EC-COUNCIL 312-50V10 Online Practice Questions and Exam Preparation

EC-COUNCIL 312-50V10 Online Questions & Answers

• Question 161:

  A company's policy requires employees to perform file transfers using protocols which encrypt traffic. You suspect some employees are still performing file transfers using unencrypted protocols because the employees do not like changes. You have positioned a network sniffer to capture traffic from the laptops used by employees in the data ingest department. Using Wire shark to examine the captured traffic, which command can be used as a display filter to find unencrypted file transfers?

  A. tcp.port != 21
  B. tcp.port = 23
  C. tcp.port ==21
  D. tcp.port ==21 || tcp.port ==22
  C. tcp.port ==21

• Question 162:

  Log monitoring tools performing behavioral analysis have alerted several suspicious logins on a Linux server occurring during non-business hours. After further examination of all login activities, it is noticed that none of the logins have occurred during typical work hours. A Linux administrator who is investigating this problem realizes the system time on the Linux server is wrong by more than twelve hours. What protocol used on Linux servers to synchronize the time has stopped working?

  A. Time Keeper
  B. NTP
  C. PPP
  D. OSPP
  B. NTP

• Question 163:

  ViruXine.W32 virus hides their presence by changing the underlying executable code.

  This Virus code mutates while keeping the original algorithm intact, the code changes itself each time it runs, but the function of the code (its semantics) will not change at all.

  

  Here is a section of the Virus code:

  

  What is this technique called?

  A. Polymorphic Virus
  B. Metamorphic Virus
  C. Dravidic Virus
  D. Stealth Virus
  A. Polymorphic Virus

• Question 164:

  Assume a business-crucial web-site of some company that is used to sell handsets to the customers worldwide. All the developed components are reviewed by the security team on a monthly basis. In order to drive business further, the website developers decided to add some 3rd party marketing tools on it. The tools are written in JavaScript and can track the customer's activity on the site. These tools are located on the servers of the marketing company.

  What is the main security risk associated with this scenario?

  A. External script contents could be maliciously modified without the security team knowledge
  B. External scripts have direct access to the company servers and can steal the data from there
  C. There is no risk at all as the marketing services are trustworthy
  D. External scripts increase the outbound company data traffic which leads greater financial losses
  A. External script contents could be maliciously modified without the security team knowledge

• Question 165:

  Bob finished a C programming course and created a small C application to monitor the network traffic and produce alerts when any origin sends "many" IP packets, based on the average number of packets sent by all origins and using some thresholds.

  In concept, the solution developed by Bob is actually:

  A. Just a network monitoring tool
  B. A signature-based IDS
  C. A hybrid IDS
  D. A behavior-based IDS
  A. Just a network monitoring tool

• Question 166:

  A consultant has been hired by the V.P. of a large financial organization to assess the company's security posture. During the security testing, the consultant comes across child pornography on the V.P.'s computer. What is the consultant's obligation to the financial organization?

  A. Say nothing and continue with the security testing.
  B. Stop work immediately and contact the authorities.
  C. Delete the pornography, say nothing, and continue security testing.
  D. Bring the discovery to the financial organization's human resource department.
  B. Stop work immediately and contact the authorities.

• Question 167:

  A network admin contacts you. He is concerned that ARP spoofing or poisoning might occur on his network. What are some things he can do to prevent it? Select the best answers.

  A. Use port security on his switches.
  B. Use a tool like ARPwatch to monitor for strange ARP activity.
  C. Use a firewall between all LAN segments.
  D. If you have a small network, use static ARP entries.
  E. Use only static IP addresses on all PC's.
  A. Use port security on his switches.
  B. Use a tool like ARPwatch to monitor for strange ARP activity.
  D. If you have a small network, use static ARP entries.

• Question 168:

  What is the name of the international standard that establishes a baseline level of confidence in the security functionality of IT products by providing a set of requirements for evaluation?

  A. Blue Book
  B. ISO 26029
  C. Common Criteria
  D. The Wassenaar Agreement
  C. Common Criteria

• Question 169:

  What do Trinoo, TFN2k, WinTrinoo, T-Sight, and Stracheldraht have in common?

  A. All are hacking tools developed by the legion of doom
  B. All are tools that can be used not only by hackers, but also security personnel
  C. All are DDOS tools
  D. All are tools that are only effective against Windows
  E. All are tools that are only effective against Linux
  C. All are DDOS tools

• Question 170:

  What is the main disadvantage of the scripting languages as opposed to compiled programming languages?

  A. Scripting languages are hard to learn.
  B. Scripting languages are not object-oriented.
  C. Scripting languages cannot be used to create graphical user interfaces.
  D. Scripting languages are slower because they require an interpreter to run the code.
  D. Scripting languages are slower because they require an interpreter to run the code.