EC-Council 312-50v11 Free Practice Questions

NEW QUESTION 1
What is correct about digital signatures?

• A. A digital signature cannot be moved from one signed document to another because it is the hash of the original document encrypted with the private key of the signing party.
• B. Digital signatures may be used in different documents of the same type.
• C. A digital signature cannot be moved from one signed document to another because it is a plain hash of the document content.
• D. Digital signatures are issued once for each user and can be used everywhere until they expire.

Answer: A

NEW QUESTION 2
Eve is spending her day scanning the library computers. She notices that Alice is using a computer whose port 445 is active and listening. Eve uses the ENUM tool to enumerate Alice machine. From the command prompt, she types the following command.

What is Eve trying to do?

• A. Eve is trying to connect as a user with Administrator privileges
• B. Eve is trying to enumerate all users with Administrative privileges
• C. Eve is trying to carry out a password crack for user Administrator
• D. Eve is trying to escalate privilege of the null user to that of Administrator

Answer: C

NEW QUESTION 3
The following is an entry captured by a network IDS. You are assigned the task of analyzing this entry. You notice the value 0x90, which is the most common NOOP instruction for the Intel processor. You figure that the attacker is attempting a buffer overflow attack.
You also notice "/bin/sh" in the ASCII part of the output. As an analyst what would you conclude about the attack?

• A. The buffer overflow attack has been neutralized by the IDS
• B. The attacker is creating a directory on the compromised machine
• C. The attacker is attempting a buffer overflow attack and has succeeded
• D. The attacker is attempting an exploit that launches a command-line shell

Answer: D

NEW QUESTION 4
The network administrator at Spears Technology, Inc has configured the default gateway Cisco router's access-list as below:
You are hired to conduct security testing on their network.
You successfully brute-force the SNMP community string using a SNMP crack tool.
The access-list configured at the router prevents you from establishing a successful connection. You want to retrieve the Cisco configuration from the router. How would you proceed?

• A. Use the Cisco's TFTP default password to connect and download the configuration file
• B. Run a network sniffer and capture the returned traffic with the configuration file from the router
• C. Run Generic Routing Encapsulation (GRE) tunneling protocol from your computer to the router masking your IP address
• D. Send a customized SNMP set request with a spoofed source IP address in the range -192.168.1.0

Answer: BD

NEW QUESTION 5
What term describes the amount of risk that remains after the vulnerabilities are classified and the countermeasures have been deployed?

• A. Residual risk
• B. Impact risk
• C. Deferred risk
• D. Inherent risk

Answer: A

NEW QUESTION 6
Switches maintain a CAM Table that maps individual MAC addresses on the network to physical ports on the switch.

In MAC flooding attack, a switch is fed with many Ethernet frames, each containing different source MAC addresses, by the attacker. Switches have a limited memory for mapping various MAC addresses to physical ports. What happens when the CAM table becomes full?

• A. Switch then acts as hub by broadcasting packets to all machines on the network
• B. The CAM overflow table will cause the switch to crash causing Denial of Service
• C. The switch replaces outgoing frame switch factory default MAC address of FF:FF:FF:FF:FF:FF
• D. Every packet is dropped and the switch sends out SNMP alerts to the IDS port

Answer: A

NEW QUESTION 7
When a security analyst prepares for the formal security assessment - what of the following should be done in order to determine inconsistencies in the secure assets database and verify that system is compliant to the minimum security baseline?

• A. Data items and vulnerability scanning
• B. Interviewing employees and network engineers
• C. Reviewing the firewalls configuration
• D. Source code review

Answer: A

NEW QUESTION 8
What port number is used by LDAP protocol?

• A. 110
• B. 389
• C. 464
• D. 445

Answer: B

NEW QUESTION 9
A technician is resolving an issue where a computer is unable to connect to the Internet using a wireless access point. The computer is able to transfer files locally to other machines, but cannot successfully reach the Internet. When the technician examines the IP address and default gateway they are both on the 192.168.1.0/24. Which of the following has occurred?

• A. The computer is not using a private IP address.
• B. The gateway is not routing to a public IP address.
• C. The gateway and the computer are not on the same network.
• D. The computer is using an invalid IP address.

Answer: B

NEW QUESTION 10
Identify the correct terminology that defines the above statement.

• A. Vulnerability Scanning
• B. Penetration Testing
• C. Security Policy Implementation
• D. Designing Network Security

Answer: B

NEW QUESTION 11
While performing online banking using a Web browser, a user receives an email that contains a link to an interesting Web site. When the user clicks on the link, another Web browser session starts and displays a video of cats playing a piano. The next business day, the user receives what looks like an email from his bank, indicating that his bank account has been accessed from a foreign country. The email asks the user to call his bank and verify the authorization of a funds transfer that took place. What Web browser-based security vulnerability was exploited to compromise the user?

• A. Clickjacking
• B. Cross-Site Scripting
• C. Cross-Site Request Forgery
• D. Web form input validation

Answer: C

NEW QUESTION 12
Which of the following programs is usually targeted at Microsoft Office products?

• A. Polymorphic virus
• B. Multipart virus
• C. Macro virus
• D. Stealth virus

Answer: C

NEW QUESTION 13
What is GINA?

• A. Gateway Interface Network Application
• B. GUI Installed Network Application CLASS
• C. Global Internet National Authority (G-USA)
• D. Graphical Identification and Authentication DLL

Answer: D

NEW QUESTION 14
An attacker runs netcat tool to transfer a secret file between two hosts.

He is worried about information being sniffed on the network.
How would the attacker use netcat to encrypt the information before transmitting onto the wire?

• A. Machine A: netcat -l -p -s password 1234 < testfileMachine B: netcat <machine A IP> 1234
• B. Machine A: netcat -l -e magickey -p 1234 < testfileMachine B: netcat <machine A IP> 1234
• C. Machine A: netcat -l -p 1234 < testfile -pw passwordMachine B: netcat <machine A IP> 1234 -pw password
• D. Use cryptcat instead of netcat

Answer: D

NEW QUESTION 15
OpenSSL on Linux servers includes a command line tool for testing TLS. What is the name of the tool and the correct syntax to connect to a web server?

• A. openssl s_client -site www.website.com:443
• B. openssl_client -site www.website.com:443
• C. openssl s_client -connect www.website.com:443
• D. openssl_client -connect www.website.com:443

Answer: C

NEW QUESTION 16
Which address translation scheme would allow a single public IP address to always correspond to a single machine on an internal network, allowing "server publishing"?

• A. Overloading Port Address Translation
• B. Dynamic Port Address Translation
• C. Dynamic Network Address Translation
• D. Static Network Address Translation

Answer: D

NEW QUESTION 17
Which Intrusion Detection System is the best applicable for large environments where critical assets on the network need extra scrutiny and is ideal for observing sensitive network segments?

• A. Honeypots
• B. Firewalls
• C. Network-based intrusion detection system (NIDS)
• D. Host-based intrusion detection system (HIDS)

Answer: C

NEW QUESTION 18
In the field of cryptanalysis, what is meant by a “rubber-hose” attack?

• A. Forcing the targeted keystream through a hardware-accelerated device such as an ASIC.
• B. A backdoor placed into a cryptographic algorithm by its creator.
• C. Extraction of cryptographic secrets through coercion or torture.
• D. Attempting to decrypt ciphertext by making logical assumptions about the contents of the original plaintext.

Answer: C

NEW QUESTION 19
Which results will be returned with the following Google search query? site:target.com – site:Marketing.target.com accounting

• A. Results from matches on the site marketing.target.com that are in the domain target.com but do not include the word accounting.
• B. Results matching all words in the query.
• C. Results for matches on target.com and Marketing.target.com that include the word “accounting”
• D. Results matching “accounting” in domain target.com but not on the site Marketing.target.com

Answer: D

NEW QUESTION 20
Null sessions are un-authenticated connections (not using a username or password.) to an NT or 2000 system. Which TCP and UDP ports must you filter to check null sessions on your network?

• A. 137 and 139
• B. 137 and 443
• C. 139 and 443
• D. 139 and 445

Answer: D

NEW QUESTION 21
Jim’s company regularly performs backups of their critical servers. But the company cannot afford to send backup tapes to an off-site vendor for long-term storage and archiving. Instead, Jim’s company keeps the backup tapes in a safe in the office. Jim’s company is audited each year, and the results from this year’s audit show a risk because backup tapes are not stored off-site. The Manager of Information Technology has a plan to take the backup tapes home with him and wants to know what two things he can do to secure the backup tapes while in transit?

• A. Encrypt the backup tapes and transport them in a lock box.
• B. Degauss the backup tapes and transport them in a lock box.
• C. Hash the backup tapes and transport them in a lock box.
• D. Encrypt the backup tapes and use a courier to transport them.

Answer: A

NEW QUESTION 22
Which of the following is an extremely common IDS evasion technique in the web world?

• A. Spyware
• B. Subnetting
• C. Unicode Characters
• D. Port Knocking

Answer: C

NEW QUESTION 23
You are tasked to configure the DHCP server to lease the last 100 usable IP addresses in subnet to. 1.4.0/23. Which of the following IP addresses could be teased as a result of the new configuration?

• A. 210.1.55.200
• B. 10.1.4.254
• C. 10..1.5.200
• D. 10.1.4.156

Answer: C

NEW QUESTION 24
Let's imagine three companies (A, B and C), all competing in a challenging global environment. Company A and B are working together in developing a product that will generate a major competitive advantage for them. Company A has a secure DNS server while company B has a DNS server vulnerable to spoofing. With a spoofing attack on the DNS server of company B, company C gains access to outgoing e-mails from company B. How do you prevent DNS spoofing?

• A. Install DNS logger and track vulnerable packets
• B. Disable DNS timeouts
• C. Install DNS Anti-spoofing
• D. Disable DNS Zone Transfer

Answer: C

NEW QUESTION 25
......