EC-COUNCIL EC-COUNCIL Certifications 312-50V12 Questions & Answers

• Question 271:

  This wireless security protocol allows 192-bit minimum-strength security protocols and cryptographic tools to protect sensitive data, such as GCMP-2S6. MMAC-SHA384, and ECDSA using a 384-bit elliptic curve. Which is this wireless security protocol?

  A. WPA2 Personal

  B. WPA3-Personal

  C. WPA2-Enterprise

  D. WPA3-Enterprise

  Correct Answer: D

  Enterprise, governments, and financial institutions have greater security with WPA3-Enterprise. WPA3-Enterprise builds upon WPA2 and ensures the consistent application of security protocol across the network.WPA3-Enterprise also offers an optional mode using 192-bit minimum-strength security protocols and cryptographic tools to raised protect sensitive data:?Authenticated encryption: 256-bit Galois/Counter Mode Protocol (GCMP-256)?Key derivation and confirmation: 384bit Hashed Message Authentication Mode (HMAC) with Secure Hash Algorithm (HMAC-SHA384)?Key establishment and authentication: Elliptic Curve Diffie-Hellman (ECDH) exchange and Elliptic Curve Digital Signature Algorithm (ECDSA) employing a 384-bit elliptic curve?Robust management frame protection: 256-bit Broadcast/Multicast Integrity Protocol Galois Message Authentication Code (BIP-GMAC-256)The 192-bit security mode offered by WPA3- Enterprise ensures the proper combination of cryptographic tools are used and sets a uniform baseline of security within a WPA3 network.

• Question 272:

  PGP, SSL, and IKE are all examples of which type of cryptography?

  A. Digest

  B. Secret Key

  C. Public Key

  D. Hash Algorithm

  Correct Answer: C

• Question 273:

  Suppose your company has just passed a security risk assessment exercise. The results display that the risk of the breach in the main company application is 50%. Security staff has taken some measures and implemented the necessary controls. After that, another security risk assessment was performed showing that risk has decreased to 10%. The risk threshold for the application is 20%. Which of the following risk decisions will be the best for the project in terms of its successful continuation with the most business profit?

  A. Accept the risk

  B. Introduce more controls to bring risk to 0%

  C. Mitigate the risk

  D. Avoid the risk

  Correct Answer: A

  Risk Mitigation Risk mitigation can be defined as taking steps to reduce adverse effects. There are four types of risk mitigation strategies that hold unique to Business Continuity and Disaster Recovery. When mitigating risk, it's important to develop a strategy that closely relates to and matches your company's profile.

  

  A picture containing diagram

  Risk Acceptance

  Risk acceptance does not reduce any effects; however, it is still considered a strategy. This strategy is a common option when the cost of other risk management options such as avoidance or limitation may outweigh the cost of the risk itself.

  A company that doesn't want to spend a lot of money on avoiding risks that do not have a high possibility of occurring will use the risk acceptance strategy.

  Risk Avoidance

  Risk avoidance is the opposite of risk acceptance. It is the action that avoids any exposure to the risk whatsoever. It's important to note that risk avoidance is usually the most expensive of all risk mitigation options.

  Risk Limitation

  Risk limitation is the most common risk management strategy used by businesses. This strategy limits a company's exposure by taking some action. It is a strategy employing a bit of risk acceptance and a bit of risk avoidance or an average

  of both. An example of risk limitation would be a company accepting that a disk drive may fail and avoiding a long period of failure by having backups.

  Risk Transference

  Risk transference is the involvement of handing risk off to a willing third party. For example, numerous companies outsource certain operations such as customer service, payroll services, etc. This can be beneficial for a company if a

  transferred risk is not a core competency of that company. It can also be used so a company can focus more on its core competencies.

• Question 274:

  Sam, a web developer, was instructed to incorporate a hybrid encryption software program into a web application to secure email messages. Sam used an encryption software, which is a free implementation of the OpenPGP standard that uses both symmetric-key cryptography and asymmetric-key cryptography for improved speed and secure key exchange. What is the encryption software employed by Sam for securing the email messages?

  A. PGP

  B. S/MIME

  C. SMTP

  D. GPG

  Correct Answer: A

• Question 275:

  In both pharming and phishing attacks, an attacker can create websites that look similar to legitimate sites with the intent of collecting personal identifiable information from its victims. What is the difference between pharming and phishing attacks?

  A. In a pharming attack, a victim is redirected to a fake website by modifying their host configuration file or by exploiting vulnerabilities in DNS. In a phishing attack, an attacker provides the victim with a URL that is either misspelled or looks similar to the actual websites domain name

  B. In a phishing attack, a victim is redirected to a fake website by modifying their host configuration file or by exploiting vulnerabilities in DNS. In a pharming attack, an attacker provides the victim with a URL that is either misspelled or looks very similar to the actual websites domain name

  C. Both pharming and phishing attacks are purely technical and are not considered forms of social engineering

  D. Both pharming and phishing attacks are identical

  Correct Answer: A

• Question 276:

  An LDAP directory can be used to store information similar to a SQL database. LDAP uses a _____ database structure instead of SQL's _____ structure. Because of this, LDAP has difficulty representing many-to-one relationships.

  A. Relational, Hierarchical

  B. Strict, Abstract

  C. Hierarchical, Relational

  D. Simple, Complex

  Correct Answer: C

• Question 277:

  You have the SOA presented below in your Zone. Your secondary servers have not been able to contact your primary server to synchronize information. How long will the secondary servers attempt to contact the primary server before it considers that zone is dead and stops responding to queries? collegae.edu.SOA, cikkye.edu ipad.college.edu. (200302028 3600 3600 604800 3600)

  A. One day

  B. One hour

  C. One week

  D. One month

  Correct Answer: C

• Question 278:

  Due to a slowdown of normal network operations, the IT department decided to monitor internet traffic for all of the employees. From a legal standpoint, what would be troublesome to take this kind of measure?

  A. All of the employees would stop normal work activities

  B. IT department would be telling employees who the boss is

  C. Not informing the employees that they are going to be monitored could be an invasion of privacy.

  D. The network could still experience traffic slow down.

  Correct Answer: C

• Question 279:

  Which of the following tools are used for enumeration? (Choose three.)

  A. SolarWinds

  B. USER2SID

  C. Cheops

  D. SID2USER

  E. DumpSec

  Correct Answer: BDE

• Question 280:

  Jim, a professional hacker, targeted an organization that is operating critical Industrial Infrastructure. Jim used Nmap to scan open pons and running services on systems connected to the organization's OT network. He used an Nmap command to identify Ethernet/IP devices connected to the Internet and further gathered Information such as the vendor name, product code and name, device name, and IP address. Which of the following Nmap commands helped Jim retrieve the required information?

  A. nmap -Pn -sT --scan-delay 1s --max-parallelism 1 -p < Port List > < Target IP >

  B. nmap -Pn -sU -p 44818 --script enip-info < Target IP >

  C. nmap -Pn -sT -p 46824 < Target IP >

  D. nmap -Pn -sT -p 102 --script s7-info < Target IP >

  Correct Answer: B

  https://nmap.org/nsedoc/scripts/enip-info.html Example Usage enip-info:

  -nmap --script enip-info -sU -p 44818 This NSE script is used to send a EtherNet/IP packet to a remote device that has TCP 44818 open. The script will send a Request Identity Packet and once a response is received, it validates that it was a proper response to the command that was sent, and then will parse out the data. Information that is parsed includes Device Type, Vendor ID, Product name, Serial Number, Product code, Revision Number, status, state, as well as the Device IP. This script was written based of information collected by using the the Wireshark dissector for CIP, and EtherNet/IP, The original information was collected by running a modified version of the ethernetip.py script (https://github.com/paperwork/ pyenip)