packets to pass through the firewall unless they match the established rule set. To prevent Web Application attacks an Application layer firewall would be required.
References: https://en.wikipedia.org/wiki/Firewall_(computing)#Network_layer_or_packet_filters

 

NEW QUESTION 71
A pen tester is configuring a Windows laptop for a test. In setting up Wireshark, what river and library are required to allow the NIC to work in promiscuous mode?

  • A. Winpcap
  • B. Libpcap
  • C. Winprom
  • D. Awinpcap

Answer: A

 

NEW QUESTION 72
Let's imagine three companies (A, B and C), all competing in a challenging global environment. Company A and B are working together in developing a product that will generate a major competitive advantage for them.
Company A has a secure DNS server while company B has a DNS server vulnerable to spoofing. With a spoofing attack on the DNS server of company B, company C gains access to outgoing e-mails from company
B. How do you prevent DNS spoofing?

  • A. Disable DNS Zone Transfer
  • B. Disable DNS timeouts
  • C. Install DNS logger and track vulnerable packets
  • D. Install DNS Anti-spoofing

Answer: D

 

NEW QUESTION 73
Which of the following BEST describes how Address Resolution Protocol (ARP) works?

  • A. It sends a reply packet for a specific IP, asking for the MAC address
  • B. It sends a request packet to all the network elements, asking for the domain name from a specific IP
  • C. It sends a reply packet to all the network elements, asking for the MAC address from a specific IP
  • D. It sends a request packet to all the network elements, asking for the MAC address from a specific IP

Answer: D

 

NEW QUESTION 74
You are looking for SQL injection vulnerability by sending a special character to web applications. Which of the following is the most useful for quick validation?

  • A. Semicolon
  • B. Backslash
  • C. Double quotation
  • D. Single quotation

Answer: D

Explanation:
Explanation/Reference:

 

NEW QUESTION 75
You want to do an ICMP scan on a remote computer using hping2. What is the proper syntax?

  • A. hping2-i host.domain.com
  • B. hping2 -1 host.domain.com
  • C. hping2 -set-ICMP host.domain.com
  • D. hping2 host.domain.com

Answer: B

Explanation:
Explanation

 

NEW QUESTION 76
During the process of encryption and decryption, what keys are shared?

  • A. Public and private keys
  • B. Private keys
  • C. Public keys
  • D. User passwords

Answer: C

 

NEW QUESTION 77
You are logged in as a local admin on a Windows 7 system and you need to launch the Computer Management Console from command line.
Which command would you use?

  • A. c:\compmgmt.msc
  • B. c:\gpedit
  • C. c:\services.msc
  • D. c:\ncpa.cp

Answer: A

Explanation:
Explanation
To start the Computer Management Console from command line just type compmgmt.msc
/computer:computername in your run box or at the command line and it should automatically open the Computer Management console.
References:
http://www.waynezim.com/tag/compmgmtmsc/

 

NEW QUESTION 78
Which of the following is a low-tech way of gaining unauthorized access to systems?

  • A. Sniffing
  • B. Eavesdropping
  • C. Social Engineering
  • D. Scanning

Answer: C

Explanation:
Social engineering, in the context of information security, refers to psychological manipulation of people into performing actions or divulging confidential information. A type of confidence trick for the purpose of information gathering, fraud, or system access.
References: https://en.wikipedia.org/wiki/Social_engineering_(security)

 

NEW QUESTION 79
A hacker is attempting to see which IP addresses are currently active on a network. Which NMAP switch would the hacker use?

  • A. -sO
  • B. -sS
  • C. -sU
  • D. -sP

Answer: D

 

NEW QUESTION 80
A new wireless client is configured to join a 802.11 network. This client uses the same hardware and software as many of the other clients on the network. The client can see the network, but cannot connect. A wireless packet sniffer shows that the Wireless Access Point (WAP) is not responding to the association requests being sent by the wireless client.
What is a possible source of this problem?

  • A. The WAP does not recognize the client's MAC address
  • B. Client is configured for the wrong channel
  • C. The client cannot see the SSID of the wireless network
  • D. The wireless client is not configured to use DHCP

Answer: A

Explanation:
Explanation
MAC Filtering (or GUI filtering, or layer 2 address filtering) refers to a security access control method whereby the 48-bit address assigned to each network card is used to determine access to the network. MAC Filtering is often used on wireless networks.
References: https://en.wikipedia.org/wiki/MAC_filtering

 

NEW QUESTION 81
The following is an entry captured by a network IDS. You are assigned the task of analyzing this entry. You notice the value 0x90, which is the most common NOOP instruction for the Intel processor. You figure that the attacker is attempting a buffer overflow attack.
You also notice "/bin/sh" in the ASCII part of the output.
As an analyst what would you conclude about the attack?

  • A. The attacker is creating a directory on the compromised machine
  • B. The buffer overflow attack has been neutralized by the IDS
  • C. The attacker is attempting an exploit that launches a command-line shell
  • D. The attacker is attempting a buffer overflow attack and has succeeded

Answer: C

 

NEW QUESTION 82
Your team has won a contract to infiltrate an organization. The company wants to have the attack be as
realistic as possible; therefore, they did not provide any information besides the company name. What
should be the first step in security testing the client?

  • A. Reconnaissance
  • B. Enumeration
  • C. Scanning
  • D. Escalation

Answer: A

 

NEW QUESTION 83
You perform a scan of your company's network and discover that TCP port 123 is open. What services by default run on TCP port 123?

  • A. Telnet
  • B. DNS
  • C. POP3
  • D. Network Time Protocol

Answer: D

 

NEW QUESTION 84
A security consultant decides to use multiple layers of anti-virus defense, such as end user desktop anti-virus and E-mail gateway. This approach can be used to mitigate which kind of attack?

  • A. Social engineering attack
  • B. Scanning attack
  • C. ARP spoofing attack
  • D. Forensic attack

Answer: A

 

NEW QUESTION 85
A medium-sized healthcare IT business decides to implement a risk management strategy. Which of the following is NOT one of the five basic responses to risk?

  • A. Accept
  • B. Delegate
  • C. Mitigate
  • D. Avoid

Answer: B

Explanation:
Explanation/Reference:

 

NEW QUESTION 86
Which type of antenna is used in wireless communication?

  • A. Omnidirectional
  • B. Bi-directional
  • C. Uni-directional
  • D. Parabolic

Answer: A

 

NEW QUESTION 87
Which security control role does encryption meet?

  • A. Defensive
  • B. Preventative
  • C. Detective
  • D. Offensive

Answer: B

 

NEW QUESTION 88
Which of the following scanning method splits the TCP header into several packets and makes it difficult
for packet filters to detect the purpose of the packet?

  • A. ACK flag probe scanning
  • B. IPID scanning
  • C. ICMP Echo scanning
  • D. SYN/FIN scanning using IP fragments

Answer: D

 

NEW QUESTION 89
There are several ways to gain insight on how a cryptosystem works with the goal of reverse engineering the process. A term describes when two pieces of data result in the value is?

  • A. Polymorphism
  • B. Collision
  • C. Escrow
  • D. Collusion

Answer: B

 

NEW QUESTION 90
......


Conclusion

Passing the EC-Council 312-50v10 is an important steps for one’s professional path in the sphere of cybersecurity. Through training and trusted books, you will acquire all the knowledge and skills a competent ethical hacker is expected to have. Launch the application process now, and see how your career will change soon.

 

Certified Ethical Hacker  Free Certification Exam Material from Prep4pass with 745 Questions: https://validtorrent.prep4pass.com/312-50v10_exam-braindumps.html

Related Articles

more
EC-COUNCIL 312-50v10 Certification Practice Exam

Prep4pass is experienced IT certification exam prep provider with high passing rate, our accurate and valid exam preparation help candidates pass exam 100%.

Latest Exam Prep

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2026 Prep4pass NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy