312-50 ECCouncil Certified Ethical Hacker Exam exact Exam Questions

Certified Ethical Hacker Exam

Last Update 16 hours ago Total Questions : 614

The Certified Ethical Hacker Exam content is now fully updated, with all current exam questions added 16 hours ago. Deciding to include 312-50 practice exam questions in your study plan goes far beyond basic test preparation.

You'll find that our 312-50 exam questions frequently feature detailed scenarios and practical problem-solving exercises that directly mirror industry challenges. Engaging with these 312-50 sample sets allows you to effectively manage your time and pace yourself, giving you the ability to finish any Certified Ethical Hacker Exam practice test comfortably within the allotted time.

Question # 81

Which of the following is a client-server tool utilized to evade firewall inspection?

tcp-over-dns

kismet

nikto

hping

Question # 82

How is sniffing broadly categorized?

Active and passive

Broadcast and unicast

Unmanaged and managed

Filtered and unfiltered

Question # 83

An organization hires a tester to do a wireless penetration test. Previous reports indicate that the last test did not contain management or control packets in the submitted traces. Which of the following is the most likely reason for lack of management or control packets?

The wireless card was not turned on.

The wrong network card drivers were in use by Wireshark.

On Linux and Mac OS X, only 802.11 headers are received in promiscuous mode.

Certain operating systems and adapters do not collect the management or control packets.

Question # 84

Which of the following guidelines or standards is associated with the credit card industry?

Control Objectives for Information and Related Technology (COBIT)

Sarbanes-Oxley Act (SOX)

Health Insurance Portability and Accountability Act (HIPAA)

Payment Card Industry Data Security Standards (PCI DSS)

Question # 85

When does the Payment Card Industry Data Security Standard (PCI-DSS) require organizations to perform external and internal penetration testing?

At least once a year and after any significant upgrade or modification

At least once every three years or after any significant upgrade or modification

At least twice a year or after any significant upgrade or modification

At least once every two years and after any significant upgrade or modification

Question # 86

Which of the following is a component of a risk assessment?

Physical security

Administrative safeguards

DMZ

Logical interface

Question # 87

An NMAP scan of a server shows port 25 is open. What risk could this pose?

Open printer sharing

Web portal data leak

Clear text authentication

Active mail relay

Question # 88

The following is part of a log file taken from the machine on the network with the IP address of 192.168.1.106:

What type of activity has been logged?

Port scan targeting 192.168.1.103

Teardrop attack targeting 192.168.1.106

Denial of service attack targeting 192.168.1.103

Port scan targeting 192.168.1.106

Question # 89

In order to show improvement of security over time, what must be developed?

Reports

Testing tools

Metrics

Taxonomy of vulnerabilities

Question # 90

A computer technician is using a new version of a word processing software package when it is discovered that a special sequence of characters causes the entire computer to crash. The technician researches the bug and discovers that no one else experienced the problem. What is the appropriate next step?

Ignore the problem completely and let someone else deal with it.

Create a document that will crash the computer when opened and send it to friends.

Find an underground bulletin board and attempt to sell the bug to the highest bidder.

Notify the vendor of the bug and do not disclose it until the vendor gets a chance to issue a fix.