ECCouncil 312-50v9 - Certified Ethical Hacker Exam V9 Exam
Page: 2 / 25
Total 125 questions
Question #6 (Topic: )
Which of the following tools performs comprehensive tests against web servers, including
dangerous files and CGI's?
dangerous files and CGI's?
A. Snort
B. Dsniff
C. Nikto
D. John the Ripper
Answer: C
Question #7 (Topic: )
This asymmetry cipther is based on factoring the product of two large prime numbers.
What cipher is described above?
What cipher is described above?
A. SHA
B. RC5
C. RSA
D. MD5
Answer: C
Question #8 (Topic: )
Initiating an attack against targeted businesses and organizations, threat actors
compromise a carefully selected website byinserting an exploit resulting in malware
infection. The attackers run exploits on well-known and trusted sites likely to be visited by
their targeted victims. Aside from carefully choosing sites to compromise, these attacks are
known toincorporate zero-day exploits that target unpatched vulnerabilities. Thus, the
targeted entities are left with little or no defense against these exploits.
What type of attack is outlined in the scenario?
compromise a carefully selected website byinserting an exploit resulting in malware
infection. The attackers run exploits on well-known and trusted sites likely to be visited by
their targeted victims. Aside from carefully choosing sites to compromise, these attacks are
known toincorporate zero-day exploits that target unpatched vulnerabilities. Thus, the
targeted entities are left with little or no defense against these exploits.
What type of attack is outlined in the scenario?
A. Watering Hole Attack
B. Spear Phising Attack
C. Heartbleed Attack
D. Shellshock Attack
Answer: A
Question #9 (Topic: )
Nation-state threat actors often discover vulnerabilitiesand hold on to them until they want
to launch a sophisticated attack. The Stuxnet attack was an unprecedented style of attack
because it used four types of this vulnerability.
What is this style of attack called?
to launch a sophisticated attack. The Stuxnet attack was an unprecedented style of attack
because it used four types of this vulnerability.
What is this style of attack called?
A. zero-hour
B. no-day
C. zero-day
D. zero-sum
Answer: C
Question #10 (Topic: )
A penetration tester is conducting a port scan on a specific host. The tester found several
ports opened that were confusing inconcluding the Operating System (OS) version
installed. Considering the NMAP result below, which of the follow is likely to be installed on
the target machine by the OS? Starting NMAP 5.21 at 2011-03-15 11:06 NMAP scan report
for 172.16.40.65 Host is up (1.00s latency). Not shown: 993 closed ports PORT STATE
SERVICE 21/tcp open ftp 23/tcp open telnet 80 /tcp open http 139/tcp open netbios-ssn
515/tcp open 631/tec open ipp 9100/tcp open MAC Address: 00:00:48:0D:EE:8
ports opened that were confusing inconcluding the Operating System (OS) version
installed. Considering the NMAP result below, which of the follow is likely to be installed on
the target machine by the OS? Starting NMAP 5.21 at 2011-03-15 11:06 NMAP scan report
for 172.16.40.65 Host is up (1.00s latency). Not shown: 993 closed ports PORT STATE
SERVICE 21/tcp open ftp 23/tcp open telnet 80 /tcp open http 139/tcp open netbios-ssn
515/tcp open 631/tec open ipp 9100/tcp open MAC Address: 00:00:48:0D:EE:8
A. The host is likely a printer.
B. The host is likely a router.
C. The host is likely a Linux machine.
D. The host is likely a Windows machine.
Answer: A
