Home / ECCouncil / 312-50v12

ECCouncil 312-50v12 Practice Test - Questions Answers, Page 12

Question list

List of questions

Question 111

(0)

Bob, a system administrator at TPNQM SA, concluded one day that a DMZ is not needed if he properly configures the firewall to allow access just to servers/ports, which can have direct internet acces

Question 112

(0)

Bob is acknowledged as a hacker of repute and is popular among visitors of "underground" sites. Bob is willing to share his knowledge with those who are willing to learn, and many have expressed th

Question 113

(0)

Peter extracts the SIDs list from Windows 2000 Server machine using the hacking tool "SIDExtractor". Here is the output of the SIDs: From the above list identify the user account with System Adm

Question 114

(0)

Which address translation scheme would allow a single public IP address to always correspond to a single machine on an internal network, allowing "server publishing"?

Question 115

(0)

What is the following command used for? net use \targetipc$ "" /u:""

Question 116

(0)

What is the proper response for a NULL scan if the port is closed?

Question 117

(0)

One of your team members has asked you to analyze the following SOA record. What is the TTL? Rutgers.edu.SOA NS1.Rutgers.edu ipad.college.edu (200302028 3600 3600 604800 2400.)

Question 118

(0)

One of your team members has asked you to analyze the following SOA record. What is the version? Rutgers.edu.SOA NS1.Rutgers.edu ipad.college.edu (200302028 3600 3600 604800 2400.) (Choose four.)

Question 119

(0)

MX record priority increases as the number increases. (True/False.)

Question 120

(0)

Which of the following tools can be used to perform a zone transfer?

Related questions

The "Gray-box testing" methodology enforces what kind of restriction?

A new wireless client is configured to join a 802.11 network. This client uses the same hardware and software as many of the other clients on the network. The client can see the network, but cannot connect. A wireless packet sniffer shows that the Wireless Access Point (WAP) is not responding to the association requests being sent by the wireless client. What is a possible source of this problem?

In an attempt to damage the reputation of a competitor organization, Hailey, a professional hacker, gathers a list of employee and client email addresses and other related information by using various search engines, social networking sites, and web spidering tools. In this process, she also uses an automated tool to gather a list of words from the target website to further perform a brute-force attack on the previously gathered email addresses. What is the tool used by Hailey for gathering a list of words from the target website?

Clark is a professional hacker. He created and configured multiple domains pointing to the same host to switch quickly between the domains and avoid detection. Identify the behavior of the adversary In the above scenario.

You are the Network Admin, and you get a complaint that some of the websites are no longer accessible. You try to ping the servers and find them to be reachable. Then you type the IP address and then you try on the browser, and find it to be accessible. But they are not accessible when you try using the URL. What may be the problem?

Which of the following types of SQL injection attacks extends the results returned by the original query, enabling attackers to run two or more statements if they have the same structure as the original one?

Upon establishing his new startup, Tom hired a cloud service provider (CSP) but was dissatisfied with their service and wanted to move to another CSP. What part of the contract might prevent him from doing so?

A pen tester is configuring a Windows laptop for a test. In setting up Wireshark, what river and library are required to allow the NIC to work in promiscuous mode?

A penetration tester was assigned to scan a large network range to find live hosts. The network is known for using strict TCP filtering rules on its firewall, which may obstruct common host discovery techniques. The tester needs a method that can bypass these firewall restrictions and accurately identify live systems. What host discovery technique should the tester use?

Attacker Rony Installed a rogue access point within an organization's perimeter and attempted to Intrude into its internal network. Johnson, a security auditor, identified some unusual traffic in the internal network that is aimed at cracking the authentication mechanism. He immediately turned off the targeted network and tested for any weak and outdated security mechanisms that are open to attack. What is the type of vulnerability assessment performed by Johnson in the above scenario?

Question 111

Bob, a system administrator at TPNQM SA, concluded one day that a DMZ is not needed if he properly configures the firewall to allow access just to servers/ports, which can have direct internet access, and block the access to workstations.

Bob also concluded that DMZ makes sense just when a stateful firewall is available, which is not the case of TPNQM SA.

In this context, what can you say?

Bob can be right since DMZ does not make sense when combined with stateless firewalls

Bob is partially right. He does not need to separate networks if he can create rules by destination IPs, one by one

Bob is totally wrong. DMZ is always relevant when the company has internet servers and workstations

Bob is partially right. DMZ does not make sense when a stateless firewall is available

Show Answer Comment (0)

Question 112

Bob is acknowledged as a hacker of repute and is popular among visitors of "underground" sites.

Bob is willing to share his knowledge with those who are willing to learn, and many have expressed their interest in learning from him. However, this knowledge has a risk associated with it, as it can be used for malevolent attacks as well.

In this context, what would be the most effective method to bridge the knowledge gap between the "black" hats or crackers and the "white" hats or computer security professionals? (Choose the test answer.)

Educate everyone with books, articles and training on risk analysis, vulnerabilities and safeguards.

Hire more computer security monitoring personnel to monitor computer systems and networks.

Make obtaining either a computer security certification or accreditation easier to achieve so more individuals feel that they are a part of something larger than life.

Train more National Guard and reservist in the art of computer security to help out in times of emergency or crises.

Show Answer Comment (0)

Question 113

Peter extracts the SIDs list from Windows 2000 Server machine using the hacking tool "SIDExtractor".

Here is the output of the SIDs:

From the above list identify the user account with System Administrator privileges.

John

Rebecca

Sheela

Shawn

Somia

Chang

Micah

Show Answer Comment (0)

Question 114

Which address translation scheme would allow a single public IP address to always correspond to a single machine on an internal network, allowing "server publishing"?

Overloading Port Address Translation

Dynamic Port Address Translation

Dynamic Network Address Translation

Static Network Address Translation

Show Answer Comment (0)