EC-COUNCIL 312-49 Online Practice Questions and Exam Preparation

EC-COUNCIL 312-49 Online Questions & Answers

• Question 211:

  Netstat is a tool for collecting information regarding network connections. It provides a simple view of TCP and UDP connections, and their state and network traffic statistics. Which of the following commands shows you the TCP and UDP network connections, listening ports, and the identifiers?

  A. netstat - r
  B. netstat - ano
  C. netstat - b
  D. netstat - s
  B. netstat - ano

• Question 212:

  Data is striped at a byte level across multiple drives, and parity information is distributed among all member drives.

  

  What RAID level is represented here?

  A. RAID Level 0
  B. RAID Level 5
  C. RAID Level 3
  D. RAID Level 1
  B. RAID Level 5

• Question 213:

  Wireless access control attacks aim to penetrate a network by evading WLAN access control measures such as AP MAC filters and Wi-Fi port access controls. Which of the following wireless access control attacks allow the attacker to set up a rogue access point outside the corporate perimeter and then lure the employees of the organization to connect to it?

  A. Ad hoc associations
  B. Client mis-association
  C. MAC spoofing
  D. Rogue access points
  B. Client mis-association

• Question 214:

  John and Hillary works at the same department in the company. John wants to find out Hillary's network password so he can take a look at her documents on the file server. He enables Lophtcrack program to sniffing mode. John sends Hillary an email with a link to Error! Reference source not found. What information will he be able to gather from this?

  A. Hillary network username and password hash
  B. The SID of Hillary network account
  C. The SAM file from Hillary computer
  D. The network shares that Hillary has permissions
  A. Hillary network username and password hash

• Question 215:

  Which of the following Event Correlation Approach is an advanced correlation method that assumes and predicts what an attacker can do next after the attack by studying the statistics and probability and uses only two variables?

  A. Bayesian Correlation
  B. Vulnerability-Based Approach
  C. Rule-Based Approach
  D. Route Correlation
  A. Bayesian Correlation

• Question 216:

  What technique is used by JPEGs for compression?

  A. ZIP
  B. TCD
  C. DCT
  D. TIFF-8
  C. DCT

• Question 217:

  Which of the following file system uses Master File Table (MFT) database to store information about every file and directory on a volume?

  A. FAT File System
  B. ReFS
  C. exFAT
  D. NTFS File System
  D. NTFS File System

• Question 218:

  The process of restarting a computer that is already turned on through the operating system is called?

  A. Warm boot
  B. Ice boot
  C. Hot Boot
  D. Cold boot
  A. Warm boot

• Question 219:

  Bill is the accounting manager for Grummon and Sons LLC in Chicago. On a regular basis, he needs to send PDF documents containing sensitive information through E-mail to his customers.

  Bill protects the PDF documents with a password and sends them to their intended recipients.

  Why PDF passwords do not offer maximum protection?

  A. PDF passwords can easily be cracked by software brute force tools
  B. PDF passwords are converted to clear text when sent through E-mail
  C. PDF passwords are not considered safe by Sarbanes-Oxley
  D. When sent through E-mail, PDF passwords are stripped from the document completely
  A. PDF passwords can easily be cracked by software brute force tools

• Question 220:

  What must be obtained before an investigation is carried out at a location?

  A. Search warrant
  B. Subpoena
  C. Habeas corpus
  D. Modus operandi
  A. Search warrant