312-50 : CEH Certified Ethical Hacker (312-50v9) : Part 03

312-50 : All Parts

At a Windows Server command prompt, which command could be used to list the running services?
- Sc query type= running
- Sc query \\servername
- Sc query
- Sc config
Windows file servers commonly hold sensitive files, databases, passwords and more. Which of the following choices would be a common vulnerability that usually exposes them?
- Cross-site scripting
- SQL injection
- Missing patches
- CRLF injection
While conducting a penetration test, the tester determines that there is a firewall between the tester’s machine and the target machine. The firewall is only monitoring TCP handshaking of packets at the session layer of the OSI model. Which type of firewall is the tester trying to traverse?
- Packet filtering firewall
- Application-level firewall
- Circuit-level gateway firewall
- Stateful multilayer inspection firewall
A company firewall engineer has configured a new DMZ to allow public systems to be located away from the internal network. The engineer has three security zones set:

312-50 Part 3 Q04 005

The engineer wants to configure remote desktop access from a fixed IP on the remote network to a remote desktop server in the DMZ. Which rule would best fit this requirement?
- Permit 217.77.88.0/24 11.12.13.0/24 RDP 3389
- Permit 217.77.88.12 11.12.13.50 RDP 3389
- Permit 217.77.88.12 11.12.13.0/24 RDP 3389
- Permit 217.77.88.0/24 11.12.13.50 RDP 3389
A circuit level gateway works at which of the following layers of the OSI Model?
- Layer 5 – Application
- Layer 4 – TCP
- Layer 3 – Internet protocol
- Layer 2 – Data link
Which of the following is a symmetric cryptographic standard?
- DSA
- PKI
- RSA
- 3DES
A computer science student needs to fill some information into a secured Adobe PDF job application that was received from a prospective employer. Instead of requesting a new document that allowed the forms to be completed, the student decides to write a script that pulls passwords from a list of commonly used passwords to try against the secured PDF until the correct password is found or the list is exhausted.

Which cryptography attack is the student attempting?
- Man-in-the-middle attack
- Brute-force attack
- Dictionary attack
- Session hijacking
Which property ensures that a hash function will not produce the same hashed value for two different messages?
- Collision resistance
- Bit length
- Key strength
- Entropy
How can telnet be used to fingerprint a web server?
- telnet webserverAddress 80
  HEAD / HTTP/1.0
- telnet webserverAddress 80
  PUT / HTTP/1.0
- telnet webserverAddress 80
  HEAD / HTTP/2.0
- telnet webserverAddress 80
  PUT / HTTP/2.0
Low humidity in a data center can cause which of the following problems?
- Heat
- Corrosion
- Static electricity
- Airborne contamination
A consultant is hired to do physical penetration testing at a large financial company. In the first day of his assessment, the consultant goes to the company`s building dressed like an electrician and waits in the lobby for an employee to pass through the main access gate, then the consultant follows the employee behind to get into the restricted area. Which type of attack did the consultant perform?
- Man trap
- Tailgating
- Shoulder surfing
- Social engineering
When analyzing the IDS logs, the system administrator noticed an alert was logged when the external router was accessed from the administrator’s computer to update the router configuration. What type of an alert is this?
- False positive
- False negative
- True positve
- True negative
While performing data validation of web content, a security technician is required to restrict malicious input. Which of the following processes is an efficient way of restricting malicious input?
- Validate web content input for query strings.
- Validate web content input with scanning tools.
- Validate web content input for type, length, and range.
- Validate web content input for extraneous queries.
A security consultant decides to use multiple layers of anti-virus defense, such as end user desktop anti-virus and E-mail gateway. This approach can be used to mitigate which kind of attack?
- Forensic attack
- ARP spoofing attack
- Social engineering attack
- Scanning attack
Which of the following resources does NMAP need to be used as a basic vulnerability scanner covering several vectors like SMB, HTTP and FTP?
- Metasploit scripting engine
- Nessus scripting engine
- NMAP scripting engine
- SAINT scripting engine
Which of the following scanning tools is specifically designed to find potential exploits in Microsoft Windows products?
- Microsoft Security Baseline Analyzer
- Retina
- Core Impact
- Microsoft Baseline Security Analyzer
A security analyst is performing an audit on the network to determine if there are any deviations from the security policies in place. The analyst discovers that a user from the IT department had a dial-out modem installed. Which security policy must the security analyst check to see if dial-out modems are allowed?
- Firewall-management policy
- Acceptable-use policy
- Remote-access policy
- Permissive policy
When creating a security program, which approach would be used if senior management is supporting and enforcing the security policy?
- A bottom-up approach
- A top-down approach
- A senior creation approach
- An IT assurance approach
Which of the following processes evaluates the adherence of an organization to its stated security policy?
- Vulnerability assessment
- Penetration testing
- Risk assessment
- Security auditing
A security consultant is trying to bid on a large contract that involves penetration testing and reporting. The company accepting bids wants proof of work so the consultant prints out several audits that have been performed. Which of the following is likely to occur as a result?
- The consultant will ask for money on the bid because of great work.
- The consultant may expose vulnerabilities of other companies.
- The company accepting bids will want the same type of format of testing.
- The company accepting bids will hire the consultant because of the great work performed.

312-50 : All Parts

312-50 : CEH Certified Ethical Hacker (312-50v9) : All Parts
312-50 Part 01	312-50 Part 09	312-50 Part 17	312-50 Part 25
312-50 Part 02	312-50 Part 10	312-50 Part 18	312-50 Part 26
312-50 Part 03	312-50 Part 11	312-50 Part 19	312-50 Part 27
312-50 Part 04	312-50 Part 12	312-50 Part 20	312-50 Part 28
312-50 Part 05	312-50 Part 13	312-50 Part 21	312-50 Part 29
312-50 Part 06	312-50 Part 14	312-50 Part 22	312-50 Part 30
312-50 Part 07	312-50 Part 15	312-50 Part 23	312-50 Part 31
312-50 Part 08	312-50 Part 16	312-50 Part 24

312-50 : CEH Certified Ethical Hacker (312-50v9) : All Parts
312-50 Part 01	312-50 Part 09	312-50 Part 17	312-50 Part 25
312-50 Part 02	312-50 Part 10	312-50 Part 18	312-50 Part 26
312-50 Part 03	312-50 Part 11	312-50 Part 19	312-50 Part 27
312-50 Part 04	312-50 Part 12	312-50 Part 20	312-50 Part 28
312-50 Part 05	312-50 Part 13	312-50 Part 21	312-50 Part 29
312-50 Part 06	312-50 Part 14	312-50 Part 22	312-50 Part 30
312-50 Part 07	312-50 Part 15	312-50 Part 23	312-50 Part 31
312-50 Part 08	312-50 Part 16	312-50 Part 24

312-50 : CEH Certified Ethical Hacker (312-50v9) : Part 03

At a Windows Server command prompt, which command could be used to list the running services?

Windows file servers commonly hold sensitive files, databases, passwords and more. Which of the following choices would be a common vulnerability that usually exposes them?

While conducting a penetration test, the tester determines that there is a firewall between the tester’s machine and the target machine. The firewall is only monitoring TCP handshaking of packets at the session layer of the OSI model. Which type of firewall is the tester trying to traverse?

A company firewall engineer has configured a new DMZ to allow public systems to be located away from the internal network. The engineer has three security zones set:

The engineer wants to configure remote desktop access from a fixed IP on the remote network to a remote desktop server in the DMZ. Which rule would best fit this requirement?

A circuit level gateway works at which of the following layers of the OSI Model?

Which of the following is a symmetric cryptographic standard?

Which cryptography attack is the student attempting?

Which property ensures that a hash function will not produce the same hashed value for two different messages?

How can telnet be used to fingerprint a web server?

Low humidity in a data center can cause which of the following problems?

When analyzing the IDS logs, the system administrator noticed an alert was logged when the external router was accessed from the administrator’s computer to update the router configuration. What type of an alert is this?

While performing data validation of web content, a security technician is required to restrict malicious input. Which of the following processes is an efficient way of restricting malicious input?

A security consultant decides to use multiple layers of anti-virus defense, such as end user desktop anti-virus and E-mail gateway. This approach can be used to mitigate which kind of attack?

Which of the following resources does NMAP need to be used as a basic vulnerability scanner covering several vectors like SMB, HTTP and FTP?

Which of the following scanning tools is specifically designed to find potential exploits in Microsoft Windows products?

When creating a security program, which approach would be used if senior management is supporting and enforcing the security policy?

Which of the following processes evaluates the adherence of an organization to its stated security policy?

A security consultant is trying to bid on a large contract that involves penetration testing and reporting. The company accepting bids wants proof of work so the consultant prints out several audits that have been performed. Which of the following is likely to occur as a result?