EC-COUNCIL 312-50V10 Online Practice Questions and Exam Preparation

EC-COUNCIL 312-50V10 Online Questions & Answers

• Question 681:

  The Heartbleed bug was discovered in 2014 and is widely referred to under MITRE's Common Vulnerabilities and Exposures (CVE) as CVE-2014-0160. This bug affects the OpenSSL implementation of the transport layer security (TLS)

  protocols defined in RFC6520.

  What type of key does this bug leave exposed to the Internet making exploitation of any compromised system very easy?

  A. Private
  B. Public
  C. Shared
  D. Root
  A. Private

• Question 682:

  Although FTP traffic is not encrypted by default, which layer 3 protocol would allow for end-to-end encryption of the connection?

  A. IPsec
  B. SFTP
  C. FTPS
  D. SSL
  A. IPsec

• Question 683:

  You are monitoring the network of your organizations. You notice that:

  1.

  There are huge outbound connections from your Internal Network to External IPs.

  2.

  On further investigation, you see that the External IPs are blacklisted.

  3.

  Some connections are accepted, and some are dropped.

  4.

  You find that it is a CnC communication. Which of the following solution will you suggest?

  A. Block the Blacklist IP's @ Firewall
  B. Update the Latest Signatures on your IDS/IPS
  C. Clean the Malware which are trying to Communicate with the External Blacklist IP's
  D. Both B and C
  D. Both B and C

• Question 684:

  An attacker tries to do banner grabbing on a remote web server and executes the following command.

  

  Service detection performed. Please report any incorrect results at http://nmap.org/submit/.

  Nmap done: 1 IP address (1 host up) scanned in 6.42 seconds

  What did the hacker accomplish?

  A. nmap can't retrieve the version number of any running remote service.
  B. The hacker successfully completed the banner grabbing.
  C. The hacker should've used nmap -O host.domain.com.
  D. The hacker failed to do banner grabbing as he didn't get the version of the Apache web server.
  B. The hacker successfully completed the banner grabbing.

• Question 685:

  This is an attack that takes advantage of a web site vulnerability in which the site displays content that includes un-sanitized user-provided data.

  

  What is this attack?

  A. Cross-site-scripting attack
  B. SQL Injection
  C. URL Traversal attack
  D. Buffer Overflow attack
  A. Cross-site-scripting attack

• Question 686:

  Which of the following is considered an exploit framework and has the ability to perform automated attacks on services, ports, applications and unpatched security flaws in a computer system?

  A. Wireshark
  B. Maltego
  C. Metasploit
  D. Nessus
  C. Metasploit

• Question 687:

  SNMP is a protocol used to query hosts, servers, and devices about performance or health status data. This protocol has long been used by hackers to gather great amount of information about remote hosts. Which of the following features makes this possible? (Choose two.)

  A. It used TCP as the underlying protocol.
  B. It uses community string that is transmitted in clear text.
  C. It is susceptible to sniffing.
  D. It is used by all network devices on the market.
  B. It uses community string that is transmitted in clear text.
  D. It is used by all network devices on the market.

• Question 688:

  Which of the following is the successor of SSL?

  A. TLS
  B. RSA
  C. GRE
  D. IPSec
  A. TLS

• Question 689:

  An NMAP scan of a server shows port 25 is open. What risk could this pose?

  A. Open printer sharing
  B. Web portal data leak
  C. Clear text authentication
  D. Active mail relay
  D. Active mail relay

• Question 690:

  Which of the following is the BEST way to defend against network sniffing?

  A. Using encryption protocols to secure network communications
  B. Register all machines MAC Address in a Centralized Database
  C. Restrict Physical Access to Server Rooms hosting Critical Servers
  D. Use Static IP Address
  A. Using encryption protocols to secure network communications