EC-COUNCIL 312-50V11 Online Practice Questions and Exam Preparation

EC-COUNCIL 312-50V11 Online Questions & Answers

• Question 261:

  Robert, a professional hacker, is attempting to execute a fault injection attack on a target IoT device. In this process, he injects faults into the power supply that can be used for remote execution, also causing the skipping of key instructions. He also injects faults into the clock network used for delivering a synchronized signal across the chip.

  Which of the following types of fault injection attack is performed by Robert in the above scenario?

  A. Frequency/voltage tampering
  B. Optical, electromagnetic fault injection (EMFI)
  C. Temperature attack
  D. Power/clock/reset glitching
  B. Optical, electromagnetic fault injection (EMFI)

• Question 262:

  You have gained physical access to a Windows 2008 R2 server which has an accessible disc drive. When you attempt to boot the server and log in, you are unable to guess the password. In your toolkit, you have an Ubuntu 9.10 Linux LiveCD. Which Linux-based tool can change any user's password or activate disabled Windows accounts?

  A. John the Ripper
  B. SET
  C. CHNTPW
  D. Cain and Abel
  C. CHNTPW

• Question 263:

  In this attack, a victim receives an e-mail claiming from PayPal stating that their account has been disabled and confirmation is required before activation. The attackers then scam to collect not one but two credit card numbers, ATM PIN number and other personal details. Ignorant users usually fall prey to this scam.

  Which of the following statement is incorrect related to this attack?

  A. Do not reply to email messages or popup ads asking for personal or financial information
  B. Do not trust telephone numbers in e-mails or popup ads
  C. Review credit card and bank account statements regularly
  D. Antivirus, anti-spyware, and firewall software can very easily detect these type of attacks
  E. Do not send credit card numbers, and personal or financial information via e-mail
  D. Antivirus, anti-spyware, and firewall software can very easily detect these type of attacks

• Question 264:

  Alex, a cloud security engineer working in Eyecloud Inc. is tasked with isolating applications from the underlying infrastructure and stimulating communication via well- defined channels. For this purpose, he used an open-source technology that helped him in developing, packaging, and running applications; further, the technology provides PaaS through OS-level visualization, delivers containerized software packages, and promotes fast software delivery. What is the cloud technology employed by Alex in the above scenario?

  A. Virtual machine
  B. Serverless computing
  C. Docker
  D. Zero trust network
  C. Docker

• Question 265:

  An organization is performing a vulnerability assessment tor mitigating threats. James, a pen tester, scanned the organization by building an inventory of the protocols found on the organization's machines to detect which ports are attached to services such as an email server, a web server or a database server. After identifying the services, he selected the vulnerabilities on each machine and started executing only the relevant tests. What is the type of vulnerability assessment solution that James employed in the above scenario?

  A. Product-based solutions
  B. Tree-based assessment
  C. Service-based solutions
  D. inference-based assessment
  C. Service-based solutions

• Question 266:

  John, a professional hacker, performs a network attack on a renowned organization and gains unauthorized access to the target network. He remains in the network without being detected for a long time and obtains sensitive information without sabotaging the organization. Which of the following attack techniques is used by John?

  A. Advanced persistent
  B. threat Diversion theft
  C. Spear-phishing sites
  D. insider threat
  A. Advanced persistent

• Question 267:

  A zone file consists of which of the following Resource Records (RRs)?

  A. DNS, NS, AXFR, and MX records
  B. DNS, NS, PTR, and MX records
  C. SOA, NS, AXFR, and MX records
  D. SOA, NS, A, and MX records
  D. SOA, NS, A, and MX records

• Question 268:

  Which of the following Google advanced search operators helps an attacker in gathering information about websites that are similar to a specified target URL?

  A. [inurl:]
  B. [related:]
  C. [info:]
  D. [site:]
  B. [related:]

• Question 269:

  Abel, a cloud architect, uses container technology to deploy applications/software including all its dependencies, such as libraries and configuration files, binaries, and other resources that run independently from other processes in the cloud environment. For the containerization of applications, he follows the five-tier container technology architecture. Currently. Abel is verifying and validating image contents, signing images, and sending them to the registries. Which of the following tiers of the container technology architecture Is Abel currently working in?

  A. Tier-1: Developer machines
  B. Tier-4: Orchestrators
  C. Tier-3: Registries
  D. Tier-2: Testing and accreditation systems
  D. Tier-2: Testing and accreditation systems

• Question 270:

  Steven connected his iPhone to a public computer that had been infected by Clark, an attacker. After establishing the connection with the public computer, Steven enabled iTunes WI-FI sync on the computer so that the device could continue communication with that computer even after being physically disconnected. Now, Clark gains access to Steven's iPhone through the infected computer and is able to monitor and read all of Steven's activity on the iPhone, even after the device is out of the communication zone.

  Which of the following attacks is performed by Clark in above scenario?

  A. IOS trustjacking
  B. lOS Jailbreaking
  C. Exploiting SS7 vulnerability
  D. Man-in-the-disk attack
  A. IOS trustjacking