Free Access ECCouncil.312-50v11.v2023-12-08.q217 Practice Test (Page 22)

Question 101

Suppose your company has just passed a security risk assessment exercise. The results display that the risk of the breach in the main company application is 50%. Security staff has taken some measures and implemented the necessary controls. After that, another security risk assessment was performed showing that risk has decreased to 10%. The risk threshold for the application is 20%. Which of the following risk decisions will be the best for the project in terms of its successful continuation with the most business profit?

A.Accept the risk

B.Avoid the risk

C.Introduce more controls to bring risk to 0%

D.Mitigate the risk

Question 102

Louis, a professional hacker, had used specialized tools or search engines to encrypt all his browsing activity and navigate anonymously to obtain sensitive/hidden information about official government or federal databases. After gathering the Information, he successfully performed an attack on the target government organization without being traced. Which of the following techniques is described in the above scenario?

A.Dark web footprinting

B.VoIP footpnnting

C.VPN footprinting

D.website footprinting

Question 103

Boney, a professional hacker, targets an organization for financial benefits. He performs an attack by sending his session ID using an MITM attack technique. Boney first obtains a valid session ID by logging into a service and later feeds the same session 10 to the target employee. The session ID links the target employee to Boneys account page without disclosing any information to the victim. When the target employee clicks on the link, all the sensitive payment details entered in a form are linked to Boneys account. What is the attack performed by Boney in the above scenario?

A.CRIME attack

B.Session donation attack

C.Forbidden attack

D.Session fixation attack

Question 104

After an audit, the auditors inform you that there is a critical finding that you must tackle immediately. You read the audit report, and the problem is the service running on port 389.
Which service is this and how can you tackle the problem?

A.The service is NTP, and you have to change it from UDP to TCP in order to encrypt it.

B.The service is LDAP. and you must change it to 636, which is LDAPS.

C.The service is SMTP, and you must change it to SMIME, which is an encrypted way to send emails.

D.The findings do not require immediate actions and are only suggestions.

Question 105

Calvin, a grey-hat hacker, targets a web application that has design flaws in its authentication mechanism. He enumerates usernames from the login form of the web application, which requests users to feed data and specifies the incorrect field in case of invalid credentials. Later, Calvin uses this information to perform social engineering.
Which of the following design flaws in the authentication mechanism is exploited by Calvin?

A.Password reset mechanism

B.Insecure transmission of credentials

C.User impersonation

D.Verbose failure messages

Other Version: 3293ECCouncil.312-50v11.v2023-06-20.q282; 3732ECCouncil.312-50v11.v2022-08-04.q101; 6809ECCouncil.312-50v11.v2022-05-26.q293; 37ECCouncil.Actualtestpdf.312-50v11.v2021-09-20.by.magee.214q.pdf

Latest Upload: 204PaloAltoNetworks.NGFW-Engineer.v2026-05-01.q43; 305Nokia.4A0-113.v2026-05-01.q69; 278EC-COUNCIL.312-49v11.v2026-04-30.q214; 230Microsoft.MB-820.v2026-04-30.q101; 213Salesforce.MC-202.v2026-04-30.q57; 208BICSI.INSTC_V8.v2026-04-29.q53; 340NMLS.MLO.v2026-04-28.q82; 245NCARB.Project-Management.v2026-04-28.q27; 466EMC.D-AV-DY-23.v2026-04-27.q184; 1127ServiceNow.CSA.v2026-04-27.q483

Question 101

Question 102

Question 103

Question 104

Question 105

Download PDF File