Download Certified Ethical Hacker v10 Exam.312-50v10.TestKing.2018-04-25.67q.vcex
| Vendor: | ECCouncil |
| Exam Code: | 312-50v10 |
| Exam Name: | Certified Ethical Hacker v10 Exam |
| Date: | Apr 25, 2018 |
| File Size: | 145 KB |
How to open VCEX files?
Files with VCEX extension can be opened by ProfExam Simulator.
Discount: 20%
Demo Questions
Question 1
A company's Web development team has become aware of a certain type of security vulnerability in their Web software. To mitigate the possibility of this vulnerability being exploited, the team wants to modify the software requirements to disallow users from entering HTML as input into their Web application.
What kind of Web application vulnerability likely exists in their software?
- Cross-site scripting vulnerability
- Web site defacement vulnerability
- SQL injection vulnerability
- Cross-site Request Forgery vulnerability
Correct answer: A
Question 2
Insecure direct object reference is a type of vulnerability where the application does not verify if the user is authorized to access the internal object via its name or key.
Suppose a malicious user Rob tries to get access to the account of a benign user Ned.
Which of the following requests best illustrates an attempt to exploit an insecure direct object reference vulnerability?
- “GET/restricted/goldtransfer?to=Rob&from=1 or 1=1’ HTTP/1.1Host: westbank.com”
- “GET/restricted/accounts/?name=Ned HTTP/1.1 Host: westbank.com”
- “GET/restricted/bank.getaccount(‘Ned’) HTTP/1.1 Host: westbank.com”
- “GET/restricted/\r\n\%00account%00Ned%00access HTTP/1.1 Host: westbank.com”
Correct answer: B
Question 3
Which tool allows analysts and pen testers to examine links between data using graphs and link analysis?
- Metasploit
- Cain & Abel
- Maltego
- Wireshark
Correct answer: C
Question 4
Which of these is capable of searching for and locating rogue access points?
- HIDS
- NIDS
- WISS
- WIPS
Correct answer: D
Question 5
A hacker is an intelligent individual with excellent computer skills and the ability to explore a computer’s software and hardware without the owner’s permission. Their intention can either be to simply gain knowledge or to illegally make changes.
Which of the following class of hacker refers to an individual who works both offensively and defensively at various times?
- White Hat
- Suicide Hacker
- Gray Hat
- Black Hat
Correct answer: C
Question 6
Websites and web portals that provide web services commonly use the Simple Object Access Protocol (SOAP). Which of the following is an incorrect definition or characteristics of the protocol?
- Based on XML
- Only compatible with the application protocol HTTP
- Exchanges data between web services
- Provides a structured model for messaging
Correct answer: B
Question 7
You have gained physical access to a Windows 2008 R2 server which has an accessible disc drive. When you attempt to boot the server and log in, you are unable to guess the password. In your toolkit, you have an Ubuntu 9.10 Linux LiveCD. Which Linux-based tool can change any user’s password or activate disabled Windows accounts?
- John the Ripper
- SET
- CHNTPW
- Cain & Abel
Correct answer: C
Question 8
What type of vulnerability/attack is it when the malicious person forces the user’s browser to send an authenticated request to a server?
- Cross-site request forgery
- Cross-site scripting
- Session hijacking
- Server side request forgery
Correct answer: A
Question 9
From the following table, identify the wrong answer in terms of Range (ft).
- 802.11b
- 802.11g
- 802.16(WiMax)
- 802.11a
Correct answer: D
Question 10
What would you enter, if you wanted to perform a stealth scan using Nmap?
- nmap -sU
- nmap -sS
- nmap -sM
- nmap -sT
Correct answer: B
HOW TO OPEN VCE FILES
Use VCE Exam Simulator to open VCE files
HOW TO OPEN VCEX AND EXAM FILES
Use ProfExam Simulator to open VCEX and EXAM files
ProfExam at a 20% markdown
You have the opportunity to purchase ProfExam at a 20% reduced price
Get Now!