ECCouncil

312-50v11

Certified Ethical
Hacker Exam (CEH
v11)
Version: Demo

[ Total Questions: 10]

Web: www.marks4sure.com

Email: support@marks4sure.com
IMPORTANT NOTICE
Feedback
We have developed quality product and state-of-art service to ensure our customers interest. If you have any
suggestions, please feel free to contact us at feedback@marks4sure.com

Support
If you have any questions about our product, please provide the following items:

exam code
screenshot of the question
login id/email

please contact us at support@marks4sure.com and our technical experts will provide support within 24 hours.

Copyright
The product of each order has its own encryption code, so you should use it independently. Any unauthorized
changes will inflict legal punishment. We reserve the right of final explanation for this statement.
Practice Test ECCouncil - 312-50v11

Question #:1

Study the snort rule given below:

From the options below, choose the exploit against which this rule applies.

A. WebDav

B. SQL Slammer

C. MS Blaster

D. MyDoom

Answer: C

Question #:2

You have successfully comprised a server having an IP address of 10.10.0.5. You would like to enumerate all
machines in the same network quickly.

What is the best Nmap command you will use? A. nmap -T4 -q 10.10.0.0/24

B. nmap -T4 -F 10.10.0.0/24 C. nmap -T4 -r 10.10.1.0/24 D. nmap -T4 -O 10.10.0.0/24

Question #:3

Which command can be used to show the current TCP/IP connections?

A. Netsh

B.

Pass Your Certification With Marks4sure Guarantee 1 of 5

Practice Test ECCouncil - 312-50v11

B. Netstat

C. Net use connection

D. Net use

Answer: A

Question #:4

Ethical backer jane Doe is attempting to crack the password of the head of the it department of ABC company.
She Is utilizing a rainbow table and notices upon entering a password that extra characters are added to the
password after submitting. What countermeasure is the company using to protect against rainbow tables?

A. Password key hashing

B. Password salting

C. Password hashing

D. Account lockout

Answer: B

Explanation
Passwords are usually delineated as “hashed and salted”. salting is simply the addition of a unique, random
string of characters renowned solely to the site to every parole before it’s hashed, typically this “salt” is placed
in front of each password.

The salt value needs to be hold on by the site, which means typically sites use the same salt for each parole.
This makes it less effective than if individual salts are used.

The use of unique salts means that common passwords shared by multiple users – like “123456” or
“password” – aren’t revealed revealed when one such hashed password is known – because despite the
passwords being the same the immediately and hashed values are not.

Large salts also protect against certain methods of attack on hashes, including rainbow tables or logs of hashed
passwords previously broken.

Both hashing and salting may be repeated more than once to increase the issue in breaking the security.

Question #:5

An incident investigator asks to receive a copy of the event logs from all firewalls, proxy servers, and
Intrusion Detection Systems (IDS) on the network of an organization that has experienced a possible breach of
security. When the investigator attempts to correlate the information in all of the logs, the sequence of many of
the logged events do not match up.

Pass Your Certification With Marks4sure Guarantee 2 of 5

Practice Test ECCouncil - 312-50v11

What is the most likely cause?

A. The network devices are not all synchronized.

B. Proper chain of custody was not observed while collecting the logs.

C. The attacker altered or erased events from the logs.

D. The security breach was a false positive.

Answer: A

Question #:6

In the context of password security, a simple dictionary attack involves loading a dictionary file (a text file full
of dictionary words) into a cracking application such as L0phtCrack or John the Ripper, and running it against
user accounts located by the application. The larger the word and word fragment selection, the more effective
the dictionary attack is. The brute force method is the most inclusive, although slow. It usually tries every
possible letter and number combination in its automated exploration. If you would use both brute force and
dictionary methods combined together to have variation of words, what would you call such an attack?

A. Full Blown

B. Thorough

C. Hybrid

D. BruteDics

Answer: C

Question #:7

Based on the following extract from the log of a compromised machine, what is the hacker really trying to
steal?

A. har.txt

B. SAM file

C. wwwroot

D. Repair file

Answer: B

Pass Your Certification With Marks4sure Guarantee 3 of 5

Practice Test ECCouncil - 312-50v11

Question #:8

John wants to send Marie an email that includes sensitive information, and he does not trust the network that
he is connected to. Marie gives him the idea of using PGP. What should John do to communicate correctly
using this type of encryption?

A. Use his own public key to encrypt the message.

B. Use Mane's public key to encrypt the message.

C. Use his own private key to encrypt the message.

D. Use Marie's private key to encrypt the message.

Answer: B

Question #:9

While scanning with Nmap, Patin found several hosts which have the IP ID of incremental sequences. He then
decided to conduct: nmap -Pn -p- -si kiosk.adobe.com www.riaa.com. kiosk.adobe.com is the host with
incremental IP ID sequence. What is the purpose of using "-si" with Nmap?

A. Conduct stealth scan

B. Conduct ICMP scan

C. Conduct IDLE scan

D. Conduct silent scan

Answer: A

Question #:10

Due to a slowdown of normal network operations, the IT department decided to monitor internet traffic for all
of the employees. From a legal standpoint, what would be troublesome to take this kind of measure?

A. All of the employees would stop normal work activities

B. IT department would be telling employees who the boss is

C. Not informing the employees that they are going to be monitored could be an invasion of privacy.

D. The network could still experience traffic slow down.

Answer: C

Pass Your Certification With Marks4sure Guarantee 4 of 5

Practice Test ECCouncil - 312-50v11

Pass Your Certification With Marks4sure Guarantee 5 of 5

About Marks4sure.com
marks4sure.com was founded in 2007. We provide latest & high quality IT / Business Certification Training Exam
Questions, Study Guides, Practice Tests.

We help you pass any IT / Business Certification Exams with 100% Pass Guaranteed or Full Refund. Especially
Cisco, CompTIA, Citrix, EMC, HP, Oracle, VMware, Juniper, Check Point, LPI, Nortel, EXIN and so on.

View list of all certification exams: All vendors

We prepare state-of-the art practice tests for certification exams. You can reach us at any of the email addresses listed
below.

Sales: sales@marks4sure.com
Feedback: feedback@marks4sure.com
Support: support@marks4sure.com

Any problems about IT certification or our products, You can write us back and we will get back to you within 24
hours.