EC-COUNCIL 312-50V10 Online Practice Questions and Exam Preparation

EC-COUNCIL 312-50V10 Online Questions & Answers

• Question 281:

  Which of the following security operations is used for determining the attack surface of an organization?

  A. Running a network scan to detect network services in the corporate DMZ
  B. Training employees on the security policy regarding social engineering
  C. Reviewing the need for a security clearance for each employee
  D. Using configuration management to determine when and where to apply security patches
  A. Running a network scan to detect network services in the corporate DMZ

• Question 282:

  In the field of cryptanalysis, what is meant by a "rubber-hose" attack?

  A. Attempting to decrypt cipher text by making logical assumptions about the contents of the original plain text.
  B. Extraction of cryptographic secrets through coercion or torture.
  C. Forcing the targeted key stream through a hardware-accelerated device such as an ASIC.
  D. A backdoor placed into a cryptographic algorithm by its creator.
  B. Extraction of cryptographic secrets through coercion or torture.

• Question 283:

  A Certificate Authority (CA) generates a key pair that will be used for encryption and decryption of email. The integrity of the encrypted email is dependent on the security of which of the following?

  A. Public key
  B. Private key
  C. Modulus length
  D. Email server certificate
  B. Private key

• Question 284:

  Which of the following is a component of a risk assessment?

  A. Administrative safeguards
  B. Physical security
  C. DMZ
  D. Logical interface
  A. Administrative safeguards

• Question 285:

  Analyst is investigating proxy logs and found out that one of the internal user visited website storing suspicious Java scripts. After opening one of them, he noticed that it is very hard to understand the code and that all codes differ from the typical Java script. What is the name of this technique to hide the code and extend analysis time?

  A. Encryption
  B. Code encoding
  C. Obfuscation
  D. Steganography
  A. Encryption

• Question 286:

  Which of the following Bluetooth hacking techniques does an attacker use to send messages to users without the recipient's consent, similar to email spamming?

  A. Bluesmacking
  B. Bluesniffing
  C. Bluesnarfing
  D. Bluejacking
  D. Bluejacking

• Question 287:

  What is the known plaintext attack used against DES which gives the result that encrypting plaintext with one DES key followed by encrypting it with a second DES key is no more secure than using a single key?

  A. Man-in-the-middle attack
  B. Meet-in-the-middle attack
  C. Replay attack
  D. Traffic analysis attack
  B. Meet-in-the-middle attack

• Question 288:

  Which of the following is considered an acceptable option when managing a risk?

  A. Reject the risk.
  B. Deny the risk.
  C. Mitigate the risk.
  D. Initiate the risk.
  C. Mitigate the risk.

• Question 289:

  Which of the following Linux commands will resolve a domain name into IP address?

  A. >host-t a hackeddomain.com
  B. >host-t ns hackeddomain.com
  C. >host -t soa hackeddomain.com
  D. >host -t AXFR hackeddomain.com
  A. >host-t a hackeddomain.com

• Question 290:

  Which of the following techniques will identify if computer files have been changed?

  A. Network sniffing
  B. Permission sets
  C. Integrity checking hashes
  D. Firewall alerts
  C. Integrity checking hashes