New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

Newly Released ECCouncil 312-50v11 Exam PDF

Page: 30 / 39
Question 120

Identify the web application attack where the attackers exploit vulnerabilities in dynamically generated web pages to inject client-side script into web pages viewed by other users.

Options:

A.

LDAP Injection attack

B.

Cross-Site Scripting (XSS)

C.

SQL injection attack

D.

Cross-Site Request Forgery (CSRF)

Question 121

An attacker can employ many methods to perform social engineering against unsuspecting employees, including scareware.

What is the best example of a scareware attack?

Options:

A.

A pop-up appears to a user stating, "You have won a free cruise! Click here to claim your prize!"

B.

A banner appears to a user stating, "Your account has been locked. Click here to reset your password and unlock your account."

C.

A banner appears to a user stating, "Your Amazon order has been delayed. Click here to find out your new delivery date."

D.

A pop-up appears to a user stating, "Your computer may have been infected with spyware. Click here to install an anti-spyware tool to resolve this issue."

Question 122

Boney, a professional hacker, targets an organization for financial benefits. He performs an attack by sending his session ID using an MITM attack technique. Boney first obtains a valid session ID by logging into a service and later feeds the same session 10 to the target employee. The session ID links the target employee to Boneys account page without disclosing any information to the victim. When the target employee clicks on the link, all the sensitive payment details entered in a form are linked to Boneys account. What is the attack performed by Boney in the above scenario?

Options:

A.

Session donation attack

B.

Session fixation attack

C.

Forbidden attack

D.

CRIME attack

Question 123

You want to do an ICMP scan on a remote computer using hping2. What is the proper syntax?

Options:

A.

hping2 host.domain.com

B.

hping2 --set-ICMP host.domain.com

C.

hping2 -i host.domain.com

D.

hping2 -1 host.domain.com

Page: 30 / 39
Exam Code: 312-50v11
Exam Name: Certified Ethical Hacker Exam (CEH v11)
Last Update: Dec 22, 2024
Questions: 528
312-50v11 pdf

312-50v11 PDF

$25.5  $84.99
312-50v11 Engine

312-50v11 Testing Engine

$28.5  $94.99
312-50v11 PDF + Engine

312-50v11 PDF + Testing Engine

$40.5  $134.99