EC-Council 312-50v11 Free Practice Questions

NEW QUESTION 1
As a securing consultant, what are some of the things you would recommend to a company to ensure DNS security?

• A. Use the same machines for DNS and other applications
• B. Harden DNS servers
• C. Use split-horizon operation for DNS servers
• D. Restrict Zone transfers
• E. Have subnet diversity between DNS servers

Answer: BCDE

NEW QUESTION 2
A network admin contacts you. He is concerned that ARP spoofing or poisoning might occur on his network. What are some things he can do to prevent it? Select the best answers.

• A. Use port security on his switches.
• B. Use a tool like ARPwatch to monitor for strange ARP activity.
• C. Use a firewall between all LAN segments.
• D. If you have a small network, use static ARP entries.
• E. Use only static IP addresses on all PC's.

Answer: ABD

NEW QUESTION 3
Some clients of TPNQM SA were redirected to a malicious site when they tried to access the TPNQM main site. Bob, a system administrator at TPNQM SA, found that they were victims of DNS Cache Poisoning. What should Bob recommend to deal with such a threat?

• A. The use of security agents in clients’ computers
• B. The use of DNSSEC
• C. The use of double-factor authentication
• D. Client awareness

Answer: B

NEW QUESTION 4
Gavin owns a white-hat firm and is performing a website security audit for one of his clients. He begins by running a scan which looks for common misconfigurations and outdated software versions. Which of the following tools is he most likely using?

• A. Nikto
• B. Nmap
• C. Metasploit
• D. Armitage

Answer: B

NEW QUESTION 5
Peter, a Network Administrator, has come to you looking for advice on a tool that would help him perform SNMP enquires over the network.
Which of these tools would do the SNMP enumeration he is looking for? Select the best answers.

• A. SNMPUtil
• B. SNScan
• C. SNMPScan
• D. Solarwinds IP Network Browser
• E. NMap

Answer: ABD

NEW QUESTION 6
Which of the following is the structure designed to verify and authenticate the identity of individuals within the enterprise taking part in a data exchange?

• A. SOA
• B. biometrics
• C. single sign on
• D. PKI

Answer: D

NEW QUESTION 7
Within the context of Computer Security, which of the following statements describes Social Engineering best?

• A. Social Engineering is the act of publicly disclosing information
• B. Social Engineering is the means put in place by human resource to perform time accounting
• C. Social Engineering is the act of getting needed information from a person rather than breaking into a system
• D. Social Engineering is a training program within sociology studies

Answer: C

NEW QUESTION 8
You are attempting to run an Nmap port scan on a web server. Which of the following commands would result in a scan of common ports with the least amount of noise in order to evade IDS?

• A. nmap -A - Pn
• B. nmap -sP -p-65535 -T5
• C. nmap -sT -O -T0
• D. nmap -A --host-timeout 99 -T1

Answer: C

NEW QUESTION 9
Shellshock allowed an unauthorized user to gain access to a server. It affected many Internet-facing services, which OS did it not directly affect?

• A. Linux
• B. Unix
• C. OS X
• D. Windows

Answer: D

NEW QUESTION 10
Which system consists of a publicly available set of databases that contain domain name registration contact information?

• A. WHOIS
• B. CAPTCHA
• C. IANA
• D. IETF

Answer: A

NEW QUESTION 11
A regional bank hires your company to perform a security assessment on their network after a recent data breach. The attacker was able to steal financial data from the bank by compromising only a single server. Based on this information, what should be one of your key recommendations to the bank?

• A. Place a front-end web server in a demilitarized zone that only handles external web traffic
• B. Require all employees to change their anti-virus program with a new one
• C. Move the financial data to another server on the same IP subnet
• D. Issue new certificates to the web servers from the root certificate authority

Answer: A

NEW QUESTION 12
Tremp is an IT Security Manager, and he is planning to deploy an IDS in his small company. He is looking for an IDS with the following characteristics: - Verifies success or failure of an attack - Monitors system activities Detects attacks that a network-based IDS fails to detect - Near real-time detection and response - Does not require additional hardware - Lower entry cost Which type of IDS is best suited for Tremp's requirements?

• A. Gateway-based IDS
• B. Network-based IDS
• C. Host-based IDS
• D. Open source-based

Answer: C

NEW QUESTION 13
E- mail scams and mail fraud are regulated by which of the following?

• A. 18 U.S.
• B. pa
• C. 1030 Fraud and Related activity in connection with Computers
• D. 18 U.S.
• E. pa
• F. 1029 Fraud and Related activity in connection with Access Devices
• G. 18 U.S.
• H. pa
• I. 1362 Communication Lines, Stations, or Systems
• J. 18 U.S.
• K. pa
• L. 2510 Wire and Electronic Communications Interception and Interception of Oral Communication

Answer: A

NEW QUESTION 14
Which DNS resource record can indicate how long any "DNS poisoning" could last?

• A. MX
• B. SOA
• C. NS
• D. TIMEOUT

Answer: B

NEW QUESTION 15
What does the –oX flag do in an Nmap scan?

• A. Perform an eXpress scan
• B. Output the results in truncated format to the screen
• C. Output the results in XML format to a file
• D. Perform an Xmas scan

Answer: C

NEW QUESTION 16
Which of the following is the best countermeasure to encrypting ransomwares?

• A. Use multiple antivirus softwares
• B. Pay a ransom
• C. Keep some generation of off-line backup
• D. Analyze the ransomware to get decryption key of encrypted data

Answer: C

NEW QUESTION 17
Which of the following is a component of a risk assessment?

• A. Administrative safeguards
• B. Physical security
• C. DMZ
• D. Logical interface

Answer: A

NEW QUESTION 18
Which of the following programming languages is most susceptible to buffer overflow attacks, due to its lack of a built-in bounds checking mechanism?
Code:
#include <string.h> int main(){char buffer[8];
strcpy(buffer, ““11111111111111111111111111111””);} Output: Segmentation fault

• A. C#
• B. Python
• C. Java
• D. C++

Answer: D

NEW QUESTION 19
Which of the following is not a Bluetooth attack?

• A. Bluedriving
• B. Bluesmacking
• C. Bluejacking
• D. Bluesnarfing

Answer: A

NEW QUESTION 20
Which service in a PKI will vouch for the identity of an individual or company?

• A. KDC
• B. CR
• C. CBC
• D. CA

Answer: D

NEW QUESTION 21
MX record priority increases as the number increases. (True/False.)

• A. True
• B. False

Answer: B

NEW QUESTION 22
When analyzing the IDS logs, the system administrator noticed an alert was logged when the external router was accessed from the administrator’s Computer to update the router configuration. What type of an alert is this?

• A. False negative
• B. True negative
• C. True positive
• D. False positive

Answer: D

NEW QUESTION 23
You have successfully logged on a Linux system. You want to now cover your trade Your login attempt may be logged on several files located in /var/log. Which file does NOT belongs to the list:

• A. user.log
• B. auth.fesg
• C. wtmp
• D. btmp

Answer: C

NEW QUESTION 24
You are programming a buffer overflow exploit and you want to create a NOP sled of 200 bytes in the program exploit.c

What is the hexadecimal value of NOP instruction?

• A. 0x60
• B. 0x80
• C. 0x70
• D. 0x90

Answer: D

NEW QUESTION 25
......