ExamGecko
Search Search Login
Home Home / ECCouncil / 312-50v12

ECCouncil 312-50v12 Practice Test - Questions Answers, Page 10

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

The "Gray-box testing" methodology enforces what kind of restriction?
A new wireless client is configured to join a 802.11 network. This client uses the same hardware and software as many of the other clients on the network. The client can see the network, but cannot connect. A wireless packet sniffer shows that the Wireless Access Point (WAP) is not responding to the association requests being sent by the wireless client. What is a possible source of this problem?
In an attempt to damage the reputation of a competitor organization, Hailey, a professional hacker, gathers a list of employee and client email addresses and other related information by using various search engines, social networking sites, and web spidering tools. In this process, she also uses an automated tool to gather a list of words from the target website to further perform a brute-force attack on the previously gathered email addresses. What is the tool used by Hailey for gathering a list of words from the target website?
Clark is a professional hacker. He created and configured multiple domains pointing to the same host to switch quickly between the domains and avoid detection. Identify the behavior of the adversary In the above scenario.
You are the Network Admin, and you get a complaint that some of the websites are no longer accessible. You try to ping the servers and find them to be reachable. Then you type the IP address and then you try on the browser, and find it to be accessible. But they are not accessible when you try using the URL. What may be the problem?
Which of the following types of SQL injection attacks extends the results returned by the original query, enabling attackers to run two or more statements if they have the same structure as the original one?
Upon establishing his new startup, Tom hired a cloud service provider (CSP) but was dissatisfied with their service and wanted to move to another CSP. What part of the contract might prevent him from doing so?
A pen tester is configuring a Windows laptop for a test. In setting up Wireshark, what river and library are required to allow the NIC to work in promiscuous mode?
A penetration tester was assigned to scan a large network range to find live hosts. The network is known for using strict TCP filtering rules on its firewall, which may obstruct common host discovery techniques. The tester needs a method that can bypass these firewall restrictions and accurately identify live systems. What host discovery technique should the tester use?
Attacker Rony Installed a rogue access point within an organization's perimeter and attempted to Intrude into its internal network. Johnson, a security auditor, identified some unusual traffic in the internal network that is aimed at cracking the authentication mechanism. He immediately turned off the targeted network and tested for any weak and outdated security mechanisms that are open to attack. What is the type of vulnerability assessment performed by Johnson in the above scenario?

Question 91

Report
Export
Collapse

What is the purpose of a demilitarized zone on a network?

A.
To scan all traffic coming through the DMZ to the internal network
A.
To scan all traffic coming through the DMZ to the internal network
Answers
B.
To only provide direct access to the nodes within the DMZ and protect the network behind it
B.
To only provide direct access to the nodes within the DMZ and protect the network behind it
Answers
C.
To provide a place to put the honeypot
C.
To provide a place to put the honeypot
Answers
D.
To contain the network devices you wish to protect
D.
To contain the network devices you wish to protect
Answers
Suggested answer: B

Question 92

Report
Export
Collapse

Which of the following Linux commands will resolve a domain name into IP address?

A.
>host-t a hackeddomain.com
A.
>host-t a hackeddomain.com
Answers
B.
>host-t ns hackeddomain.com
B.
>host-t ns hackeddomain.com
Answers
C.
>host -t soa hackeddomain.com
C.
>host -t soa hackeddomain.com
Answers
D.
>host -t AXFR hackeddomain.com
D.
>host -t AXFR hackeddomain.com
Answers
Suggested answer: A

Question 93

Report
Export
Collapse

Shellshock allowed an unauthorized user to gain access to a server. It affected many Internet-facing services, which OS did it not directly affect?

A.
Linux
A.
Linux
Answers
B.
Unix
B.
Unix
Answers
C.
OS X
C.
OS X
Answers
D.
Windows
D.
Windows
Answers
Suggested answer: D

Question 94

Report
Export
Collapse

Which regulation defines security and privacy controls for Federal information systems and organizations?

A.
HIPAA
A.
HIPAA
Answers
B.
EU Safe Harbor
B.
EU Safe Harbor
Answers
C.
PCI-DSS
C.
PCI-DSS
Answers
D.
NIST-800-53
D.
NIST-800-53
Answers
Suggested answer: D

Explanation:

NIST Special Publication 800-53 provides a catalog of security and privacy controls for all U.S. federal information systems except those related to national security. It is published by the National Institute of Standards and Technology, which is a non-regulatory agency of the United States Department of Commerce. NIST develops and issues standards, guidelines, and other publications to assist federal agencies in implementing the Federal Information Security

Modernization Act of 2014 (FISMA) and to help with managing cost-effective programs to protect their information and information systems.

Question 95

Report
Export
Collapse

What is a "Collision attack" in cryptography?

A.
Collision attacks try to get the public key
A.
Collision attacks try to get the public key
Answers
B.
Collision attacks try to break the hash into three parts to get the plaintext value
B.
Collision attacks try to break the hash into three parts to get the plaintext value
Answers
C.
Collision attacks try to break the hash into two parts, with the same bytes in each part to get the private key
C.
Collision attacks try to break the hash into two parts, with the same bytes in each part to get the private key
Answers
D.
Collision attacks try to find two inputs producing the same hash
D.
Collision attacks try to find two inputs producing the same hash
Answers
Suggested answer: D

Question 96

Report
Export
Collapse

Which of the following tools can be used for passive OS fingerprinting?

A.
nmap
A.
nmap
Answers
B.
tcpdump
B.
tcpdump
Answers
C.
tracert
C.
tracert
Answers
D.
ping
D.
ping
Answers
Suggested answer: B

Question 97

Report
Export
Collapse

Which of the following describes the characteristics of a Boot Sector Virus?

A.
Modifies directory table entries so that directory entries point to the virus code instead of the actual program.
A.
Modifies directory table entries so that directory entries point to the virus code instead of the actual program.
Answers
B.
Moves the MBR to another location on the RAM and copies itself to the original location of the MBR.
B.
Moves the MBR to another location on the RAM and copies itself to the original location of the MBR.
Answers
C.
Moves the MBR to another location on the hard disk and copies itself to the original location of the MBR.
C.
Moves the MBR to another location on the hard disk and copies itself to the original location of the MBR.
Answers
D.
Overwrites the original MBR and only executes the new virus code.
D.
Overwrites the original MBR and only executes the new virus code.
Answers
Suggested answer: C

Question 98

Report
Export
Collapse

Your company was hired by a small healthcare provider to perform a technical assessment on the network.

What is the best approach for discovering vulnerabilities on a Windows-based computer?

A.
Use the built-in Windows Update tool
A.
Use the built-in Windows Update tool
Answers
B.
Use a scan tool like Nessus
B.
Use a scan tool like Nessus
Answers
C.
Check MITRE.org for the latest list of CVE findings
C.
Check MITRE.org for the latest list of CVE findings
Answers
D.
Create a disk image of a clean Windows installation
D.
Create a disk image of a clean Windows installation
Answers
Suggested answer: B

Question 99

Report
Export
Collapse

Which of the following is a command line packet analyzer similar to GUI-based Wireshark?

A.
nessus
A.
nessus
Answers
B.
tcpdump
B.
tcpdump
Answers
C.
ethereal
C.
ethereal
Answers
D.
jack the ripper
D.
jack the ripper
Answers
Suggested answer: B

Explanation:

Tcpdump is a data-network packet analyzer computer program that runs under a command-line interface. It allows the user to display TCP/IP and other packets being transmitted or received over a network to which the computer is attached. Distributed under the BSD license, tcpdump is free software.

https://www.wireshark.org/

Wireshark is a free and open-source packet analyzer. It is used for network troubleshooting, analysis, software and communications protocol development, and education.

NOTE: Wireshark is very similar to tcpdump, but has a graphical front-end, plus some integrated sorting and filtering options.

Question 100

Report
Export
Collapse

DHCP snooping is a great solution to prevent rogue DHCP servers on your network. Which security feature on switchers leverages the DHCP snooping database to help prevent man-in-the-middle attacks?

A.
Spanning tree
A.
Spanning tree
Answers
B.
Dynamic ARP Inspection (DAI)
B.
Dynamic ARP Inspection (DAI)
Answers
C.
Port security
C.
Port security
Answers
D.
Layer 2 Attack Prevention Protocol (LAPP)
D.
Layer 2 Attack Prevention Protocol (LAPP)
Answers
Suggested answer: B

Explanation:

Dynamic ARP inspection (DAI) protects switching devices against Address Resolution Protocol (ARP) packet spoofing (also known as ARP poisoning or ARP cache poisoning).

DAI inspects ARPs on the LAN and uses the information in the DHCP snooping database on the switch to validate ARP packets and to protect against ARP spoofing. ARP requests and replies are compared against entries in the DHCP snooping database, and filtering decisions are made based on the results of those comparisons. When an attacker tries to use a forged ARP packet to spoof an address, the switch compares the address with entries in the database. If the media access control (MAC) address or IP address in the ARP packet does not match a valid entry in the DHCP snooping database, the packet is dropped.

Total 573 questions
Go to page: of 58
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms