Online Access Free ECCouncil.312-50v11.v2022-10-19.q182 Practice Test (Page 26)

312-50v11 Exam Question 121

John, a security analyst working for an organization, found a critical vulnerability on the organization's LAN that allows him to view financial and personal information about the rest of the employees. Before reporting the vulnerability, he examines the information shown by the vulnerability for two days without disclosing any information to third parties or other internal employees. He does so out of curiosity about the other employees and may take advantage of this information later. What would John be considered as?

A.Black hat

B.Acybercriminal

C.White hat

D.Gray hat

312-50v11 Exam Question 122

Calvin, a software developer, uses a feature that helps him auto-generate the content of a web page without manual involvement and is integrated with SSI directives. This leads to a vulnerability in the developed web application as this feature accepts remote user inputs and uses them on the page. Hackers can exploit this feature and pass malicious SSI directives as input values to perform malicious activities such as modifying and erasing server files. What is the type of injection attack Calvin's web application is susceptible to?

A.Server-side JS injection

B.Server-side includes injection

C.CRLF injection

D.Server-side template injection

312-50v11 Exam Question 123

An attacker runs netcat tool to transfer a secret file between two hosts.

He is worried about information being sniffed on the network.
How would the attacker use netcat to encrypt the information before transmitting onto the wire?

A.Machine A: netcat -l -p -s password 1234 < testfileMachine B: netcat <machine A IP> 1234

B.Machine A: netcat -l -p 1234 < testfile -pw passwordMachine B: netcat <machine A IP> 1234 -pw password

C.Machine A: netcat -l -e magickey -p 1234 < testfileMachine B: netcat <machine A IP> 1234

D.Use cryptcat instead of netcat

312-50v11 Exam Question 124

Which rootkit is characterized by its function of adding code and/or replacing some of the operating-system kernel code to obscure a backdoor on a system?

A.Kernel-level rootkit

B.Library-level rootkit

C.Hypervisor-level rootkit

D.User-mode rootkit

312-50v11 Exam Question 125

Harry. a professional hacker, targets the IT infrastructure of an organization. After preparing for the attack, he attempts to enter the target network using techniques such as sending spear-phishing emails and exploiting vulnerabilities on publicly available servers. Using these techniques, he successfully deployed malware on the target system to establish an outbound connection. What is the APT lifecycle phase that Harry is currently executing?

A.Preparation

B.Cleanup

C.Persistence

D.initial intrusion

Correct Answer: D

After the attacker completes preparations, subsequent step is an effort to realize an edge within the target's environment. a particularly common entry tactic is that the use of spearphishing emails containing an internet link or attachment. Email links usually cause sites where the target's browser and related software are subjected to varied exploit techniques or where the APT actors plan to social engineer information from the victim which will be used later. If a successful exploit takes place, it installs an initial malware payload on the victim's computer. Figure 2 illustrates an example of a spearphishing email that contains an attachment. Attachments are usually executable malware, a zipper or other archive containing malware, or a malicious Office or Adobe PDF (Portable Document Format) document that exploits vulnerabilities within the victim's applications to ultimately execute malware on the victim's computer. Once the user has opened a malicious file using vulnerable software, malware is executing on the target system. These phishing emails are often very convincing and difficult to differentiate from legitimate email messages. Tactics to extend their believability include modifying legitimate documents from or associated with the organization. Documents are sometimes stolen from the organization or their collaborators during previous exploitation operations. Actors modify the documents by adding exploits and malicious code then send them to the victims. Phishing emails are commonly sent through previously compromised email servers, email accounts at organizations associated with the target or public email services. Emails also can be sent through mail relays with modified email headers to form the messages appear to possess originated from legitimate sources. Exploitation of vulnerabilities on public-facing servers is another favorite technique of some APT groups. Though this will be accomplished using exploits for known vulnerabilities, 0-days are often developed or purchased to be used in intrusions as required .

Other Version: 1278ECCouncil.312-50v11.v2024-04-29.q284; 124ECCouncil.Pass4surecert.312-50v11.v2022-04-01.by.julius.198q.pdf; 6318ECCouncil.312-50v11.v2022-03-17.q198; 2869ECCouncil.312-50v11.v2021-11-17.q136; 43ECCouncil.Updatedumps.312-50v11.v2021-09-16.by.gene.138q.pdf

Latest Upload: 172CompTIA.220-1202.v2026-06-16.q110; 124TheInstitutes.CPCU-500.v2026-06-16.q25; 175ACAMS.CAMS7-CN.v2026-06-16.q170; 188CBIC.CIC.v2026-06-15.q123; 133Peoplecert.ITIL-4-Specialist-High-velocity-IT.v2026-06-15.q16; 227HashiCorp.Terraform-Associate-004.v2026-06-15.q126; 133Peoplecert.ITILFNDv5.v2026-06-15.q26; 133Workday.Workday-Pro-HCM-Reporting.v2026-06-15.q28; 135Fortinet.NSE5_SSE_AD-7.6.v2026-06-15.q17; 348PMI.PMI-ACP.v2026-06-15.q523

312-50v11 Exam Question 121

312-50v11 Exam Question 122

312-50v11 Exam Question 123

312-50v11 Exam Question 124

312-50v11 Exam Question 125

Download PDF File