EC-COUNCIL EC-COUNCIL Certifications 312-50V10 Questions & Answers

• Question 481:

  Which of the following is an example of two factor authentication?

  A. PIN Number and Birth Date

  B. Username and Password

  C. Digital Certificate and Hardware Token

  D. Fingerprint and Smartcard ID

  Correct Answer: D

• Question 482:

  Which NMAP command combination would let a tester scan every TCP port from a class C network that is blocking ICMP with fingerprinting and service detection?

  A. NMAP -PN -A -O -sS 192.168.2.0/24

  B. NMAP -P0 -A -O -p1-65535 192.168.0/24

  C. NMAP -P0 -A -sT -p0-65535 192.168.0/16

  D. NMAP -PN -O -sS -p 1-1024 192.168.0/8

  Correct Answer: B

• Question 483:

  Which protocol and port number might be needed in order to send log messages to a log analysis tool that resides behind a firewall?

  A. UDP 123

  B. UDP 541

  C. UDP 514

  D. UDP 415

  Correct Answer: C

• Question 484:

  Which of the following lists are valid data-gathering activities associated with a risk assessment?

  A. Threat identification, vulnerability identification, control analysis

  B. Threat identification, response identification, mitigation identification

  C. Attack profile, defense profile, loss profile

  D. System profile, vulnerability identification, security determination

  Correct Answer: A

• Question 485:

  The following is a sample of output from a penetration tester's machine targeting a machine with the IP address of 192.168.1.106:

  

  What is most likely taking place?

  A. Ping sweep of the 192.168.1.106 network

  B. Remote service brute force attempt

  C. Port scan of 192.168.1.106

  D. Denial of service attack on 192.168.1.106

  Correct Answer: B

• Question 486:

  A person approaches a network administrator and wants advice on how to send encrypted email from home. The end user does not want to have to pay for any license fees or manage server services. Which of the following is the most secure encryption protocol that the network administrator should recommend?

  A. IP Security (IPSEC)

  B. Multipurpose Internet Mail Extensions (MIME)

  C. Pretty Good Privacy (PGP)

  D. Hyper Text Transfer Protocol with Secure Socket Layer (HTTPS)

  Correct Answer: C

• Question 487:

  A network administrator received an administrative alert at 3:00 a.m. from the intrusion detection system. The alert was generated because a large number of packets were coming into the network over ports 20 and 21. During analysis, there were no signs of attack on the FTP servers. How should the administrator classify this situation?

  A. True negatives

  B. False negatives

  C. True positives

  D. False positives

  Correct Answer: D

• Question 488:

  Which of the following items of a computer system will an anti-virus program scan for viruses?

  A. Boot Sector

  B. Deleted Files

  C. Windows Process List

  D. Password Protected Files

  Correct Answer: A

• Question 489:

  A company has five different subnets: 192.168.1.0, 192.168.2.0, 192.168.3.0, 192.168.4.0 and

  192.168.5.0. How can NMAP be used to scan these adjacent Class C networks?

  A. NMAP -P 192.168.1-5.

  B. NMAP -P 192.168.0.0/16

  C. NMAP -P 192.168.1.0,2.0,3.0,4.0,5.0

  D. NMAP -P 192.168.1/17

  Correct Answer: A

• Question 490:

  A security consultant decides to use multiple layers of anti-virus defense, such as end user desktop anti-virus and E-mail gateway. This approach can be used to mitigate which kind of attack?

  A. Forensic attack

  B. ARP spoofing attack

  C. Social engineering attack

  D. Scanning attack

  Correct Answer: C