Last Updated on July 24, 2021 by InfraExam

312-50v11 : Certified Ethical Hacker v11 Exam : Part 05

  1. A company’s security policy states that all Web browsers must automatically delete their HTTP browser cookies upon terminating. What sort of security breach is this policy attempting to mitigate?

    • Attempts by attackers to access the user and password information stored in the company’s SQL database.
    • Attempts by attackers to access Web sites that trust the Web browser user by stealing the user’s authentication credentials.
    • Attempts by attackers to access passwords stored on the user’s computer without the user’s knowledge.
    • Attempts by attackers to determine the user’s Web browser usage patterns, including when sites were visited and for how long.
  2. What is correct about digital signatures?

    • A digital signature cannot be moved from one signed document to another because it is the hash of the original document encrypted with the private key of the signing party.
    • Digital signatures may be used in different documents of the same type.
    • A digital signature cannot be moved from one signed document to another because it is a plain hash of the document content.
    • Digital signatures are issued once for each user and can be used everywhere until they expire.
  3. An attacker with access to the inside network of a small company launches a successful STP manipulation attack. What will he do next?

    • He will create a SPAN entry on the spoofed root bridge and redirect traffic to his computer.
    • He will activate OSPF on the spoofed root bridge.
    • He will repeat this action so that it escalates to a DoS attack.
    • He will repeat the same attack against all L2 switches of the network.
  4. You have gained physical access to a Windows 2008 R2 server, which has an accessible disc drive. When you attempt to boot the server and log in, you are unable to guess the password. In your toolkit, you have an Ubuntu 9.10 Linux LiveCD. Which Linux-based tool can change any user’s password or activate disabled Windows accounts?

    • John the Ripper
    • SET
    • CHNTPW
    • Cain & Abel
  5. What does a firewall check to prevent particular ports and applications from getting packets into an organization?

    • Transport layer port numbers and application layer headers
    • Presentation layer headers and the session layer port numbers
    • Network layer headers and the session layer port numbers
    • Application layer port numbers and the transport layer headers
  6. An attacker has installed a RAT on a host. The attacker wants to ensure that when a user attempts to go to “”, the user is directed to a phishing site.

    Which file does the attacker need to modify?

    • Boot.ini
    • Sudoers
    • Networks
    • Hosts
  7. _________ is a set of extensions to DNS that provide the origin authentication of DNS data to DNS clients (resolvers) so as to reduce the threat of DNS poisoning, spoofing, and similar types of attacks.

    • DNSSEC
    • Resource records
    • Resource transfer
    • Zone transfer
  8. Which of the following incident handling process phases is responsible for defining rules, collaborating human workforce, creating a back-up plan, and testing the plans for an organization?

    • Preparation phase
    • Containment phase
    • Identification phase
    • Recovery phase
  9. The configuration allows a wired or wireless network interface controller to pass all traffic it receives to the Central Processing Unit (CPU), rather than passing only the frames that the controller is intended to receive.

    Which of the following is being described?

    • Multi-cast mode
    • Promiscuous mode
    • WEM
    • Port forwarding
  10. A large mobile telephony and data network operator has a data center that houses network elements. These are essentially large computers running on Linux. The perimeter of the data center is secured with firewalls and IPS systems.

    What is the best security policy concerning this setup?

    • Network elements must be hardened with user ids and strong passwords. Regular security tests and audits should be performed.
    • As long as the physical access to the network elements is restricted, there is no need for additional measures.
    • There is no need for specific security measures on the network elements as long as firewalls and IPS systems exist.
    • The operator knows that attacks and down time are inevitable and should have a backup site.
  11. PGP, SSL, and IKE are all examples of which type of cryptography?

    • Digest
    • Secret Key
    • Public Key
    • Hash Algorithm
  12. Peter is surfing the internet looking for information about DX Company. Which hacking process is Peter doing?

    • Scanning
    • Footprinting
    • Enumeration
    • System Hacking
  13. A hacker is an intelligent individual with excellent computer skills and the ability to explore a computer’s software and hardware without the owner’s permission. Their intention can either be to simply gain knowledge or to illegally make changes.

    Which of the following class of hacker refers to an individual who works both offensively and defensively at various times?

    • White Hat
    • Suicide Hacker
    • Gray Hat
    • Black Hat
  14. During a recent security assessment, you discover the organization has one Domain Name Server (DNS) in a Demilitarized Zone (DMZ) and a second DNS server on the internal network.

    What is this type of DNS configuration commonly called?

    • DynDNS
    • DNS Scheme
    • DNSSEC
    • Split DNS
  15. What kind of detection techniques is being used in antivirus software that identifies malware by collecting data from multiple protected systems and instead of analyzing files locally it’s made on the provider’s environment?

    • Behavioral based
    • Heuristics based
    • Honeypot based
    • Cloud based
  16. Which of the following tools is used to analyze the files produced by several packet-capture programs such as tcpdump, WinDump, Wireshark, and EtherPeek?

    • tcptrace
    • Nessus
    • OpenVAS
    • tcptraceroute
  17. What is the way to decide how a packet will move from an untrusted outside host to a protected inside that is behind a firewall, which permits the hacker to determine which ports are open and if the packets can pass through the packet-filtering of the firewall?

    • Session hijacking
    • Firewalking
    • Man-in-the middle attack
    • Network sniffing
  18. Which of the following is not a Bluetooth attack?

    • Bluedriving
    • Bluesmacking
    • Bluejacking
    • Bluesnarfing
  19. What is the role of test automation in security testing?

    • It is an option but it tends to be very expensive.
    • It should be used exclusively. Manual testing is outdated because of low speed and possible test setup inconsistencies.
    • Test automation is not usable in security due to the complexity of the tests.
    • It can accelerate benchmark tests and repeat them with a consistent test setup. But it cannot replace manual testing completely.
  20. Your company performs penetration tests and security assessments for small and medium-sized business in the local area. During a routine security assessment, you discover information that suggests your client is involved with human trafficking.

    What should you do?

    • Confront the client in a respectful manner and ask her about the data.
    • Copy the data to removable media and keep it in case you need it.
    • Ignore the data and continue the assessment until completed as agreed.
    • Immediately stop work and contact the proper legal authorities.