We provide real 312-50v9 exam questions and answers braindumps in two formats. Download PDF & Practice Tests. Pass EC-Council 312-50v9 Exam quickly & easily. The 312-50v9 PDF type is available for reading and printing. You can print more and practice many times. With the help of our EC-Council 312-50v9 dumps pdf and vce product and material, you can easily pass the 312-50v9 exam.

Q11. You are performing a penetration test. You achieved access via a bufferoverflow exploit and you proceed to find interesting data, such as files with usernames and passwords. You find a hidden folder that has the administrator’s bank account password and login information for the administrator’s bitcoin account.

What should you do?

A. Do not transfer the money but steal the bitcoins.

B. Report immediately to the administrator.

A. C. Transfer money from the administrator’s account to another account.

D. Do not report it and continue the penetration test.

Answer: B


Q12. A Regional bank hires your company to perform a security assessment on their network after a recent data breach. The attacker was able to steal financial data from the bank by compromising only a single server.

Based on this information, what should be one of your key recommendations to the bank?

A. Move the financial data to another server on the same IP subnet

B. Place a front-end web server in a demilitarized zone that only handles external web traffic

C. Issue new certificates to the web servers from the root certificate authority

D. Require all employees to change their passwords immediately

Answer: A


Q13. Which of the following is the BEST way to defend against network sniffing?

A. Using encryption protocols to secure network communications

B. Restrict Physical Access to Server Rooms hosting Critical Servers

C. Use Static IP Address

D. Register all machines MAC Address in a centralized Database

Answer: A


Q14. The “Gray box testing” methodology enforces what kind of restriction?

A. Only the external operation of a system is accessible to the tester.

B. Only the internal operation of a system is known to the tester.

C. The internal operation of a system is completely known to the tester.

D. The internal operation of a system is only partly accessible to the tester.

Answer: D


Q15. Which of the following isthe greatest threat posed by backups?

A. An un-encrypted backup can be misplaced or stolen

B. A back is incomplete because no verification was performed.

C. A backup is the source of Malware or illicit information.

D. A backup is unavailable duringdisaster recovery.

Answer: A


Q16. Which of the following is component of a risk assessment?

A. Logical interface

B. DMZ

C. Administrative safeguards

D. Physical security

Answer: C


Q17. While performing online banking using a web browser, a user receives an email that contains alink to an interesting Web site. When the user clicks on the link, another web browser session starts and displays a video of cats playing a piano. The next business day, the user receives what looks like an email from his bank, indicating that his bank account has been accessed from a foreign country. The email asks the user to call his bank and verify the authorization of a funds transfer that took place.

What web browser-based security vulnerability was exploited to compromise the user?

A. Cross-Site Request Forgery

B. Cross-Site Scripting

C. Web form input validation

D. Clickjacking

Answer: A


Q18. A hacker has successfully infected an internet-facing server, which he will then use to send junk mail, take part incoordinated attacks, or host junk email content.

Which sort of trojan infects this server?

A. Botnet Trojan

B. Banking Trojans

C. Ransomware Trojans

D. Turtle Trojans

Answer: A


Q19. An incident investigator asks to receive a copy of the event from all firewalls, prosy servers, and Intrusion Detection Systems (IDS) on the network of an organization that has experienced a possible breach of security. When the investigator attempts to correlate the information in all of the logs the sequence of many of the logged events do not match up.

What is the most likely cause?

A. The network devices are not all synchronized

B. The securitybreach was a false positive.

C. The attack altered or erased events from the logs.

D. Proper chain of custody was not observed while collecting the logs.

Answer: C


Q20. Which of these options is the most secure procedure for strong backup tapes?

A. In a climate controlled facility offsite

B. Inside the data center for faster retrieval in afireproof safe

C. In a cool dry environment

D. On a different floor in the same building

Answer: A