Exam2pass
0 items Sign In or Register
  • Home
  • IT Exams
  • Guarantee
  • FAQs
  • Reviews
  • Contact Us
  • Demo
Exam2pass > EC-COUNCIL > EC-COUNCIL Certifications > 312-50V9 > 312-50V9 Online Practice Questions and Answers

312-50V9 Online Practice Questions and Answers

Questions 4

You are about to be hired by a well known Bank to perform penetration tests. Which of the following documents describes the specifics of the testing, the associated violations, and essentially protects both the bank's interest and your liabilities as a tester?

A. Service Level Agreement

B. Non-Disclosure Agreement

C. Terms of Engagement

D. Project Scope

Buy Now

Correct Answer: C Section: (none)

Questions 5

A network admin contacts you. He is concerned that ARP spoofing or poisoning might occur on his network. What are some things he can do to prevent it? Select the best answers.

A. Use port security on his switches.

B. Use a tool like ARPwatch to monitor for strange ARP activity.

C. Use a firewall between all LAN segments.

D. If you have a small network, use static ARP entries.

E. Use only static IP addresses on all PC's.

Buy Now

Correct Answer: ABD Section: (none)

Questions 6

When a normal TCP connection starts, a destination host receives a SYN (synchronize/start) packet from a source host and sends back a SYN/ACK (synchronize acknowledge). The destination host must then hear an ACK (acknowledge) of the SYN/ACK before the connection is established. This is referred to as the "TCP three-way handshake." While waiting for the ACK to the SYN ACK, a connection queue of finite size on the destination host keeps track of connections waiting to be completed. This queue typically empties quickly since the ACK is expected to arrive a few milliseconds after the SYN ACK. How would an attacker exploit this design by launching TCP SYN attack?

A. Attacker generates TCP SYN packets with random destination addresses towards a victim host

B. Attacker floods TCP SYN packets with random source addresses towards a victim host

C. Attacker generates TCP ACK packets with random source addresses towards a victim host

D. Attacker generates TCP RST packets with random source addresses towards a victim host

Buy Now

Correct Answer: B Section: (none)

Questions 7

Your company was hired by a small healthcare provider to perform a technical assessment on the network.

What is the best approach for discovering vulnerabilities on a Windows-based computer?

A. Use a scan tool like Nessus

B. Use the built-in Windows Update tool

C. Check MITRE.org for the latest list of CVE findings

D. Create a disk image of a clean Windows installation

Buy Now

Correct Answer: A Section: (none)

Nessus is an open-source network vulnerability scanner that uses the Common Vulnerabilities and

Exposures architecture for easy cross-linking between compliant security tools. The Nessus server is

currently available for Unix, Linux and FreeBSD. The client is available for Unix- or Windows-based

operating systems.

Note: Significant capabilities of Nessus include:

Compatibility with computers and servers of all sizes.

Detection of security holes in local or remote hosts.

Detection of missing security updates and patches.

Simulated attacks to pinpoint vulnerabilities.

Execution of security tests in a contained environment.

Scheduled security audits.

References: http://searchnetworking.techtarget.com/definition/Nessus

Questions 8

Which of the following is an extremely common IDS evasion technique in the web world?

A. unicode characters

B. spyware

C. port knocking

D. subnetting

Buy Now

Correct Answer: A Section: (none)

Unicode attacks can be effective against applications that understand it. Unicode is the international standard whose goal is to represent every character needed by every written human language as a single integer number. What is known as Unicode evasion should more correctly be referenced as UTF-8 evasion. Unicode characters are normally represented with two bytes, but this is impractical in real life. One aspect of UTF-8 encoding causes problems: non-Unicode characters can be represented encoded. What is worse is multiple representations of each character can exist. Non-Unicode character encodings are known as overlong characters, and may be signs of attempted attack.

References: http://books.gigatux.nl/mirror/apachesecurity/0596007248/apachesc-chp-10-sect-8.html

Questions 9

Which of these is capable of searching for and locating rogue access points?

A. HIDS

B. WISS

C. WIPS

D. NIDS

Buy Now

Correct Answer: C Section: (none)

Questions 10

A tester has been hired to do a web application security test. The tester notices that the site is dynamic and must make use of a back end database. In order for the tester to see if SQL injection is possible, what is the first character that the tester should use to attempt breaking a valid SQL request?

A. Semicolon

B. Single quote

C. Exclamation mark

D. Double quote

Buy Now

Correct Answer: B Section: (none)

Questions 11

A security engineer is attempting to map a company's internal network. The engineer enters in the following NMAP command:

NMAP璶璼 S 璓0 璸 80 ***.***.**.**

What type of scan is this?

A. Quick scan

B. Intense scan

C. Stealth scan

D. Comprehensive scan

Buy Now

Correct Answer: C Section: (none)

Questions 12

Which of the following is a common Service Oriented Architecture (SOA) vulnerability?

A. Cross-site scripting

B. SQL injection

C. VPath injection

D. XML denial of service issues

Buy Now

Correct Answer: D Section: (none)

Questions 13

Which of the following network attacks takes advantage of weaknesses in the fragment reassembly functionality of the TCP/IP protocol stack?

A. Teardrop

B. SYN flood

C. Smurf attack

D. Ping of death

Buy Now

Correct Answer: A Section: (none)

Exam Code: 312-50V9
Exam Name: EC-Council Certified Ethical Hacker (C|EH v9)
Last Update:
Questions: 125

PDF (Q&A)

$45.99
ADD TO CART

VCE

$49.99
ADD TO CART

PDF + VCE

$59.99
ADD TO CART

Exam2Pass----The Most Reliable Exam Preparation Assistance

There are tens of thousands of certification exam dumps provided on the internet. And how to choose the most reliable one among them is the first problem one certification candidate should face. Exam2Pass provide a shot cut to pass the exam and get the certification. If you need help on any questions or any Exam2Pass exam PDF and VCE simulators, customer support team is ready to help at any time when required.

Home | Guarantee & Policy |  Privacy & Policy |  Terms & Conditions |  How to buy |  FAQs |  About Us |  Contact Us |  Demo |  Reviews

2026 Copyright @ exam2pass.com All trademarks are the property of their respective vendors. We are not associated with any of them.