CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. 312-50v11

Free 312-50v11 Exam Braindumps (page: 6)

Page 6 of 127
PDF with 528 Questions

Scenario:
1. Victim opens the attacker’s web site.
2. Attacker sets up a web site which contains interesting and attractive content like ‘Do you want to make$1000 in a day?’.
3. Victim clicks to the interesting and attractive content URL.
4. Attacker creates a transparent ‘iframe’ in front of the URL which the victim attempts to click, so the victim thinks that he/she clicks on the ‘Do you want to make $1000 in a day?’ URL but actually he/she clicks on the content or URL that exists in the transparent 'iframe' which is setup by the attacker.

What is the name of the attack which is mentioned in the scenario?

  1. Session Fixation
  2. HTML Injection
  3. HTTP Parameter Pollution
  4. Clickjacking Attack

Answer(s): D



A network administrator discovers several unknown files in the root directory of his Linux FTP server. One of the files is a tarball, two are shell script files, and the third is a binary file is named “nc.” The FTP server’s access logs show that the anonymous user account logged in to the server, uploaded the files, and extracted the contents of the tarball and ran the script using a function provided by the FTP server’s software. The ps command shows that the nc file is running as process, and the netstat command shows the nc process is listening on a network port.

What kind of vulnerability must be present to make this remote attack possible?

  1. File system permissions
  2. Privilege escalation
  3. Directory traversal
  4. Brute force login

Answer(s): A



Which of the following programming languages is most susceptible to buffer overflow attacks, due to its lack of a built-in bounds checking mechanism?

Code:
#include <string.h>intmain(){____________char buffer[8];
strcpy(buffer, ““11111111111111111111111111111””);} Output: Segmentation fault

  1. C#
  2. Python
  3. Java
  4. C++

Answer(s): D



Internet Protocol Security IPsec is actually a suite pf protocols. Each protocol within the suite provides different functionality. Collective IPsec does everything except.

  1. Protect the payload and the headers
  2. Encrypt
  3. Work at the Data Link Layer
  4. Authenticate

Answer(s): C

Explanation:

https://en.wikipedia.org/wiki/IPsec Usage of IPsec Authentication Header format in Tunnel and Transport modes






Post your Comments and Discuss EC-Council 312-50v11 exam with other Community members:

312-50v11 Exam Discussions & Posts