[May 20, 2024] Uplift Your 312-50v12 Exam Marks With The Help of 312-50v12 Dumps Use ECCouncil 312-50v12 Dumps To Succeed Instantly in 312-50v12 Exam The CEH certification is ideal for IT professionals who want to demonstrate their expertise in ethical hacking and cybersecurity. 312-50v12 exam covers a wide range of topics, including network security, web application security, cryptography, and ethical [...]

All Products Contact now

[May 20, 2024] Uplift Your 312-50v12 Exam Marks With The Help of 312-50v12 Dumps [Q199-Q215]

Share

[May 20, 2024] Uplift Your 312-50v12 Exam Marks With The Help of 312-50v12 Dumps

Use ECCouncil 312-50v12 Dumps To Succeed Instantly in 312-50v12 Exam


The CEH certification is ideal for IT professionals who want to demonstrate their expertise in ethical hacking and cybersecurity. 312-50v12 exam covers a wide range of topics, including network security, web application security, cryptography, and ethical hacking techniques. Candidates who pass the exam are recognized as experts in the field and are highly sought after by employers looking to protect their organizations from cyber threats.

 

NEW QUESTION # 199
A new wireless client is configured to join a 802.11 network. This client uses the same hardware and software as many of the other clients on the network. The client can see the network, but cannot connect. A wireless packet sniffer shows that the Wireless Access Point (WAP) is not responding to the association requests being sent by the wireless client. What is a possible source of this problem?

  • A. Client is configured for the wrong channel
  • B. The WAP does not recognize the client's MAC address
  • C. The wireless client is not configured to use DHCP
  • D. The client cannot see the SSID of the wireless network

Answer: B

Explanation:
https://en.wikipedia.org/wiki/MAC_filtering
MAC filtering is a security method based on access control. Each address is assigned a 48-bit address, which is used to determine whether we can access a network or not. It helps in listing a set of allowed devices that you need on your Wi-Fi and the list of denied devices that you don't want on your Wi-Fi. It helps in preventing unwanted access to the network. In a way, we can blacklist or white list certain computers based on their MAC address. We can configure the filter to allow connection only to those devices included in the white list. White lists provide greater security than blacklists because the router grants access only to selected devices.
It is used on enterprise wireless networks having multiple access points to prevent clients from communicating with each other. The access point can be configured only to allow clients to talk to the default gateway, but not other wireless clients. It increases the efficiency of access to a network.
The router allows configuring a list of allowed MAC addresses in its web interface, allowing you to choose which devices can connect to your network. The router has several functions designed to improve the network's security, but not all are useful. Media access control may seem advantageous, but there are certain flaws.
On a wireless network, the device with the proper credentials such as SSID and password can authenticate with the router and join the network, which gets an IP address and access to the internet and any shared resources.
MAC address filtering adds an extra layer of security that checks the device's MAC address against a list of agreed addresses. If the client's address matches one on the router's list, access is granted; otherwise, it doesn't join the network.


NEW QUESTION # 200
You are using a public Wi-Fi network inside a coffee shop. Before surfing the web, you use your VPN to prevent intruders from sniffing your traffic. If you did not have a VPN, how would you identify whether someone is performing an ARP spoofing attack on your laptop?

  • A. You should scan the network using Nmap to check the MAC addresses of all the hosts and look for duplicates.
  • B. You should use netstat to check for any suspicious connections with another IP address within the LAN.
  • C. You should check your ARP table and see if there is one IP address with two different MAC addresses.
  • D. You cannot identify such an attack and must use a VPN to protect your traffic, r

Answer: C


NEW QUESTION # 201
When a security analyst prepares for the formal security assessment - what of the following should be done in order to determine inconsistencies in the secure assets database and verify that system is compliant to the minimum security baseline?

  • A. Source code review
  • B. Interviewing employees and network engineers
  • C. Data items and vulnerability scanning
  • D. Reviewing the firewalls configuration

Answer: C


NEW QUESTION # 202
You are analysing traffic on the network with Wireshark. You want to routinely run a cron job which will run the capture against a specific set of IPs - 192.168.8.0/24. What command you would use?

  • A. wireshark --capture --local masked 192.168.8.0 ---range 24
  • B. sudo tshark -f''net 192 .68.8.0/24''
  • C. wireshark --fetch ''192.168.8*''
  • D. tshark -net 192.255.255.255 mask 192.168.8.0

Answer: B


NEW QUESTION # 203
Cross-site request forgery involves:

  • A. A browser making a request to a server without the user's knowledge
  • B. Modification of a request by a proxy between client and server
  • C. A request sent by a malicious user from a browser to a server
  • D. A server making a request to another server without the user's knowledge

Answer: A

Explanation:
https://owasp.org/www-community/attacks/csrf
Cross-Site Request Forgery (CSRF) is an attack that forces an end user to execute unwanted actions on a web application in which they're currently authenticated. With a little help of social engineering (such as sending a link via email or chat), an attacker may trick the users of a web application into executing actions of the attacker's choosing. If the victim is a normal user, a successful CSRF attack can force the user to perform state changing requests like transferring funds, changing their email address, and so forth. If the victim is an administrative account, CSRF can compromise the entire web application.
CSRF is an attack that tricks the victim into submitting a malicious request. It inherits the identity and privileges of the victim to perform an undesired function on the victim's behalf. For most sites, browser requests automatically include any credentials associated with the site, such as the user's session cookie, IP address, Windows domain credentials, and so forth. Therefore, if the user is currently authenticated to the site, the site will have no way to distinguish between the forged request sent by the victim and a legitimate request sent by the victim.
CSRF attacks target functionality that causes a state change on the server, such as changing the victim's email address or password, or purchasing something. Forcing the victim to retrieve data doesn't benefit an attacker because the attacker doesn't receive the response, the victim does. As such, CSRF attacks target state-changing requests.
It's sometimes possible to store the CSRF attack on the vulnerable site itself. Such vulnerabilities are called "stored CSRF flaws". This can be accomplished by simply storing an IMG or IFRAME tag in a field that accepts HTML, or by a more complex cross-site scripting attack. If the attack can store a CSRF attack in the site, the severity of the attack is amplified. In particular, the likelihood is increased because the victim is more likely to view the page containing the attack than some random page on the Internet. The likelihood is also increased because the victim is sure to be authenticated to the site already.


NEW QUESTION # 204
Ben purchased a new smartphone and received some updates on it through the OTA method. He received two messages: one with a PIN from the network operator and another asking him to enter the PIN received from the operator. As soon as he entered the PIN, the smartphone started functioning in an abnormal manner. What is the type of attack performed on Ben in the above scenario?

  • A. Phishing
  • B. Bypass SSL pinning
  • C. Advanced SMS phishing
  • D. Tap 'n ghost attack

Answer: C


NEW QUESTION # 205
In order to tailor your tests during a web-application scan, you decide to determine which web-server version is hosting the application. On using the sV flag with Nmap. you obtain the following response:
80/tcp open http-proxy Apache Server 7.1.6
what Information-gathering technique does this best describe?

  • A. Banner grabbing
  • B. Brute forcing
  • C. Dictionary attack
  • D. WhOiS lookup

Answer: A

Explanation:
Banner grabbing is a technique wont to gain info about a computer system on a network and the services running on its open ports. administrators will use this to take inventory of the systems and services on their network. However, an to find will use banner grabbing so as to search out network hosts that are running versions of applications and operating systems with known exploits.
Some samples of service ports used for banner grabbing are those used by Hyper Text Transfer Protocol (HTTP), File Transfer Protocol (FTP), and Simple Mail Transfer Protocol (SMTP); ports 80, 21, and 25 severally. Tools normally used to perform banner grabbing are Telnet, nmap and Netcat.
For example, one may establish a connection to a target internet server using Netcat, then send an HTTP request. The response can usually contain info about the service running on the host:

This information may be used by an administrator to catalog this system, or by an intruder to narrow down a list of applicable exploits. To prevent this, network administrators should restrict access to services on their networks and shut down unused or unnecessary services running on network hosts. Shodan is a search engine for banners grabbed from portscanning the Internet.


NEW QUESTION # 206
You need to deploy a new web-based software package for your organization. The package requires three separate servers and needs to be available on the Internet. What is the recommended architecture in terms of server placement?

  • A. All three servers need to be placed internally
  • B. A web server facing the Internet, an application server on the internal network, a database server on the internal network
  • C. All three servers need to face the Internet so that they can communicate between themselves
  • D. A web server and the database server facing the Internet, an application server on the internal network

Answer: B


NEW QUESTION # 207
A hacker has successfully infected an internet-facing server which he will then use to send junk mail, take part in coordinated attacks, or host junk email content. Which sort of trojan infects this server?

  • A. Botnet Trojan
  • B. Ransomware Trojans
  • C. Banking Trojans
  • D. Turtle Trojans

Answer: A


NEW QUESTION # 208
An attacker decided to crack the passwords used by industrial control systems. In this process, he employed a loop strategy to recover these passwords. He used one character at a time to check whether the first character entered is correct; if so, he continued the loop for consecutive characters. If not, he terminated the loop. Furthermore, the attacker checked how much time the device took to finish one complete password authentication process, through which he deduced how many characters entered are correct.
What is the attack technique employed by the attacker to crack the passwords of the industrial control systems?

  • A. Buffer overflow attack
  • B. HMI-based attack
  • C. Side-channel attack
  • D. Denial-of-service attack

Answer: B


NEW QUESTION # 209
When a normal TCP connection starts, a destination host receives a SYN (synchronize/start) packet from a source host and sends back a SYN/ACK (synchronize acknowledge). The destination host must then hear an ACK (acknowledge) of the SYN/ACK before the connection is established. This is referred to as the "TCP three-way handshake." While waiting for the ACK to the SYN ACK, a connection queue of finite size on the destination host keeps track of connections waiting to be completed. This queue typically empties quickly since the ACK is expected to arrive a few milliseconds after the SYN ACK.
How would an attacker exploit this design by launching TCP SYN attack?

  • A. Attacker generates TCP RST packets with random source addresses towards a victim host
  • B. Attacker floods TCP SYN packets with random source addresses towards a victim host
  • C. Attacker generates TCP ACK packets with random source addresses towards a victim host
  • D. Attacker generates TCP SYN packets with random destination addresses towards a victim host

Answer: B


NEW QUESTION # 210
The change of a hard drive failure is once every three years. The cost to buy a new hard drive is $300. It will require 10 hours to restore the OS and software to the new hard disk. It will require a further 4 hours to restore the database from the last backup to the new hard disk. The recovery person earns $10/hour. Calculate the SLE, ARO, and ALE. Assume the EF = 1(100%). What is the closest approximate cost of this replacement and recovery operation per year?

  • A. $146
  • B. $1320
  • C. $100
  • D. $440

Answer: A

Explanation:
1. AV (Asset value) = $300 + (14 * $10) = $440 - the cost of a hard drive plus the work of a recovery person, i.e.how much would it take to replace 1 asset? 10 hours for resorting the OS and soft + 4 hours for DB restore multiplies by hourly rate of the recovery person.
2. SLE (Single Loss Expectancy) = AV * EF (Exposure Factor) = $440 * 1 = $440
3. ARO (Annual rate of occurrence) = 1/3 (every three years, meaning the probability of occurring during 1 years is 1/3)
4. ALE (Annual Loss Expectancy) = SLE * ARO = 0.33 * $440 = $145.2


NEW QUESTION # 211
Which wireless security protocol replaces the personal pre-shared key (PSK) authentication with Simultaneous Authentication of Equals (SAE) and is therefore resistant to offline dictionary attacks?

  • A. Bluetooth
  • B. WPA2-Enterprise
  • C. WPA3-Personal
  • D. ZigBee

Answer: D


NEW QUESTION # 212
Every company needs a formal written document which spells out to employees precisely what they are allowed to use the company's systems for, what is prohibited, and what will happen to them if they break the rules. Two printed copies of the policy should be given to every employee as soon as possible after they join the organization. The employee should be asked to sign one copy, which should be safely filed by the company. No one should be allowed to use the company's computer systems until they have signed the policy in acceptance of its terms.
What is this document called?

  • A. Information Audit Policy (IAP)
  • B. Penetration Testing Policy (PTP)
  • C. Information Security Policy (ISP)
  • D. Company Compliance Policy (CCP)

Answer: C


NEW QUESTION # 213
What type of virus is most likely to remain undetected by antivirus software?

  • A. File-extension virus
  • B. Macro virus
  • C. Cavity virus
  • D. Stealth virus

Answer: D


NEW QUESTION # 214
A penetration tester is performing the footprinting process and is reviewing publicly available information about an organization by using the Google search engine.
Which of the following advanced operators would allow the pen tester to restrict the search to the organization's web domain?

  • A. [allinurl:]
  • B. [site:]
  • C. [link:]
  • D. [location:]

Answer: B

Explanation:
Google hacking or Google dorking https://en.wikipedia.org/wiki/Google_hacking It is a hacker technique that uses Google Search and other Google applications to find security holes in the configuration and computer code that websites are using. Google dorking could also be used for OSINT.
Search syntax https://en.wikipedia.org/wiki/Google_Search
Google's search engine has its own built-in query language. The following list of queries can be run to find a list of files, find information about your competition, track people, get information about SEO backlinks, build email lists, and of course, discover web vulnerabilities.
- [site:] - Search within a specific website
Incorrect answers:
- [allinurl:] - it can be used to fetch results whose URL contains all the specified characters
- [link:] - Search for links to pages
- [location:] - A tricky option.


NEW QUESTION # 215
......


The 312-50v12 exam is a comprehensive exam that covers a wide range of topics related to cybersecurity. 312-50v12 exam is designed to test the candidate’s knowledge and skills in areas such as ethical hacking, system security, network security, and cryptography. 312-50v12 exam is conducted in a proctored environment and consists of 125 multiple-choice questions that need to be completed within four hours.

 

ECCouncil Dumps - Learn How To Deal With The Exam Anxiety: https://www.guidetorrent.com/312-50v12-pdf-free-download.html

Ultimate Guide to 312-50v12 Dumps - Enhance Your Future Career Now: https://drive.google.com/open?id=1avcshXK2HMkn9-KwpwzrDTR66kqBDRE8

Related Articles

more
ECCouncil 312-50v12 Certification Practice Exam