EnsurePass
2017 Aug ECCouncil Official New Released 312-50v9
100% Free Download! 100% Pass Guaranteed!
http://www.EnsurePass.com/312-50v9.html

Certified Ethical Hacker Exam V9

Question No: 51

While performing online banking using a web browser, a user receives an email that contains alink to an interesting Web site. When the user clicks on the link, another web browser session starts and displays a video of cats playing a piano. The next business day, the user receives what looks like an email from his bank, indicating that his bank account has been accessed from a foreign country. The email asks the user to call his bank and verify the authorization of a funds transfer that took place.

What web browser-based security vulnerability was exploited to compromise the user?

  1. Cross-Site Request Forgery

  2. Cross-Site Scripting

  3. Web form input validation

  4. Clickjacking

Answer: A

Question No: 52

It is a kind of malware (malicious software) that criminals install on your computer so they can lock it from a remote location. This malware generates a pop-up windows, webpage,or email warning from what looks like an officialauthority. It explains your computer has been locked because of possible illegal activities and demands payment before you can access your files and programs again.

Which term best matches this definition?

  1. Spyware

  2. Adware

  3. Ransomware

  4. Riskware

Answer: C

Question No: 53

An Internet Service Provider (ISP) has a need to authenticate users connecting using analog modems, digital Subscriber Line (DSL), wireless data services, and virtual Private Networks (VPN) over a Frame Relay network.

Which AAA protocol is most likely able to handle this requirement?

  1. DIAMETER

  2. Kerberos

  3. RADIUS

  4. TACACS

Answer: D

Question No: 54

What is the most common method to exploit the 鈥淏ash Bug鈥?or ShellShock鈥?vulnerability?

  1. SSH

  2. SYN Flood

  3. Manipulate format strings in text fields

  4. Through Web servers utilizing CGI (CommonGateway Interface) to send a malformed environment variable to a vulnerable Web server

Answer: D

Question No: 55

PGP, SSL, and IKE are all examples of which type of cryptography?

  1. Hash Algorithm

  2. Secret Key

  3. Public Key

  4. Digest

Answer: C

Question No: 56

Which of the following tools can be used for passiveOS fingerprinting?

  1. tcpdump

  2. ping

  3. nmap

  4. Tracert

Answer: C

Question No: 57

The chance of a hard drive failure is once every three years. The cost to buy a new hard drive is $300. It will require 10 hours to restore the OS and software to the new hard disk. It will require a further 4 hours to restore the database from the last backup to the new hard

disk. The recovery person earns $10/hour. Calculate theSLE, ARO, and ALE. Assume the EF = 1 (100%).

What is the closest approximate cost of this replacement and recovery operation per year?

A. $100 B. $146 C. 440

D. 1320

Answer: B

Question No: 58

The security concept of 鈥渟eparation of duties鈥?is most similar to the operation ofwhich type of security device?

  1. Bastion host

  2. Honeypot

  3. Firewall

  4. Intrusion Detection System

Answer: C

Question No: 59

You are performing information gathering for an important penetration test. You have found pdf, doc, and images in your objective. You decide to extract metadata from these files and analyze it.

What tool will help you with the task?

  1. Armitage

  2. Dimitry

  3. cdpsnarf

  4. Metagoofil

Answer: D

Question No: 60

The heartland bug was discovered in 2014 and is widely referred to under MITRE’s Common Vulnerabilities and Exposures (CVE) as CVE-2004-1060. Thisbug affects the OpenSSL implementation of the transport Layer security (TLS) protocols defined in RFC6520.

What types of key does this bug leave exposed to the Internet making exploitation of any compromised system very easy?

  1. Root

  2. Private

  3. Shared

  4. Public

Answer: A

100% Free Download!
Download Free Demo:312-50v9 Demo PDF
100% Pass Guaranteed!
Download 2017 EnsurePass 312-50v9 Full Exam PDF and VCE
Get 10% off your purchase! Copy it:TJDN-947R-9CCD [2017.07.01-2017.07.31]

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 EnsurePass IT Certification PDF and VCE