EC-COUNCIL 312-50V10 Online Practice Questions and Exam Preparation

EC-COUNCIL 312-50V10 Online Questions & Answers

• Question 181:

  During an Xmas scan what indicates a port is closed?

  A. No return response
  B. RST
  C. ACK
  D. SYN
  B. RST

• Question 182:

  What is the least important information when you analyze a public IP address in a security alert?

  A. ARP
  B. Whois
  C. DNS
  D. Geolocation
  A. ARP

• Question 183:

  The network in ABC company is using the network address 192.168.1.64 with mask 255.255.255.192. In the network the servers are in the addresses 192.168.1.122, 192.168.1.123 and 192.168.1.124.

  An attacker is trying to find those servers but he cannot see them in his scanning. The command he is using is:

  nmap 192.168.1.64/28.

  Why he cannot see the servers?

  A. The network must be down and the nmap command and IP address are ok.
  B. He needs to add the command ''''ip address'''' just before the IP address.
  C. He is scanning from 192.168.1.64 to 192.168.1.78 because of the mask /28 and the servers are not in that range.
  D. He needs to change the address to 192.168.1.0 with the same mask.
  C. He is scanning from 192.168.1.64 to 192.168.1.78 because of the mask /28 and the servers are not in that range.

• Question 184:

  Which of the following is an example of two factor authentication?

  A. PIN Number and Birth Date
  B. Username and Password
  C. Digital Certificate and Hardware Token
  D. Fingerprint and Smartcard ID
  D. Fingerprint and Smartcard ID

• Question 185:

  Which of these is capable of searching for and locating rogue access points?

  A. HIDS
  B. WISS
  C. WIPS
  D. NIDS
  C. WIPS

• Question 186:

  The following are types of Bluetooth attack EXCEPT_____?

  A. Bluejacking
  B. Bluesmaking
  C. Bluesnarfing
  D. Bluedriving
  D. Bluedriving

• Question 187:

  In Trojan terminology, what is a covert channel?

  

  A. A channel that transfers information within a computer system or network in a way that violates the security policy
  B. A legitimate communication path within a computer system or network for transfer of data
  C. It is a kernel operation that hides boot processes and services to mask detection
  D. It is Reverse tunneling technique that uses HTTPS protocol instead of HTTP protocol to establish connections
  A. A channel that transfers information within a computer system or network in a way that violates the security policy

• Question 188:

  What type of analysis is performed when an attacker has partial knowledge of inner- workings of the application?

  A. Black-box
  B. Announced
  C. White-box
  D. Grey-box
  D. Grey-box

• Question 189:

  A specific site received 91 ICMP_ECHO packets within 90 minutes from 47 different sites.

  77 of the ICMP_ECHO packets had an ICMP ID:39612 and Seq:57072. 13 of the ICMP_ECHO packets had an ICMP ID:0 and Seq:0.

  What can you infer from this information?

  A. The packets were sent by a worm spoofing the IP addresses of 47 infected sites
  B. ICMP ID and Seq numbers were most likely set by a tool and not by the operating system
  C. All 77 packets came from the same LAN segment and hence had the same ICMP ID and Seq number
  D. 13 packets were from an external network and probably behind a NAT, as they had an ICMP ID 0 and Seq 0
  B. ICMP ID and Seq numbers were most likely set by a tool and not by the operating system

• Question 190:

  Which mode of IPSec should you use to assure security and confidentiality of data within the same LAN?

  A. ESP transport mode
  B. AH permiscuous
  C. ESP confidential
  D. AH Tunnel mode
  A. ESP transport mode