1. Home
  2. NetApp
  3. 312-50V8

Certified Ethical Hacker v8

Exam Details

  • Exam Code
    :312-50V8
  • Exam Name
    :Certified Ethical Hacker v8
  • Certification
    :New Release
  • Vendor
    :NetApp
  • Total Questions
    :1008 Q&As
  • Last Updated
    :May 13, 2024

NetApp New Release 312-50V8 Questions & Answers

  • Question 41:

    Jim is having no luck performing a penetration test in XYZ's network. He is running the tests from home and has downloaded every security scanner that he could lay his hands on. Despite knowing the IP range of all the systems, and the exact network configuration, Jim is unable to get any useful results.

    Why is Jim having these problems?

    A. Security scanners are not designed to do testing through a firewall.

    B. Security scanners cannot perform vulnerability linkage.

    C. Security scanners are only as smart as their database and cannot find unpublished vulnerabilities.

    D. All of the above.

  • Question 42:

    Scanning for services is an easy job for Bob as there are so many tools available from the Internet. In order for him to check the vulnerability of XYZ, he went through a few scanners that are currently available. Here are the scanners that he uses:

    1.

    Axent's NetRecon (http://www.axent.com)

    2.

    SARA, by Advanced Research Organization (http://www-arc.com/sara)

    3.

    VLAD the Scanner, by Razor (http://razor.bindview.com/tools/)

    However, there are many other alternative ways to make sure that the services that have been scanned

    will be more accurate and detailed for Bob.

    What would be the best method to accurately identify the services running on a victim host?

    A. Using Cheops-ng to identify the devices ofXYZ.

    B. Using the manual method of telnet to each of the open ports ofXYZ.

    C. Using a vulnerability scanner to try to probe each port to verify or figure out which service is running forXYZ.

    D. Using the default port and OS to make a best guess of what services are running on each port forXYZ.

  • Question 43:

    Bob is a very security conscious computer user. He plans to test a site that is known to have malicious applets, code, and more. Bob always make use of a basic Web Browser to perform such testing.

    Which of the following web browser can adequately fill this purpose?

    A. Internet Explorer

    B. Mozila

    C. Lynx

    D. Tiger

  • Question 44:

    Clive has been hired to perform a Black-Box test by one of his clients.

    How much information will Clive obtain from the client before commencing his test?

    A. IP Range,OS,and patches installed.

    B. Only the IP address range.

    C. Nothing but corporate name.

    D. All that is available from the client site.

  • Question 45:

    Which of the following statements best describes the term Vulnerability?

    A. A weakness or error that can lead to a compromise

    B. An agent that has the potential to take advantage of a weakness

    C. An action or event that might prejudice security

    D. The loss potential of a threat.

  • Question 46:

    This packet was taken from a packet sniffer that monitors a Web server.

    This packet was originally 1514 bytes long, but only the first 512 bytes are shown here.

    This is the standard hexdump representation of a network packet, before being decoded. A hexdump has three columns: the offset of each line, the hexadecimal data, and the ASCII equivalent. This packet contains a 14-byte Ethernet header, a 20-byte IP header, a 20-byte TCP header, an HTTP header ending in two line- feeds (0D 0A 0D 0A) and then the data.

    By examining the packet identify the name and version of the Web server?

    A. Apache 1.2

    B. IIS 4.0

    C. IIS 5.0

    D. Linux WServer 2.3

  • Question 47:

    This kind of attack will let you assume a users identity at a dynamically generated web page or site:

    A. SQL Injection

    B. Cross Site Scripting

    C. Session Hijacking

    D. Zone Transfer

  • Question 48:

    ____________ will let you assume a users identity at a dynamically generated web page or site.

    A. SQL attack

    B. Injection attack

    C. Cross site scripting

    D. The shell attack

    E. Winzapper

  • Question 49:

    What is Form Scalpel used for?

    A. Dissecting HTML Forms

    B. Dissecting SQL Forms

    C. Analysis of Access Database Forms

    D. Troubleshooting Netscape Navigator

    E. Quatro Pro Analysis Tool

  • Question 50:

    Bubba has just accessed he preferred ecommerce web site and has spotted an item that he would like to buy. Bubba considers the price a bit too steep. He looks at the source code of the webpage and decides to save the page locally, so that he can modify the page variables. In the context of web application security, what do you think Bubba has changes?

    A. A hidden form field value.

    B. A hidden price value.

    C. An integer variable.

    D. A page cannot be changed locally,as it is served by a web server.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only NetApp exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-50V8 exam preparations and NetApp certification application, do not hesitate to visit our Vcedump.com to find your solutions here.