Big 11.11 Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: simple70

Discussions
  1. Home
  2. ECCouncil
  3. Certified Ethical Hacker
  4. 312-50
  5. Certified Ethical Hacker Exam Questions and Answers

Pass the ECCouncil Certified Ethical Hacker 312-50 Questions and answers with ValidTests

Exam 312-50 All Questions
Exam 312-50 Premium Access

View all detail and faqs for the 312-50 exam

Go to Exam
Viewing page 1 out of 13 pages
Viewing questions 1-10 out of questions
Questions # 1:

A consultant has been hired by the V.P. of a large financial organization to assess the company's security posture. During the security testing, the consultant comes across child pornography on the V.P.'s computer. What is the consultant's obligation to the financial organization?

Options:

A.

Say nothing and continue with the security testing.

B.

Stop work immediately and contact the authorities.

C.

Delete the pornography, say nothing, and continue security testing.

D.

Bring the discovery to the financial organization's human resource department.

Expert Solution
Questions # 2:

In an internal security audit, the white hat hacker gains control over a user account and attempts to acquire access to another account's confidential files and information. How can he achieve this?

Options:

A.

Port Scanning

B.

Hacking Active Directory

C.

Privilege Escalation

D.

Shoulder-Surfing

Expert Solution
Questions # 3:

Which initial procedure should an ethical hacker perform after being brought into an organization?

Options:

A.

Begin security testing.

B.

Turn over deliverables.

C.

Sign a formal contract with non-disclosure.

D.

Assess what the organization is trying to protect.

Expert Solution
Questions # 4:

A computer technician is using a new version of a word processing software package when it is discovered that a special sequence of characters causes the entire computer to crash. The technician researches the bug and discovers that no one else experienced the problem. What is the appropriate next step?

Options:

A.

Ignore the problem completely and let someone else deal with it.

B.

Create a document that will crash the computer when opened and send it to friends.

C.

Find an underground bulletin board and attempt to sell the bug to the highest bidder.

D.

Notify the vendor of the bug and do not disclose it until the vendor gets a chance to issue a fix.

Expert Solution
Questions # 5:

A certified ethical hacker (CEH) completed a penetration test of the main headquarters of a company almost two months ago, but has yet to get paid. The customer is suffering from financial problems, and the CEH is worried that the company will go out of business and end up not paying. What actions should the CEH take?

Options:

A.

Threaten to publish the penetration test results if not paid.

B.

Follow proper legal procedures against the company to request payment.

C.

Tell other customers of the financial problems with payments from this company.

D.

Exploit some of the vulnerabilities found on the company webserver to deface it.

Expert Solution
Questions # 6:

A certified ethical hacker (CEH) is approached by a friend who believes her husband is cheating. She offers to pay to break into her husband's email account in order to find proof so she can take him to court. What is the ethical response?

Options:

A.

Say no; the friend is not the owner of the account.

B.

Say yes; the friend needs help to gather evidence.

C.

Say yes; do the job for free.

D.

Say no; make sure that the friend knows the risk she’s asking the CEH to take.

Expert Solution
Questions # 7:

An ethical hacker for a large security research firm performs penetration tests, vulnerability tests, and risk assessments. A friend recently started a company and asks the hacker to perform a penetration test and vulnerability assessment of the new company as a favor. What should the hacker's next step be before starting work on this job?

Options:

A.

Start by foot printing the network and mapping out a plan of attack.

B.

Ask the employer for authorization to perform the work outside the company.

C.

Begin the reconnaissance phase with passive information gathering and then move into active information gathering.

D.

Use social engineering techniques on the friend's employees to help identify areas that may be susceptible to attack.

Expert Solution
Questions # 8:

Which of the following is a symmetric cryptographic standard?

Options:

A.

DSA

B.

PKI

C.

RSA

D.

3DES

Expert Solution
Questions # 9:

Which of the following cryptography attack methods is usually performed without the use of a computer?

Options:

A.

Ciphertext-only attack

B.

Chosen key attack

C.

Rubber hose attack

D.

Rainbow table attack

Expert Solution
Questions # 10:

During a penetration test, a tester finds a target that is running MS SQL 2000 with default credentials. The tester assumes that the service is running with Local System account. How can this weakness be exploited to access the system?

Options:

A.

Using the Metasploit psexec module setting the SA / Admin credential

B.

Invoking the stored procedure xp_shell to spawn a Windows command shell

C.

Invoking the stored procedure cmd_shell to spawn a Windows command shell

D.

Invoking the stored procedure xp_cmdshell to spawn a Windows command shell

Expert Solution
Viewing page 1 out of 13 pages
Viewing questions 1-10 out of questions