EC-COUNCIL EC-COUNCIL Certifications 312-50V10 Questions & Answers

• Question 501:

  Which of the following identifies the three modes in which Snort can be configured to run?

  A. Sniffer, Packet Logger, and Network Intrusion Detection System

  B. Sniffer, Network Intrusion Detection System, and Host Intrusion Detection System

  C. Sniffer, Host Intrusion Prevention System, and Network Intrusion Prevention System

  D. Sniffer, Packet Logger, and Host Intrusion Prevention System

  Correct Answer: A

• Question 502:

  Which command lets a tester enumerate alive systems in a class C network via ICMP using native Windows tools?

  A. ping 192.168.2.

  B. ping 192.168.2.255

  C. for %V in (1 1 255) do PING 192.168.2.%V

  D. for /L %V in (1 1 254) do PING -n 1 192.168.2.%V | FIND /I "Reply"

  Correct Answer: D

• Question 503:

  Which of the following scanning tools is specifically designed to find potential exploits in Microsoft Windows products?

  A. Microsoft Security Baseline Analyzer

  B. Retina

  C. Core Impact

  D. Microsoft Baseline Security Analyzer

  Correct Answer: D

• Question 504:

  Which of the following settings enables Nessus to detect when it is sending too many packets and the network pipe is approaching capacity?

  A. Netstat WMI Scan

  B. Silent Dependencies

  C. Consider unscanned ports as closed

  D. Reduce parallel connections on congestion

  Correct Answer: D

• Question 505:

  The network administrator for a company is setting up a website with e-commerce capabilities. Packet sniffing is a concern because credit card information will be sent electronically over the Internet. Customers visiting the site will need to encrypt the data with HTTPS. Which type of certificate is used to encrypt and decrypt the data?

  A. Asymmetric

  B. Confidential

  C. Symmetric

  D. Non-confidential

  Correct Answer: A

• Question 506:

  Which of the following is a preventive control?

  A. Smart card authentication

  B. Security policy

  C. Audit trail

  D. Continuity of operations plan

  Correct Answer: A

• Question 507:

  An engineer is learning to write exploits in C++ and is using the exploit tool Backtrack. The engineer wants to compile the newest C++ exploit and name it calc.exe. Which command would the engineer use to accomplish this?

  A. g++ hackersExploit.cpp -o calc.exe

  B. g++ hackersExploit.py -o calc.exe

  C. g++ -i hackersExploit.pl -o calc.exe

  D. g++ --compile 璱 hackersExploit.cpp -o calc.exe

  Correct Answer: A

• Question 508:

  How can rainbow tables be defeated?

  A. Password salting

  B. Use of non-dictionary words

  C. All uppercase character passwords

  D. Lockout accounts under brute force password cracking attempts

  Correct Answer: A

• Question 509:

  Which of the following types of firewall inspects only header information in network traffic?

  A. Packet filter

  B. Stateful inspection

  C. Circuit-level gateway

  D. Application-level gateway

  Correct Answer: A

• Question 510:

  A Security Engineer at a medium-sized accounting firm has been tasked with discovering how much information can be obtained from the firm's public facing web servers. The engineer decides to start by using netcat to port 80.

  The engineer receives this output:

  

  Which of the following is an example of what the engineer performed?

  A. Cross-site scripting

  B. Banner grabbing

  C. SQL injection

  D. Whois database query

  Correct Answer: B