For messages sent through an insecure channel, a properly implemented digital signature gives the receiver reason to believe the message was sent by the claimed sender. While using a digital signature, the message digest is encrypted with which key?
A. Sender's public keyWhich of the following processes evaluates the adherence of an organization to its stated security policy?
A. Vulnerability assessmentThe GET method should never be used when sensitive data such as credit card is being sent to a CGI program. This is because any GET command will appear in the URL, and will be logged by any servers. For example, let's say that you've
entered your credit card information into a form that uses the GET method. The URL may appear like this:
https://www.xsecurity-bank.com/creditcard.asp?cardnumber=453453433532234
The GET method appends the credit card number to the URL. This means that anyone with access to a server log will be able to obtain this information. How would you protect from this type of attack?
A. Never include sensitive information in a scriptWhich type of password cracking technique works like dictionary attack but adds some numbers and symbols to the words from the dictionary and tries to crack the password?
A. Dictionary attackWhich element of Public Key Infrastructure (PKI) verifies the applicant?
A. Certificate authorityPassive reconnaissance involves collecting information through which of the following?
A. Social engineeringMaintaining a secure Web server requires constant effort, resources, and vigilance from an organization. Securely administering a Web server on a daily basis is an essential aspect of Web server security. Maintaining the security of a Web server will usually involve the following steps:
1.
Configuring, protecting, and analyzing log files
2.
Backing up critical information frequently
3.
Maintaining a protected authoritative copy of the organization's Web content
4.
Establishing and following procedures for recovering from compromise
5.
Testing and applying patches in a timely manner
6.
Testing security periodically.
In which step would you engage a forensic investigator?
A. 1A large company intends to use Blackberry for corporate mobile phones and a security analyst is assigned to evaluate the possible threats. The analyst will use the Blackjacking attack method to demonstrate how an attacker could circumvent perimeter defenses and gain access to the corporate network. What tool should the analyst use to perform a Blackjacking attack?
A. Paros ProxyWhat is the main reason the use of a stored biometric is vulnerable to an attack?
A. The digital representation of the biometric might not be unique, even if the physical characteristic is unique.Which of the following is an example of an asymmetric encryption implementation?
A. SHA1Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-50V7 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.