Certbus > EC-COUNCIL > Certified Ethical Hacker > 312-50V7 > 312-50V7 Online Practice Questions and Answers

312-50V7 Online Practice Questions and Answers

Questions 4

In Trojan terminology, what is a covert channel?

A. A channel that transfers information within a computer system or network in a way that violates the security policy

B. A legitimate communication path within a computer system or network for transfer of data

C. It is a kernel operation that hides boot processes and services to mask detection

D. It is Reverse tunneling technique that uses HTTPS protocol instead of HTTP protocol to establish connections

Browse 514 Q&As
Questions 5

Which method can provide a better return on IT security investment and provide a thorough and comprehensive assessment of organizational security covering policy, procedure design, and implementation?

A. Penetration testing

B. Social engineering

C. Vulnerability scanning

D. Access control list reviews

Browse 514 Q&As
Questions 6

A security administrator notices that the log file of the company`s webserver contains suspicious entries:

Based on source code analysis, the analyst concludes that the login.php script is vulnerable to

A. command injection.

B. SQL injection.

C. directory traversal.

D. LDAP injection.

Browse 514 Q&As
Questions 7

Which of the following items is unique to the N-tier architecture method of designing software applications?

A. Application layers can be separated, allowing each layer to be upgraded independently from other layers.

B. It is compatible with various databases including Access, Oracle, and SQL.

C. Data security is tied into each layer and must be updated for all layers when any upgrade is performed.

D. Application layers can be written in C, ASP.NET, or Delphi without any performance loss.

Browse 514 Q&As
Questions 8

What is the best defense against privilege escalation vulnerability?

A. Patch systems regularly and upgrade interactive login privileges at the system administrator level.

B. Run administrator and applications on least privileges and use a content registry for tracking.

C. Run services with least privileged accounts and implement multi-factor authentication and authorization.

D. Review user roles and administrator privileges for maximum utilization of automation services.

Browse 514 Q&As
Questions 9

When analyzing the IDS logs, the system administrator notices connections from outside of the LAN have been sending packets where the Source IP address and Destination IP address are the same. There have been no alerts sent via email or logged in the IDS. Which type of an alert is this?

A. False positive

B. False negative

C. True positive

D. True negative

Browse 514 Q&As
Questions 10

A hacker is attempting to see which IP addresses are currently active on a network. Which NMAP switch would the hacker use?

A. -sO

B. -sP

C. -sS

D. -sU

Browse 514 Q&As
Questions 11

At a Windows Server command prompt, which command could be used to list the running services?

A. Sc query type= running

B. Sc query \\servername

C. Sc query

D. Sc config

Browse 514 Q&As
Exam Code: 312-50V7
Exam Name: Ethical Hacking and Countermeasures (CEHv7)
Last Update: Mar 19, 2025
Questions: 514 Q&As

PDF

$49.99

VCE

$55.99

PDF + VCE

$65.99