• Home
  • Microsoft Exam Dumps
  • Why Choose Lead2pass?
  • Sitemap

Lead2pass New Updated IT Exam Questions

Exam collection of Micfosoft, Cisco,IBM,CompTIA and other IT exam

Menu
  • Home
  • Microsoft Exam Dumps
  • Why Choose Lead2pass?
  • Sitemap
Home › 312-50v9 Dumps › 312-50v9 Exam Questions › 312-50v9 New Questions › 312-50v9 PDF › 312-50v9 VCE › EC-Council › [2017 Newest] Updated Lead2pass EC-Council 312-50v9 Braindump Free Download (181-200)

[2017 Newest] Updated Lead2pass EC-Council 312-50v9 Braindump Free Download (181-200)

admin September 29, 2017     Comment Closed    

Lead2pass 2017 September New EC-Council 312-50v9 Exam Dumps!

100% Free Download! 100% Pass Guaranteed!

In recent years, many people choose to take EC-Council 312-50v9 certification exam which can make you get the EC-Council certificate and that is the passport to get a better job and get promotions. How to prepare for EC-Council 312-50v9 exam and get the certificate? Please refer to EC-Council 312-50v9 exam questions and answers on Lead2pass.

Following questions and answers are all new published by EC-Council Official Exam Center: https://www.lead2pass.com/312-50v9.html

QUESTION 181
A certified ethical hacker (CEH) is approached by a friend who believes her husband is cheating. She offers to pay to break into her husband’s email account in order to find proof so she can take him to court. What is the ethical response?

A.    Say no; the friend is not the owner of the account.
B.    Say yes; the friend needs help to gather evidence.
C.    Say yes; do the job for free.
D.    Say no; make sure that the friend knows the risk she’s asking the CEH to take.

Answer: A

QUESTION 182
This international organization regulates billions of transactions daily and provides security guidelines to protect personally identifiable information (PII). These security controls provide a baseline and prevent low- level hackers sometimes known as script kiddies from causing a data breach.
Which of the following organizations is being described?

A.    Payment Card Industry (PCI)
B.    Center for Disease Control (CDC)
C.    Institute of Electrical and Electronics Engineers (IEEE)
D.    International Security Industry Organization (ISIO)

Answer: A
Explanation:
The Payment Card Industry Data Security Standard (PCI DSS) is a proprietary information security standard for organizations that handle branded credit cards from the major card schemes including Visa, MasterCard, American Express, Discover, and JCB. The PCI DSS standards are very explicit about the requirements for the back end storage and access of PII (personally identifiable information).
https://en.wikipedia.org/wiki/Payment_Card_Industry_Data_Security_Standard

QUESTION 183
Your company performs penetration tests and security assessments for small and medium-sized business in the local area. During a routine security assessment, you discover information that suggests your client is involved with human trafficking.
What should you do?

A.    Immediately stop work and contact the proper legal authorities.
B.    Copy the data to removable media and keep it in case you need it.
C.    Confront the client in a respectful manner and ask her about the data.
D.    Ignore the data and continue the assessment until completed as agreed.

Answer: A
Explanation:

QUESTION 184
Jesse receives an email with an attachment labeled “Court_Notice_21206.zip”. Inside the zip file is a file named “Court_Notice_21206.docx.exe” disguised as a word document. Upon execution, a window appears stating, “This word document is corrupt.” In the background, the file copies itself to Jesse APPDATA\local directory and begins to beacon to a C2 server to download additional malicious binaries.
What type of malware has Jesse encountered?

A.    Trojan
B.    Worm
C.    Macro Virus
D.    Key-Logger

Answer: A
Explanation:
In computing, Trojan horse, or Trojan, is any malicious computer program which is used to hack into a computer by misleading users of its true intent. Although their payload can be anything, many modern forms act as a backdoor, contacting a controller which can then have unauthorized access to the affected computer.
https://en.wikipedia.org/wiki/Trojan_horse_(computing)

QUESTION 185
Which tool allows analysts and pen testers to examine links between data using graphs and link analysis?

A.    Maltego
B.    Cain & Abel
C.    Metasploit
D.    Wireshark

Answer: A
Explanation:
Maltego is proprietary software used for open-source intelligence and forensics, developed by Paterva.
Maltego focuses on providing a library of transforms for discovery of data from open sources, and visualizing that information in a graph format, suitable for link analysis and data mining.
https://en.wikipedia.org/wiki/Maltego

QUESTION 186
While using your bank’s online servicing you notice the following string in the URL bar:

“http:// www.MyPersonalBank.com/account?id=368940911028389&Damount=10980&Camount=21″

You observe that if you modify the Damount & Camount values and submit the request, that data on the web page reflect the changes.
Which type of vulnerability is present on this site?

A.    Web Parameter Tampering
B.    Cookie Tampering
C.    XSS Reflection
D.    SQL injection

Answer: A
Explanation:
The Web Parameter Tampering attack is based on the manipulation of parameters exchanged between client and server in order to modify application data, such as user credentials and permissions, price and quantity of products, etc. Usually, this information is stored in cookies, hidden form fields, or URL Query Strings, and is used to increase application functionality and control.
https://www.owasp.org/index.php/Web_Parameter_Tampering

QUESTION 187
Perspective clients want to see sample reports from previous penetration tests.
What should you do next?

A.    Decline but, provide references.
B.    Share full reports, not redacted.
C.    Share full reports with redactions.
D.    Share reports, after NDA is signed.

Answer: A
Explanation:
Penetration tests data should not be disclosed to third parties.

QUESTION 188
During a blackbox pen test you attempt to pass IRC traffic over port 80/TCP from a compromised web enabled host. The traffic gets blocked; however, outbound HTTP traffic is unimpeded.
What type of firewall is inspecting outbound traffic?

A.    Application
B.    Circuit
C.    Stateful
D.    Packet Filtering

Answer: C

QUESTION 189
Jimmy is standing outside a secure entrance to a facility. He is pretending to have a tense conversation on his cell phone as an authorized employee badges in. Jimmy, while still on the phone, grabs the door as it begins to close.
What just happened?

A.    Piggybacking
B.    Masqurading
C.    Phishing
D.    Whaling

Answer: A
Explanation:
In security, piggybacking refers to when a person tags along with another person who is authorized to gain entry into a restricted area, or pass a certain checkpoint.
https://en.wikipedia.org/wiki/Piggybacking_(security)

QUESTION 190
You’ve gained physical access to a Windows 2008 R2 server which has an accessible disc drive. When you attempt to boot the server and log in, you are unable to guess the password. In your tool kit you have an Ubuntu 9.10 Linux LiveCD. Which Linux based tool has the ability to change any user’s password or to activate disabled Windows accounts?

A.    CHNTPW
B.    Cain & Abel
C.    SET
D.    John the Ripper

Answer: A
Explanation:
chntpw is a software utility for resetting or blanking local passwords used by Windows NT, 2000, XP, Vista, 7, 8 and 8.1. It does this by editing the SAM database where Windows stores password hashes.
https://en.wikipedia.org/wiki/Chntpw

QUESTION 191
An attacker has installed a RAT on a host. The attacker wants to ensure that when a user attempts to go to “www.MyPersonalBank.com”, that the user is directed to a phishing site.
Which file does the attacker need to modify?

A.    Hosts
B.    Sudoers
C.    Boot.ini
D.    Networks

Answer: A
Explanation:
The hosts file is a computer file used by an operating system to map hostnames to IP addresses. The hosts file contains lines of text consisting of an IP address in the first text field followed by one or more host names.
https://en.wikipedia.org/wiki/Hosts_(file)

QUESTION 192
After trying multiple exploits, you’ve gained root access to a Centos 6 server. To ensure you maintain access, what would you do first?

A.    Create User Account
B.    Disable Key Services
C.    Disable IPTables
D.    Download and Install Netcat

Answer: A

QUESTION 193
What is the Shellshock bash vulnerability attempting to do on an vulnerable Linux host?

env x=`(){ :;};echo exploit` bash -c ‘cat /etc/passwd’

A.    Display passwd content to prompt
B.    Removes the passwd file
C.    Changes all passwords in passwd
D.    Add new user to the passwd file

Answer: A
Explanation:
To extract private information, attackers are using a couple of techniques. The simplest extraction attacks are in the form:
() {:;}; /bin/cat /etc/passwd
That reads the password file /etc/passwd, and adds it to the response from the web server. So an attacker injecting this code through the Shellshock vulnerability would see the password file dumped out onto their screen as part of the web page returned.
https://blog.cloudflare.com/inside-shellshock/

QUESTION 194
Using Windows CMD, how would an attacker list all the shares to which the current user context has access?

A.    NET USE
B.    NET CONFIG
C.    NET FILE
D.    NET VIEW

Answer: A
Explanation:
Connects a computer to or disconnects a computer from a shared resource, or displays information about computer connections. The command also controls persistent net connections. Used without parameters, net use retrieves a list of network connections.
https://technet.microsoft.com/en-us/library/bb490717.aspx

QUESTION 195
A common cryptographical tool is the use of XOR. XOR the following binary values:

10110001
00111010

A.    10001011
B.    11011000
C.    10011101
D.    10111100

Answer: A
Explanation:
The XOR gate is a digital logic gate that implements an exclusive or; that is, a true output (1/HIGH) results if one, and only one, of the inputs to the gate is true. If both inputs are false (0/LOW) or both are true, a false output results. XOR represents the inequality function, i.e., the output is true if the inputs are not alike otherwise the output is false. A way to remember XOR is “one or the other but not both”.
https://en.wikipedia.org/wiki/XOR_gate

QUESTION 196
Which of the following is the successor of SSL?

A.    TLS
B.    RSA
C.    GRE
D.    IPSec

Answer: A
Explanation:
Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL), both of which are frequently referred to as ‘SSL’, are cryptographic protocols that provide communications security over a computer network.
https://en.wikipedia.org/wiki/Transport_Layer_Security

QUESTION 197
You are attempting to man-in-the-middle a session. Which protocol will allow you to guess a sequence number?

A.    TCP
B.    UPD
C.    ICMP
D.    UPX

Answer: A
Explanation:
At the establishment of a TCP session the client starts by sending a SYN-packet (SYN=synchronize) with a sequence number. To hijack a session it is required to send a packet with a right seq-number, otherwise they are dropped.
https://www.exploit-db.com/papers/13587/

QUESTION 198
Your team has won a contract to infiltrate an organization. The company wants to have the attack be as realistic as possible; therefore, they did not provide any information besides the company name.
What should be the first step in security testing the client?

A.    Reconnaissance
B.    Enumeration
C.    Scanning
D.    Escalation

Answer: A
Explanation:
Phases of hacking
Phase 1–Reconnaissance
Phase 2–Scanning
Phase 3–Gaining Access
Phase 4–Maintaining Access
Phase 5–Covering Tracks
Phase 1: Passive and Active Reconnaissance
Passive reconnaissance involves gathering information regarding a potential target without the targeted individual’s or company’s knowledge.
Active reconnaissance involves probing the network to discover individual hosts, IP addresses, and services on the network.
http://hack-o-crack.blogspot.se/2010/12/five-stages-of-ethical-hacking.html

QUESTION 199
Which regulation defines security and privacy controls for Federal information systems and organizations?

A.    NIST-800-53
B.    PCI-DSS
C.    EU Safe Harbor
D.    HIPAA

Answer: A
Explanation:
NIST Special Publication 800-53, “Security and Privacy Controls for Federal Information Systems and Organizations,” provides a catalog of security controls for all U.S. federal information systems except those related to national security.
https://en.wikipedia.org/wiki/NIST_Special_Publication_800-53

QUESTION 200
How does the Address Resolution Protocol (ARP) work?

A.    It sends a request packet to all the network elements, asking for the MAC address from a specific IP.
B.    It sends a reply packet to all the network elements, asking for the MAC address from a specific IP.
C.    It sends a reply packet for a specific IP, asking for the MAC address.
D.    It sends a request packet to all the network elements, asking for the domain name from a specific IP.

Answer: A
Explanation:
When an incoming packet destined for a host machine on a particular local area network arrives at a gateway, the gateway asks the ARP program to find a physical host or MAC address that matches the IP address. The ARP program looks in the ARP cache and, if it finds the address, provides it so that the packet can be converted to the right packet length and format and sent to the machine. If no entry is found for the IP address, ARP broadcasts a request packet in a special format to all the machines on the LAN to see if one machine knows that it has that IP address associated with it. A machine that recognizes the IP address as its own returns a reply so indicating. ARP updates the ARP cache for future reference and then sends the packet to the MAC address that replied.
http://searchnetworking.techtarget.com/definition/Address-Resolution-Protocol-ARP

More free Lead2pass 312-50v9 exam new questions on Google Drive: https://drive.google.com/open?id=0B3Syig5i8gpDTVZJRHRvblhycms

Lead2pass is a good website that provides all candidates with the latest IT certification exam materials. Lead2pass will provide you with the exam questions and verified answers that reflect the actual exam. The EC-Council 312-50v9 exam dumps are developed by experienced IT professionals. 99.9% of hit rate. Guarantee you success in your 312-50v9 exam with our exam materials.

2017 EC-Council 312-50v9 (All 589 Q&As) exam dumps (PDF&VCE) from Lead2pass:

https://www.lead2pass.com/312-50v9.html [100% Exam Pass Guaranteed]

312-50v9 Dumps 312-50v9 Exam Questions 312-50v9 New Questions 312-50v9 PDF 312-50v9 VCE EC-Council
312-50v9 braindumps312-50v9 exam dumps312-50v9 exam question312-50v9 pdf dumps312-50v9 practice test312-50v9 study guide312-50v9 vce dumpsLead2pass 312-50v9

 Previous Post

[2017 Newest] Updated Lead2pass EC-Council 312-50v9 Braindump Free Download (161-180)

―September 29, 2017

Next Post 

[2017 Newest] Updated Lead2pass EC-Council 312-50v9 Braindump Free Download (201-220)

―September 30, 2017

Author: admin

Related Articles

admin ― May 26, 2018 | Comment Closed

[May 2018] Lead2pass 2018 New 312-50v9 Exam PDF Ensure 312-50v9 Certification Exam Pass Successfully 614q

2018 New Lead2pass EC-Council 312-50v9 Dumps Free Download: https://www.lead2pass.com/312-50v9.html QUESTION 31A security consultant decides to use multiple layers of anti-virus

admin ― April 11, 2018 | Comment Closed

[April 2018] New Lead2pass 312-50v9 Dumps PDF Version Released For Free Downloading 614q

admin ― February 26, 2018 | Comment Closed

[February 2018] 312-50v9 Exam Dump Free Updation Availabe In Lead2pass 614q

admin ― February 26, 2018 | Comment Closed

[February 2018] Latest Lead2pass 312-50v9 Exam Free 312-50v9 Dumps Download 614q

admin ― January 15, 2018 | Comment Closed

[January 2018] Latest 312-50v9 Dumps PDF Free Download In Lead2pass 614q

admin ― November 15, 2017 | Comment Closed

[Lead2pass New] Free Lead2pass EC-Council 312-50v9 Dumps VCE Download (401-420)

admin ― November 15, 2017 | Comment Closed

[Lead2pass New] Free Lead2pass EC-Council 312-50v9 Dumps VCE Download (381-400)

admin ― November 15, 2017 | Comment Closed

[Lead2pass New] Free Lead2pass EC-Council 312-50v9 Dumps VCE Download (361-380)

Categories

Premium VCE Test Engine

VCE Exam Simulator for Mobile

Take exams on your mobile device the same way you do on your desktop. iPhone, iPad and Android devices are supported.

Hottest Microsoft Exam Dumps

HOTMicrosoft 70-243 Dumps ➤ PDF & VCE
HOTMicrosoft 70-246 Dumps ➤ PDF & VCE
HOTMicrosoft 70-247 Dumps ➤ PDF & VCE
HOTMicrosoft 70-331 Dumps ➤ PDF & VCE
HOTMicrosoft 70-332 Dumps ➤ PDF & VCE
HOTMicrosoft 70-333 Dumps ➤ PDF & VCE
HOTMicrosoft 70-341 Dumps ➤ PDF & VCE
HOTMicrosoft 70-342 Dumps ➤ PDF & VCE
HOTMicrosoft 70-346 Dumps ➤ PDF & VCE
HOTMicrosoft 70-347 Dumps ➤ PDF & VCE
HOTMicrosoft 70-410 Dumps ➤ PDF & VCE
HOTMicrosoft 70-411 Dumps ➤ PDF & VCE
HOTMicrosoft 70-412 Dumps ➤ PDF & VCE
HOTMicrosoft 70-413 Dumps ➤ PDF & VCE
HOTMicrosoft 70-414 Dumps ➤ PDF & VCE
HOTMicrosoft 70-417 Dumps ➤ PDF & VCE
HOTMicrosoft 70-457 Dumps ➤ PDF & VCE
HOTMicrosoft 70-458 Dumps ➤ PDF & VCE
HOTMicrosoft 70-461 Dumps ➤ PDF & VCE
HOTMicrosoft 70-462 Dumps ➤ PDF & VCE
HOTMicrosoft 70-463 Dumps ➤ PDF & VCE
HOTMicrosoft 70-464 Dumps ➤ PDF & VCE
HOTMicrosoft 70-465 Dumps ➤ PDF & VCE
HOTMicrosoft 70-466 Dumps ➤ PDF & VCE
HOTMicrosoft 70-467 Dumps ➤ PDF & VCE
HOTMicrosoft 70-469 Dumps ➤ PDF & VCE
HOTMicrosoft 70-480 Dumps ➤ PDF & VCE
HOTMicrosoft 70-481 Dumps ➤ PDF & VCE
HOTMicrosoft 70-482 Dumps ➤ PDF & VCE
HOTMicrosoft 70-483 Dumps ➤ PDF & VCE
HOTMicrosoft 70-486 Dumps ➤ PDF & VCE
HOTMicrosoft 70-487 Dumps ➤ PDF & VCE
HOTMicrosoft 70-488 Dumps ➤ PDF & VCE
HOTMicrosoft 70-489 Dumps ➤ PDF & VCE
HOTMicrosoft 70-511 Dumps ➤ PDF & VCE
HOTMicrosoft 70-513 Dumps ➤ PDF & VCE
HOTMicrosoft 70-515 Dumps ➤ PDF & VCE
HOTMicrosoft 70-532 Dumps ➤ PDF & VCE
HOTMicrosoft 70-533 Dumps ➤ PDF & VCE
HOTMicrosoft 70-534 Dumps ➤ PDF & VCE
HOTMicrosoft 70-640 Dumps ➤ PDF & VCE
HOTMicrosoft 70-642 Dumps ➤ PDF & VCE
HOTMicrosoft 70-646 Dumps ➤ PDF & VCE
HOTMicrosoft 70-687 Dumps ➤ PDF & VCE
HOTMicrosoft 70-688 Dumps ➤ PDF & VCE
HOTMicrosoft 70-689 Dumps ➤ PDF & VCE
HOTMicrosoft 70-692 Dumps ➤ PDF & VCE
HOTMicrosoft 70-695 Dumps ➤ PDF & VCE
HOTMicrosoft 70-696 Dumps ➤ PDF & VCE
HOTMicrosoft 70-697 Dumps ➤ PDF & VCE
HOTMicrosoft 74-335 Dumps ➤ PDF & VCE
HOTMicrosoft 74-338 Dumps ➤ PDF & VCE
HOTMicrosoft 74-343 Dumps ➤ PDF & VCE
HOTMicrosoft 74-344 Dumps ➤ PDF & VCE
HOTMicrosoft 74-409 Dumps ➤ PDF & VCE
HOTMicrosoft 98-361 Dumps ➤ PDF & VCE
HOTMicrosoft 98-367 Dumps ➤ PDF & VCE
HOTMB2-700 Dumps ➤ PDF & VCE
HOTMB2-701 Dumps ➤ PDF & VCE
HOTMB2-702 Dumps ➤ PDF & VCE
HOTMB2-703 Dumps ➤ PDF & VCE
GetAll List Of Microsoft Dumps NOW

Hottest Cisco Exam Dumps

HOTCisco 200-120 Dumps ➤ PDF & VCE
HOTCisco 100-101 Dumps ➤ PDF & VCE
HOTCisco 200-101 Dumps ➤ PDF & VCE
HOTCisco 200-310 Dumps ➤ PDF & VCE
HOTCisco 200-355 Dumps ➤ PDF & VCE
HOTCisco 200-401 Dumps ➤ PDF & VCE
HOTCisco 210-260 Dumps ➤ PDF & VCE
HOTCisco 210-060 Dumps ➤ PDF & VCE
HOTCisco 210-065 Dumps ➤ PDF & VCE
HOTCisco 300-101 Dumps ➤ PDF & VCE
HOTCisco 300-115 Dumps ➤ PDF & VCE
HOTCisco 300-135 Dumps ➤ PDF & VCE
HOTCisco 300-206 Dumps ➤ PDF & VCE
HOTCisco 300-207 Dumps ➤ PDF & VCE
HOTCisco 300-208 Dumps ➤ PDF & VCE
HOTCisco 300-209 Dumps ➤ PDF & VCE
HOTCisco 300-070 Dumps ➤ PDF & VCE
HOTCisco 300-075 Dumps ➤ PDF & VCE
HOTCisco 300-080 Dumps ➤ PDF & VCE
HOTCisco 300-085 Dumps ➤ PDF & VCE
HOTCisco 400-101 Dumps ➤ PDF & VCE
HOTCisco 400-201 Dumps ➤ PDF & VCE
HOTCisco 400-051 Dumps ➤ PDF & VCE
HOTCisco 350-018 Dumps ➤ PDF & VCE
HOTCisco 642-035 Dumps ➤ PDF & VCE

Hottest CompTIA Exam Dumps

HOTSY0-401 Dumps ➤ PDF & VCE
HOTN10-006 Dumps ➤ PDF & VCE
HOT220-901 Dumps ➤ PDF & VCE
HOT220-902 Dumps ➤ PDF & VCE
HOTSG0-001 Dumps ➤ PDF & VCE
HOTCAS-002 Dumps ➤ PDF & VCE
HOTSK0-004 Dumps ➤ PDF & VCE

Other Hottest Exam Dumps

HOTVMware VCP550 Dumps ➤ PDF & VCE
HOTVMware VCP550D Dumps ➤ PDF & VCE
HOTVMware 1V0-601 Dumps ➤ PDF & VCE
HOTVMware 2V0-620 Dumps ➤ PDF & VCE
HOTVCP5-DCV Dumps ➤ PDF & VCE
HOTISC CISSP Dumps ➤ PDF & VCE
HOTPMI PMP Dumps ➤ PDF & VCE
HOTOracle 1Z0-051 Dumps ➤ PDF & VCE
HOTOracle 1Z0-052 Dumps ➤ PDF & VCE
HOTOracle 1Z0-060 Dumps ➤ PDF & VCE
HOTOracle 1Z0-061 Dumps ➤ PDF & VCE
HOTCitrix 1Y0-201 Dumps ➤ PDF & VCE
HOTCitrix 1Y0-301 Dumps ➤ PDF & VCE
HOTCitrix 1Y0-401 Dumps ➤ PDF & VCE
HOT312-50v9 Dumps ➤ PDF & VCE
HOTRHCSA EX200 Dumps ➤ PDF & VCE
HOTRHCE EX300 Dumps ➤ PDF & VCE

Archives

Tags

100-105 exam dumps 200-125 braindumps 200-125 exam dumps 200-125 exam question 200-125 pdf dumps 200-125 practice test 200-125 study guide 200-125 vce dumps 200-355 braindumps 200-355 exam dumps 200-355 exam question 200-355 pdf dumps 200-355 practice test 200-355 study guide 200-355 vce dumps 220-901 braindumps 220-901 exam dumps 220-901 exam question 220-901 pdf dumps 220-901 practice test 220-901 study guide 220-901 vce dumps 300-101 braindumps 300-101 exam dumps 300-101 exam question 300-101 pdf dumps 300-101 practice test 300-101 study guide 300-101 vce dumps 400-101 braindumps 400-101 exam dumps 400-101 exam question 400-101 pdf dumps 400-101 practice test 400-101 study guide 400-101 vce dumps 400-251 braindumps 400-251 exam dumps 400-251 exam question 400-251 pdf dumps 400-251 practice test 400-251 study guide 400-251 vce dumps Lead2pass 220-901 Lead2pass 400-101