Is this exam completely free?

ExamCademy offers a free preview for every exam, covering around 20% of the total questions. Full access to all questions is available for free by signing up for an account. Optional supporters unlock AstroTutor (AI tutor) and advanced study modes.

Can I practice IT certification exams from Microsoft, AWS, or CompTIA?

Yes! ExamCademy supports a wide range of IT certification exams including Microsoft Azure, AWS Cloud Practitioner, and CompTIA A+ and Security+.

How accurate are the mock exams?

Our practice questions are community-created and moderator-reviewed to align with realistic exam objectives, style, and difficulty.

312-50v11 by EC-Council - Page 1 | ExamCademy

Mode Selection

Question 1

Question 2

Question 3

Your company performs penetration tests and security assessments for small and medium-sized business in the local area. During a routine security assessment, you discover information that suggests your client is involved with human trafficking.
What should you do?

A Confront the client in a respectful manner and ask her about the data.
B Copy the data to removable media and keep it in case you need it.
C Ignore the data and continue the assessment until completed as agreed.
D Immediately stop work and contact the proper legal authorities.

Question 4

While using your bank's online servicing you notice the following string in the URL bar:
http://www.MyPersonalBank.com/account?id=368940911028389&Damount=10980&Camount=21
You observe that if you modify the Damount & Camount values and submit the request, that data on the web page reflect the changes.
Which type of vulnerability is present on this site?

A Cookie Tampering
B SQL Injection
C Web Parameter Tampering
D XSS Reflection

Question 5

The establishment of a TCP connection involves a negotiation called three-way handshake. What type of message does the client send to the server in order to begin this negotiation?

A ACK
B SYN
C RST
D SYN-ACK

Question 6

Which type of security feature stops vehicles from crashing through the doors of a building?

A Bollards
B Receptionist
C Mantrap
D Turnstile

Question 7

The company ABC recently contracts a new accountant. The accountant will be working with the financial statements. Those financial statements need to be approved by the CFO and then they will be sent to the accountant but the CFO is worried because he wants to be sure that the information sent to the accountant was not modified once he approved it. Which of the following options can be useful to ensure the integrity of the data?

A The CFO can use a hash algorithm in the document once he approved the financial statements
B The CFO can use an excel file with a password
C The financial statements can be sent twice, one by email and the other delivered in USB and the accountant can compare both to be sure is the same document
D The document can be sent to the accountant using an exclusive USB for that document

Question 8

What is the purpose of a demilitarized zone on a network?

A To scan all traffic coming through the DMZ to the internal network
B To only provide direct access to the nodes within the DMZ and protect the network behind it
C To provide a place to put the honeypot
D To contain the network devices you wish to protect

Question 9

Which of the following Linux commands will resolve a domain name into IP address?

A
host-t a hackeddomain.com
B
host-t ns hackeddomain.com
C
host -t soa hackeddomain.com
D
host -t AXFR hackeddomain.com

Question 10

Shellshock allowed an unauthorized user to gain access to a server. It affected many Internet-facing services, which OS did it not directly affect?

A Linux
B Unix
C OS X
D Windows

Question 11

Which regulation defines security and privacy controls for Federal information systems and organizations?

A HIPAA
B EU Safe Harbor
C PCI-DSS
D NIST-800-53

Question 12

What is a Collision attack in cryptography?

A Collision attacks try to get the public key
B Collision attacks try to break the hash into three parts to get the plaintext value
C Collision attacks try to break the hash into two parts, with the same bytes in each part to get the private key
D Collision attacks try to find two inputs producing the same hash

Question 13

Which of the following programs is usually targeted at Microsoft Office products?

A Polymorphic virus
B Multipart virus
C Macro virus
D Stealth virus

Question 14

Which of the following tools can be used for passive OS fingerprinting?

A nmap
B tcpdump
C tracert
D ping

Question 15

Which of the following describes the characteristics of a Boot Sector Virus?

A Modifies directory table entries so that directory entries point to the virus code instead of the actual program.
B Moves the MBR to another location on the RAM and copies itself to the original location of the MBR.
C Moves the MBR to another location on the hard disk and copies itself to the original location of the MBR.
D Overwrites the original MBR and only executes the new virus code.

Question 16

Your company was hired by a small healthcare provider to perform a technical assessment on the network. What is the best approach for discovering vulnerabilities on a Windows-based computer?

A Use the built-in Windows Update tool
B Use a scan tool like Nessus
C Check MITRE.org for the latest list of CVE findings
D Create a disk image of a clean Windows installation

Question 17

Which of the following is a command line packet analyzer similar to GUI-based Wireshark?

A nessus
B tcpdump
C ethereal
D jack the ripper

Question 18

DHCP snooping is a great solution to prevent rogue DHCP servers on your network. Which security feature on switchers leverages the DHCP snooping database to help prevent man-in-the-middle attacks?

A Spanning tree
B Dynamic ARP Inspection (DAI)
C Port security
D Layer 2 Attack Prevention Protocol (LAPP)

Question 19

Bob, a network administrator at BigUniversity, realized that some students are connecting their notebooks in the wired network to have Internet access. In the university campus, there are many Ethernet ports available for professors and authorized visitors but not for students.
He identified this when the IDS alerted for malware activities in the network.
What should Bob do to avoid this problem?

A Disable unused ports in the switches
B Separate students in a different VLAN
C Use the 802.1x protocol
D Ask students to use the wireless network

Question 20

A company's policy requires employees to perform file transfers using protocols which encrypt traffic. You suspect some employees are still performing file transfers using unencrypted protocols because the employees do not like changes. You have positioned a network sniffer to capture traffic from the laptops used by employees in the data ingest department. Using Wireshark to examine the captured traffic, which command can be used as a display filter to find unencrypted file transfers?

A tcp.port = = 21
B tcp.port = 23
C tcp.port = = 21 | | tcp.port = =22
D tcp.port ! = 21

Question 21

You just set up a security system in your network. In what kind of system would you find the following string of characters used as a rule within its configuration?

Question 22

Which of the following program infects the system boot sector and the executable files at the same time?

A Polymorphic virus
B Stealth virus
C Multipartite Virus
D Macro virus

Question 23

To determine if a software program properly handles a wide range of invalid input, a form of automated testing can be used to randomly generate invalid input in an attempt to crash the program.
What term is commonly used when referring to this type of testing?

A Randomizing
B Bounding
C Mutating
D Fuzzing

Question 24

In an internal security audit, the white hat hacker gains control over a user account and attempts to acquire access to another account's confidential files and information. How can he achieve this?

A Privilege Escalation
B Shoulder-Surfing
C Hacking Active Directory
D Port Scanning

Question 25

An Intrusion Detection System (IDS) has alerted the network administrator to a possibly malicious sequence of packets sent to a Web server in the network's external DMZ. The packet traffic was captured by the IDS and saved to a PCAP file. What type of network tool can be used to determine if these packets are genuinely malicious or simply a false positive?

A Protocol analyzer
B Network sniffer
C Intrusion Prevention System (IPS)
D Vulnerability scanner

Page 1 of 16 • Questions 1-25 of 400

1 2 3 4 5

→

Know a question that should be here? Contribute to this exam

While performing online banking using a Web browser, a user receives an email that contains a link to an interesting Web site. When the user clicks on the link, another Web browser session starts and displays a video of cats playing a piano. The next business day, the user receives what looks like an email from his bank, indicating that his bank account has been accessed from a foreign country. The email asks the user to call his bank and verify the authorization of a funds transfer that took place. What Web browser-based security vulnerability was exploited to compromise the user?

A Clickjacking
B Cross-Site Scripting
C Cross-Site Request Forgery
D Web form input validation

Which is the first step followed by Vulnerability Scanners for scanning a network?

A OS Detection
B Firewall detection
C TCP/UDP Port scanning
D Checking if the remote host is alive

A A firewall IPTable
B FTP Server rule
C A Router IPTable
D An Intrusion Detection System

312-50v11Preview