EC-Council 312-50v10 Free Practice Questions

Question No: 1

In which of the following password protection technique, random strings of characters are added to the password before calculating their hashes?

A. Keyed Hashing

B. Key Stretching

C. Salting

D. Double Hashing

View Answer

Question No: 2

An attacker has installed a RAT on a host. The attacker wants to ensure that when a user attempts to go to "www.MyPersonalBank.com", that the user is directed to a phishing site.

Which file does the attacker need to modify?

A. Boot.ini

B. Sudoers

C. Networks

D. Hosts

View Answer

Question No: 3

A technician is resolving an issue where a computer is unable to connect to the Internet using a wireless access point. The computer is able to transfer files locally to other machines, but cannot successfully reach the Internet. When the technician examines the IP address and default gateway they are both on the 192.168.1.0/24. Which of the following has occurred?

A. The computer is not using a private IP address.

B. The gateway is not routing to a public IP address.

C. The gateway and the computer are not on the same network.

D. The computer is using an invalid IP address.

View Answer

Question No: 4

Which of the following provides a security professional with most information about the systemu2021s security posture?

A. Wardriving, warchalking, social engineering

B. Social engineering, company site browsing, tailgating

C. Phishing, spamming, sending trojans

D. Port scanning, banner grabbing, service identification

View Answer

Question No: 5

What network security concept requires multiple layers of security controls to be placed throughout an IT infrastructure, which improves the security posture of an organization to defend against malicious attacks or potential vulnerabilities?

What kind of Web application vulnerability likely exists in their software?

A. Host-Based Intrusion Detection System

B. Security through obscurity

C. Defense in depth

D. Network-Based Intrusion Detection System

View Answer

Question No: 6

An attacker, using a rogue wireless AP, performed an MITM attack and injected an HTML code to embed a malicious applet in all HTTP connections.

When users accessed any page, the applet ran and exploited many machines. Which one of the following tools the hacker probably used to inject HTML code?

A. Wireshark

B. Ettercap

C. Aircrack-ng

D. Tcpdump

View Answer

Question No: 7

Which mode of IPSec should you use to assure security and confidentiality of data within the same LAN?

A. AH permiscuous

B. ESP confidential

C. AH Tunnel mode

D. ESP transport mode

View Answer

Question No: 8

You have gained physical access to a Windows 2008 R2 server which has an accessible disc drive. When you attempt to boot the server and log in, you are unable to guess the password. In your toolkit, you have an Ubuntu 9.10 Linux LiveCD. Which Linux-based tool can change any useru2021s password or activate disabled Windows accounts?

A. John the Ripper

B. SET

C. CHNTPW

D. Cain & Abel

View Answer

Question No: 9

The security administrator of ABC needs to permit Internet traffic in the host 10.0.0.2 and UDP traffic in the host 10.0.0.3. He also needs to permit all FTP traffic to the rest of the network and deny all other traffic. After he applied his ACL configuration in the router, nobody can access to the ftp, and the permitted hosts cannot access the Internet. According to the next configuration, what is happening in the network?

A. The ACL 104 needs to be first because is UDP

B. The ACL 110 needs to be changed to port 80

C. The ACL for FTP must be before the ACL 110

D. The first ACL is denying all TCP traffic and the other ACLs are being ignored by the router

View Answer

Question No: 10

Which of the following is the BEST way to defend against network sniffing?

A. Restrict Physical Access to Server Rooms hosting Critical Servers

B. Use Static IP Address

C. Using encryption protocols to secure network communications

D. Register all machines MAC Address in a Centralized Database

View Answer