Master the 312-50v9 EC-Council Certified Ethical Hacker v9 content and be ready for exam day success quickly with this Actualtests 312-50v9 practice exam. We guarantee it!We make it a reality and give you real 312-50v9 questions in our EC-Council 312-50v9 braindumps.Latest 100% VALID EC-Council 312-50v9 Exam Questions Dumps at below page. You can use our EC-Council 312-50v9 braindumps and pass your exam.

Q31. Which of the following is not a Bluetooth attack?

A. Bluejacking

B. Bluedriving

C. Bluesnarfing

D. Bluesmaking

Answer: B

Q32. You are usingNMAP to resolve domain names into IP addresses for a ping sweep later. Which of the following commands looks for IP addresses?

A. >host –t ns

B. >host –t AXFR

C. >host –t soa

D. >host –t a

Answer: D

Q33. env x= ‘(){ :;};echo exploit ‘ bash –c ‘cat/etc/passwd

What is the Shellshock bash vulnerability attempting to do on an vulnerable Linux host?

A. Add new user to the passwd file

B. Display passwd contents to prompt

C. Change all password in passwd

D. Remove the passwd file.

Answer: B

Q34. Which of the followingtypes of firewalls ensures that the packets are part of the established session?

A. Switch-level firewall

B. Stateful inspection firewall

C. Application-level firewall

D. Circuit-level firewall

Answer: B

Q35. You are a Network Security Officer. You have two machines. The first machine ( has snort installed, and the second machine ( has kiwi syslog installed. You perform a syn scan in your network, and you notice that kiwi syslog is not receiving the alert message from snort. You decide to run wireshark in the snort machine to check if the messages are going to the kiwi syslog machine.

What wireshark filter will show the connections from the snort machineto kiwi syslog machine?

A. tcp.dstport==514 && ip.dst== B. tcp.dstport==514 &&ip.dst== C. tcp.srcport==514 && ip.src== D. tcp.srcport==514 && ip.src==192.168.150

Answer: A

Q36. You are tasked to perform a penetration test. While you are performinginformation gathering, you find ab employee list in Google. You find receptionist’s email, and you send her an email changing the source email to her boss’s email ( boss@company ). In this email, you ask for a pdf with information. She reads your email and sends back a pdf with links. You exchange the pdf links with your malicious links (these links contain malware) and send back the modified pdf, saying that the links don’t work. She reads your email, opens the links, and her machine gets infected.

What testing method did you use?

A. Piggybacking

B. Tailgating

C. Evesdropping

D. Social engineering

Answer: D

Q37. What does a firewall check to prevent particularports and applications from getting packets into an organizations?

A. Transport layer port numbers and application layer headers

B. Network layer headers and the session layer port numbers

C. Application layer port numbers and the transport layer headers

D. Presentation layer headers and the session layer port numbers

Answer: A

Q38. Jimmy is standing outside a secure entrance to a facility. He is pretending to having a tense conversation on his cell phone as an authorized employee badges in. Jimmy, while still on the phone, grabs the door as it beginsto close.

What just happened?

A. Masquading

B. Phishing

C. Whaling

D. Piggybacking

Answer: D

Q39. An attacker changes the profile information of a particular user on a target website (the victim). The attacker uses this string to update the victim's profile to a text file and then submit the data to the attacker’s database.

<frame src=http://www/ Style=”display:none”></iframe> What is this type of attack (that can use either HTTP GET or HRRP POST) called?

A. Cross-Site Request Forgery

B. Cross-Site Scripting

C. SQL Injection

D. Browser Hacking

Answer: A

Q40. Which of the following statements regarding ethical hacking is incorrect?

A. Testing should be remotely performed offsite.

B. Ethical hackers should never use tools that have potential of exploiting vulnerabilities in the

organizations IT system.

C. Ethical hacking should not involve writing to or modifying the target systems.

D. An organization should use ethical hackers who do not sell hardware/software or other consulting services.

Answer: B