ExamGecko
Login
Home / ECCouncil / 312-50v12 / List of questions
Ask Question

ECCouncil 312-50v12 Practice Test - Questions Answers, Page 20

Add to Whishlist

List of questions

Question 191

Report Export Collapse

During an Xmas scan what indicates a port is closed?

Become a Premium Member for full access
  Unlock Premium Member

Question 192

Report Export Collapse

Matthew, a black hat, has managed to open a meterpreter session to one of the kiosk machines in Evil Corp's lobby. He checks his current SID, which is S-1-5-21-1223352397-1872883824-861252104- 501. What needs to happen before

Matthew has full administrator access?

Become a Premium Member for full access
  Unlock Premium Member

Question 193

Report Export Collapse

An LDAP directory can be used to store information similar to a SQL database. LDAP uses a _____ database structure instead of SQL's _____ structure. Because of this, LDAP has difficulty representing many-to-one relationships.

Become a Premium Member for full access
  Unlock Premium Member

Question 194

Report Export Collapse

Elliot is in the process of exploiting a web application that uses SQL as a back-end database. He's determined that the application is vulnerable to SQL injection, and has introduced conditional timing delays into injected queries to determine whether they are successful. What type of SQL injection is Elliot most likely performing?

Become a Premium Member for full access
  Unlock Premium Member

Question 195

Report Export Collapse

John is an incident handler at a financial institution. His steps in a recent incident are not up to the standards of the company. John frequently forgets some steps and procedures while handling responses as they are very stressful to perform. Which of the following actions should John take to overcome this problem with the least administrative effort?

Become a Premium Member for full access
  Unlock Premium Member

Question 196

Report Export Collapse

You are performing a penetration test for a client and have gained shell access to a Windows machine on the internal network. You intend to retrieve all DNS records for the internal domain, if the DNS server is at 192.168.10.2 and the domain name is PLUScorp.local, what command would you type at the nslookup prompt to attempt a zone transfer?

Become a Premium Member for full access
  Unlock Premium Member

Question 197

Report Export Collapse

OpenSSL on Linux servers includes a command line tool for testing TLS. What is the name of the tool and the correct syntax to connect to a web server?

Become a Premium Member for full access
  Unlock Premium Member

Question 198

Report Export Collapse

What is the purpose of DNS AAAA record?

Become a Premium Member for full access
  Unlock Premium Member

Question 199

Report Export Collapse

Tremp is an IT Security Manager, and he is planning to deploy an IDS in his small company. He is looking for an IDS with the following characteristics: - Verifies success or failure of an attack - Monitors system activities Detects attacks that a network-based IDS fails to detect - Near real-time detection and response - Does not require additional hardware - Lower entry cost Which type of IDS is best suited for Tremp's requirements?

Become a Premium Member for full access
  Unlock Premium Member

Question 200

Report Export Collapse

What kind of detection techniques is being used in antivirus softwares that identifies malware by collecting data from multiple protected systems and instead of analyzing files locally it's made on the premiers environment-

Become a Premium Member for full access
  Unlock Premium Member
Total 573 questions
Go to page: of 58
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Clark is a professional hacker. He created and configured multiple domains pointing to the same host to switch quickly between the domains and avoid detection. Identify the behavior of the adversary In the above scenario.
A new wireless client is configured to join a 802.11 network. This client uses the same hardware and software as many of the other clients on the network. The client can see the network, but cannot connect. A wireless packet sniffer shows that the Wireless Access Point (WAP) is not responding to the association requests being sent by the wireless client. What is a possible source of this problem?
What is correct about digital signatures?
Your organization has signed an agreement with a web hosting provider that requires you to take full responsibility of the maintenance of the cloud-based resources. Which of the following models covers this?
In an attempt to damage the reputation of a competitor organization, Hailey, a professional hacker, gathers a list of employee and client email addresses and other related information by using various search engines, social networking sites, and web spidering tools. In this process, she also uses an automated tool to gather a list of words from the target website to further perform a brute-force attack on the previously gathered email addresses. What is the tool used by Hailey for gathering a list of words from the target website?
During a penetration testing assignment, a Certified Ethical Hacker (CEH) used a set of scanning tools to create a profile of the target organization. The CEH wanted to scan for live hosts, open ports, and services on a target network. He used Nmap for network inventory and Hping3 for network security auditing. However, he wanted to spoof IP addresses for anonymity during probing. Which command should the CEH use to perform this task?
Which file is a rich target to discover the structure of a website during web-server footprinting?
Sam is working as a system administrator In an organization. He captured the principal characteristics of a vulnerability and produced a numerical score to reflect Its severity using CVSS v3.0 to property assess and prioritize the organization's vulnerability management processes. The base score that Sam obtained after performing cvss rating was 4.0. What is the CVSS severity level of the vulnerability discovered by Sam in the above scenario?
The "Gray-box testing" methodology enforces what kind of restriction?
A company's security policy states that all Web browsers must automatically delete their HTTPbrowser cookies upon terminating. What sort of security breach is this policy attempting to mitigate?