ExamGecko
Search Search Login
Home Home / ECCouncil / 312-50v12

ECCouncil 312-50v12 Practice Test - Questions Answers, Page 8

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

The "Gray-box testing" methodology enforces what kind of restriction?
A new wireless client is configured to join a 802.11 network. This client uses the same hardware and software as many of the other clients on the network. The client can see the network, but cannot connect. A wireless packet sniffer shows that the Wireless Access Point (WAP) is not responding to the association requests being sent by the wireless client. What is a possible source of this problem?
In an attempt to damage the reputation of a competitor organization, Hailey, a professional hacker, gathers a list of employee and client email addresses and other related information by using various search engines, social networking sites, and web spidering tools. In this process, she also uses an automated tool to gather a list of words from the target website to further perform a brute-force attack on the previously gathered email addresses. What is the tool used by Hailey for gathering a list of words from the target website?
You are the Network Admin, and you get a complaint that some of the websites are no longer accessible. You try to ping the servers and find them to be reachable. Then you type the IP address and then you try on the browser, and find it to be accessible. But they are not accessible when you try using the URL. What may be the problem?
Which of the following types of SQL injection attacks extends the results returned by the original query, enabling attackers to run two or more statements if they have the same structure as the original one?
Upon establishing his new startup, Tom hired a cloud service provider (CSP) but was dissatisfied with their service and wanted to move to another CSP. What part of the contract might prevent him from doing so?
Clark is a professional hacker. He created and configured multiple domains pointing to the same host to switch quickly between the domains and avoid detection. Identify the behavior of the adversary In the above scenario.
A pen tester is configuring a Windows laptop for a test. In setting up Wireshark, what river and library are required to allow the NIC to work in promiscuous mode?
A penetration tester was assigned to scan a large network range to find live hosts. The network is known for using strict TCP filtering rules on its firewall, which may obstruct common host discovery techniques. The tester needs a method that can bypass these firewall restrictions and accurately identify live systems. What host discovery technique should the tester use?
Attacker Rony Installed a rogue access point within an organization's perimeter and attempted to Intrude into its internal network. Johnson, a security auditor, identified some unusual traffic in the internal network that is aimed at cracking the authentication mechanism. He immediately turned off the targeted network and tested for any weak and outdated security mechanisms that are open to attack. What is the type of vulnerability assessment performed by Johnson in the above scenario?

Question 71

Report
Export
Collapse

What does a firewall check to prevent particular ports and applications from getting packets into an organization?

A.
Transport layer port numbers and application layer headers
A.
Transport layer port numbers and application layer headers
Answers
B.
Presentation layer headers and the session layer port numbers
B.
Presentation layer headers and the session layer port numbers
Answers
C.
Network layer headers and the session layer port numbers
C.
Network layer headers and the session layer port numbers
Answers
D.
Application layer port numbers and the transport layer headers
D.
Application layer port numbers and the transport layer headers
Answers
Suggested answer: A

Question 72

Report
Export
Collapse

An attacker has installed a RAT on a host. The attacker wants to ensure that when a user attempts to go to "www.MyPersonalBank.com", the user is directed to a phishing site.

Which file does the attacker need to modify?

A.
Boot.ini
A.
Boot.ini
Answers
B.
Sudoers
B.
Sudoers
Answers
C.
Networks
C.
Networks
Answers
D.
Hosts
D.
Hosts
Answers
Suggested answer: D

Question 73

Report
Export
Collapse

is a set of extensions to DNS that provide the origin authentication of DNS data to DNS clients (resolvers) so as to reduce the threat of DNS poisoning, spoofing, and similar types of attacks.

A.
DNSSEC
A.
DNSSEC
Answers
B.
Resource records
B.
Resource records
Answers
C.
Resource transfer
C.
Resource transfer
Answers
D.
Zone transfer
D.
Zone transfer
Answers
Suggested answer: A

Explanation:

The Domain Name System Security Extensions (DNSSEC) is a suite of Internet Engineering Task Force (IETF) specifications for securing certain kinds of information provided by DNS for use on IP networks. DNSSEC is a set of extensions to DNS provide to DNS clients (resolvers) origin authentication of DNS data, authenticated denial of existence, and data integrity, but not availability or confidentiality. DNSSEC is necessary because the original DNS design did not include security but was designed to be a scalable distributed system. DNSSEC adds security while maintaining backward compatibility.

Question 74

Report
Export
Collapse

Which of the following incident handling process phases is responsible for defining rules, collaborating human workforce, creating a back-up plan, and testing the plans for an organization?

A.
Preparation phase
A.
Preparation phase
Answers
B.
Containment phase
B.
Containment phase
Answers
C.
Identification phase
C.
Identification phase
Answers
D.
Recovery phase
D.
Recovery phase
Answers
Suggested answer: A

Question 75

Report
Export
Collapse

The configuration allows a wired or wireless network interface controller to pass all traffic it receives to the Central Processing Unit (CPU), rather than passing only the frames that the controller is intended to receive. Which of the following is being described?

A.
Multi-cast mode
A.
Multi-cast mode
Answers
B.
Promiscuous mode
B.
Promiscuous mode
Answers
C.
WEM
C.
WEM
Answers
D.
Port forwarding
D.
Port forwarding
Answers
Suggested answer: B

Question 76

Report
Export
Collapse

A large mobile telephony and data network operator has a data center that houses network elements. These are essentially large computers running on Linux. The perimeter of the data center is secured with firewalls and IPS systems.

What is the best security policy concerning this setup?

A.
Network elements must be hardened with user ids and strong passwords. Regular security tests and audits should be performed.
A.
Network elements must be hardened with user ids and strong passwords. Regular security tests and audits should be performed.
Answers
B.
As long as the physical access to the network elements is restricted, there is no need for additional measures.
B.
As long as the physical access to the network elements is restricted, there is no need for additional measures.
Answers
C.
There is no need for specific security measures on the network elements as long as firewalls and IPS systems exist.
C.
There is no need for specific security measures on the network elements as long as firewalls and IPS systems exist.
Answers
D.
The operator knows that attacks and down time are inevitable and should have a backup site.
D.
The operator knows that attacks and down time are inevitable and should have a backup site.
Answers
Suggested answer: A

Question 77

Report
Export
Collapse

PGP, SSL, and IKE are all examples of which type of cryptography?

A.
Digest
A.
Digest
Answers
B.
Secret Key
B.
Secret Key
Answers
C.
Public Key
C.
Public Key
Answers
D.
Hash Algorithm
D.
Hash Algorithm
Answers
Suggested answer: C

Question 78

Report
Export
Collapse

Peter is surfing the internet looking for information about DX Company. Which hacking process is Peter doing?

A.
Scanning
A.
Scanning
Answers
B.
Footprinting
B.
Footprinting
Answers
C.
Enumeration
C.
Enumeration
Answers
D.
System Hacking
D.
System Hacking
Answers
Suggested answer: B

Question 79

Report
Export
Collapse

A hacker is an intelligent individual with excellent computer skills and the ability to explore a computer's software and hardware without the owner's permission. Their intention can either be to simply gain knowledge or to illegally make changes.

Which of the following class of hacker refers to an individual who works both offensively and defensively at various times?

A.
White Hat
A.
White Hat
Answers
B.
Suicide Hacker
B.
Suicide Hacker
Answers
C.
Gray Hat
C.
Gray Hat
Answers
D.
Black Hat
D.
Black Hat
Answers
Suggested answer: C

Question 80

Report
Export
Collapse

During a recent security assessment, you discover the organization has one Domain Name Server (DNS) in a Demilitarized Zone (DMZ) and a second DNS server on the internal network.

What is this type of DNS configuration commonly called?

A.
DynDNS
A.
DynDNS
Answers
B.
DNS Scheme
B.
DNS Scheme
Answers
C.
DNSSEC
C.
DNSSEC
Answers
D.
Split DNS
D.
Split DNS
Answers
Suggested answer: D
Total 573 questions
Go to page: of 58
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms