Practice Exams:

Free 312-50v11 Exam Braindumps

Pass your Certified Ethical Hacker Exam (CEH v11) exam with these free Questions and Answers

Page 23 of 106
PDF with 528 Questions
QUESTION 106

An attacker with access to the inside network of a small company launches a successful STP manipulation attack. What will he do next?

  1. A. He will create a SPAN entry on the spoofed root bridge and redirect traffic to his computer.
  2. B. He will activate OSPF on the spoofed root bridge.
  3. C. He will repeat this action so that it escalates to a DoS attack.
  4. D. He will repeat the same attack against all L2 switches of the network.

Correct Answer: A

QUESTION 107

Which file is a rich target to discover the structure of a website during web-server footprinting?

  1. A. Document root
  2. B. Robots.txt
  3. C. domain.txt
  4. D. index.html

Correct Answer: B

QUESTION 108

Which wireless security protocol replaces the personal pre-shared key (PSK) authentication with Simultaneous Authentication of Equals (SAE) and is therefore resistant to offline dictionary attacks?

  1. A. WPA3-Personal
  2. B. WPA2-Enterprise
  3. C. Bluetooth
  4. D. ZigBee

Correct Answer: A

QUESTION 109

What would you enter if you wanted to perform a stealth scan using Nmap?

  1. A. nmap -sM
  2. B. nmap -sU
  3. C. nmap -sS
  4. D. nmap -sT

Correct Answer: C

QUESTION 110

infecting a system with malware and using phishing to gain credentials to a system or web application are examples of which phase of the ethical hacking methodology?

  1. A. Reconnaissance
  2. B. Maintaining access
  3. C. Scanning
  4. D. Gaining access

Correct Answer: D
This phase having the hacker uses different techniques and tools to realize maximum data from the system. they’re –• Password cracking – Methods like Bruteforce, dictionary attack, rule-based attack, rainbow table a used. Bruteforce is trying all combinations of the password. Dictionary attack is trying an inventory of meaningful words until the password matches. Rainbow table takes the hash value of the password and compares with pre-computed hash values until a match is discovered.• Password attacks – Passive attacks like wire sniffing, replay attack. Active online attack like Trojans, keyloggers, hash injection, phishing. Offline attacks like pre-computed hash, distributed network and rainbow. Non electronic attack like shoulder surfing, social engineering and dumpster diving.

Page 23 of 106
PDF with 528 Questions

Post your Comments and Discuss EC-Council 312-50v11 exam with other Community members: