New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

Last Attempt 312-50v12 Questions

Page: 33 / 42
Question 132

What term describes the amount of risk that remains after the vulnerabilities are classified and the countermeasures have been deployed?

Options:

A.

Residual risk

B.

Impact risk

C.

Deferred risk

D.

Inherent risk

Question 133

You just set up a security system in your network. In what kind of system would you find the following string of characters used as a rule within its configuration? alert tcp any any -> 192.168.100.0/24 21 (msg: ““FTP on the network!””;)

Options:

A.

A firewall IPTable

B.

FTP Server rule

C.

A Router IPTable

D.

An Intrusion Detection System

Question 134

A large mobile telephony and data network operator has a data center that houses network elements. These are essentially large computers running on Linux. The perimeter of the data center is secured with firewalls and IPS systems.

What is the best security policy concerning this setup?

Options:

A.

Network elements must be hardened with user ids and strong passwords. Regular security tests and audits should be performed.

B.

As long as the physical access to the network elements is restricted, there is no need for additional measures.

C.

There is no need for specific security measures on the network elements as long as firewalls and IPS systems exist.

D.

The operator knows that attacks and down time are inevitable and should have a backup site.

Question 135

You are tasked to perform a penetration test. While you are performing information gathering, you find an employee list in Google. You find the receptionist’s email, and you send her an email changing the source email to her boss’s email (boss@company). In this email, you ask for a pdf with information. She reads your email and sends back a pdf with links. You exchange the pdf links with your malicious links (these links contain malware) and send back the modified pdf, saying that the links don’t work. She reads your email, opens the links, and her machine gets infected. You now have access to the company network. What testing method did you use?

Options:

A.

Social engineering

B.

Piggybacking

C.

Tailgating

D.

Eavesdropping

Page: 33 / 42
Exam Code: 312-50v12
Exam Name: Certified Ethical Hacker Exam (CEHv12)
Last Update: Dec 22, 2024
Questions: 572
312-50v12 pdf

312-50v12 PDF

$25.5  $84.99
312-50v12 Engine

312-50v12 Testing Engine

$28.5  $94.99
312-50v12 PDF + Engine

312-50v12 PDF + Testing Engine

$40.5  $134.99