EC-COUNCIL 312-50V10 Online Practice Questions and Exam Preparation

EC-COUNCIL 312-50V10 Online Questions & Answers

• Question 201:

  Which of the following is a client-server tool utilized to evade firewall inspection?

  A. tcp-over-dns
  B. kismet
  C. nikto
  D. hping
  A. tcp-over-dns

• Question 202:

  Based on the following extract from the log of a compromised machine, what is the hacker really trying to steal?

  A. har.txt
  B. SAM file
  C. wwwroot
  D. Repair file
  B. SAM file

• Question 203:

  A distributed port scan operates by: A. Blocking access to the scanning clients by the targeted host

  B. Using denial-of-service software against a range of TCP ports
  C. Blocking access to the targeted host by each of the distributed scanning clients
  D. Having multiple computers each scan a small number of ports, then correlating the results
  D. Having multiple computers each scan a small number of ports, then correlating the results

• Question 204:

  Which United States legislation mandates that the Chief Executive Officer (CEO) and the Chief Financial Officer (CFO) must sign statements verifying the completeness and accuracy of financial reports?

  A. Sarbanes-Oxley Act (SOX)
  B. Gramm-Leach-Bliley Act (GLBA)
  C. Fair and Accurate Credit Transactions Act (FACTA)
  D. Federal Information Security Management Act (FISMA)
  A. Sarbanes-Oxley Act (SOX)

• Question 205:

  You are performing a penetration test. You achieved access via a buffer overflow exploit and you proceed to find interesting data, such as files with usernames and passwords. You find a hidden folder that has the administrator's bank account password and login information for the administrator's bitcoin account.

  What should you do?

  A. Report immediately to the administrator
  B. Do not report it and continue the penetration test.
  C. Transfer money from the administrator's account to another account.
  D. Do not transfer the money but steal the bitcoins.
  A. Report immediately to the administrator

• Question 206:

  A pentester gains access to a Windows application server and needs to determine the settings of the built-in Windows firewall. Which command would be used?

  A. Netsh firewall show config
  B. WMIC firewall show config
  C. Net firewall show config
  D. Ipconfig firewall show config
  A. Netsh firewall show config

• Question 207:

  Which security strategy requires using several, varying methods to protect IT systems against attacks?

  A. Defense in depth
  B. Three-way handshake
  C. Covert channels
  D. Exponential backoff algorithm
  A. Defense in depth

• Question 208:

  How does a denial-of-service attack work?

  A. A hacker prevents a legitimate user (or group of users) from accessing a service
  B. A hacker uses every character, word, or letter he or she can think of to defeat authentication
  C. A hacker tries to decipher a password by using a system, which subsequently crashes the network
  D. A hacker attempts to imitate a legitimate user by confusing a computer or even another person
  A. A hacker prevents a legitimate user (or group of users) from accessing a service

• Question 209:

  Which of the following cryptography attack is an understatement for the extraction of cryptographic secrets (e.g. the password to an encrypted file) from a person by a coercion or torture?

  A. Chosen-Cipher text Attack
  B. Ciphertext-only Attack
  C. Timing Attack
  D. Rubber Hose Attack
  D. Rubber Hose Attack

• Question 210:

  Sandra is the security administrator of XYZ.com. One day she notices that the XYZ.com Oracle database server has been compromised and customer information along with financial data has been stolen. The financial loss will be estimated in millions of dollars if the database gets into the hands of competitors. Sandra wants to report this crime to the law enforcement agencies immediately. Which organization coordinates computer crime investigations throughout the United States?

  A. NDCA
  B. NICP
  C. CIRP
  D. NPC
  E. CIA
  D. NPC