New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

CEH v11 312-50v11 Dumps PDF

Page: 38 / 39
Question 152

A group of hackers were roaming around a bank office building in a city, driving a luxury car. They were using hacking tools on their laptop with the intention to find a free-access wireless network. What is this hacking process known as?

Options:

A.

GPS mapping

B.

Spectrum analysis

C.

Wardriving

D.

Wireless sniffing

Question 153

At what stage of the cyber kill chain theory model does data exfiltration occur?

Options:

A.

Actions on objectives

B.

Weaponization

C.

installation

D.

Command and control

Question 154

When configuring wireless on his home router, Javik disables SSID broadcast. He leaves authentication “open” but sets the SSID to a 32-character string of random letters and numbers.

What is an accurate assessment of this scenario from a security perspective?

Options:

A.

Since the SSID is required in order to connect, the 32-character string is sufficient to prevent brute-force attacks.

B.

Disabling SSID broadcast prevents 802.11 beacons from being transmitted from the access point, resulting in a valid setup leveraging “security through obscurity”.

C.

It is still possible for a hacker to connect to the network after sniffing the SSID from a successful wireless association.

D.

Javik’s router is still vulnerable to wireless hacking attempts because the SSID broadcast setting can be enabled using a specially crafted packet sent to the hardware address of the access point.

Question 155

Calvin, a software developer, uses a feature that helps him auto-generate the content of a web page without manual involvement and is integrated with SSI directives. This leads to a vulnerability in the developed web application as this feature accepts remote user inputs and uses them on the page. Hackers can exploit this feature and pass malicious SSI directives as input values to perform malicious activities such as modifying and erasing server files. What is the type of injection attack Calvin's web application is susceptible to?

Options:

A.

Server-side template injection

B.

Server-side JS injection

C.

CRLF injection

D.

Server-side includes injection

Page: 38 / 39
Exam Code: 312-50v11
Exam Name: Certified Ethical Hacker Exam (CEH v11)
Last Update: Dec 22, 2024
Questions: 528
312-50v11 pdf

312-50v11 PDF

$25.5  $84.99
312-50v11 Engine

312-50v11 Testing Engine

$28.5  $94.99
312-50v11 PDF + Engine

312-50v11 PDF + Testing Engine

$40.5  $134.99