EC-COUNCIL 312-50V7 Online Practice Questions and Exam Preparation

EC-COUNCIL 312-50V7 Online Questions & Answers

• Question 251:

  Nathan is testing some of his network devices. Nathan is using Macof to try and flood the ARP cache of these switches. If these switches' ARP cache is successfully flooded, what will be the result?

  A. The switches will drop into hub mode if the ARP cache is successfully flooded.
  B. If the ARP cache is flooded, the switches will drop into pix mode making it less susceptible to attacks.
  C. Depending on the switch manufacturer, the device will either delete every entry in its ARP cache or reroute packets to the nearest switch.
  D. The switches will route all traffic to the broadcast address created collisions.
  A. The switches will drop into hub mode if the ARP cache is successfully flooded.

• Question 252:

  An attacker sniffs encrypted traffic from the network and is subsequently able to decrypt it. The attacker can now use which cryptanalytic technique to attempt to discover the encryption key?

  A. Birthday attack
  B. Plaintext attack
  C. Meet in the middle attack
  D. Chosen ciphertext attack
  D. Chosen ciphertext attack

• Question 253:

  Web servers often contain directories that do not need to be indexed. You create a text file with search engine indexing restrictions and place it on the root directory of the Web Server.

  User-agent: * Disallow: /images/ Disallow: /banners/ Disallow: /Forms/ Disallow: /Dictionary/ Disallow: /_borders/ Disallow: /_fpclass/ Disallow: /_overlay/ Disallow: /_private/ Disallow: /_themes/

  What is the name of this file?

  A. robots.txt
  B. search.txt
  C. blocklist.txt
  D. spf.txt
  A. robots.txt

• Question 254:

  What type of port scan is shown below?

  

  A. Idle Scan
  B. Windows Scan
  C. XMAS Scan
  D. SYN Stealth Scan
  C. XMAS Scan

• Question 255:

  Which solution can be used to emulate computer services, such as mail and ftp, and to capture information related to logins or actions?

  A. Firewall
  B. Honeypot
  C. Core server
  D. Layer 4 switch
  B. Honeypot

• Question 256:

  A security analyst is performing an audit on the network to determine if there are any deviations from the security policies in place. The analyst discovers that a user from the IT department had a dial-out modem installed. Which security policy must the security analyst check to see if dial-out modems are allowed?

  A. Firewall-management policy
  B. Acceptable-use policy
  C. Remote-access policy
  D. Permissive policy
  C. Remote-access policy

• Question 257:

  Which tool is used to automate SQL injections and exploit a database by forcing a given web application to connect to another database controlled by a hacker?

  A. DataThief
  B. NetCat
  C. Cain and Abel
  D. SQLInjector
  D. SQLInjector

• Question 258:

  You are the CIO for Avantes Finance International, a global finance company based in Geneva. You are responsible for network functions and logical security throughout the entire corporation. Your company has over 250 servers running Windows Server, 5000 workstations running Windows Vista, and 200 mobile users working from laptops on Windows 7.

  Last week, 10 of your company's laptops were stolen from salesmen while at a conference in Amsterdam. These laptops contained proprietary company information. While doing damage assessment on the possible public relations nightmare this may become, a news story leaks about the stolen laptops and also that sensitive information from those computers was posted to a blog online.

  What built-in Windows feature could you have implemented to protect the sensitive information on these laptops?

  A. You should have used 3DES which is built into Windows
  B. If you would have implemented Pretty Good Privacy (PGP) which is built into Windows, the sensitive information on the laptops would not have leaked out
  C. You should have utilized the built-in feature of Distributed File System (DFS) to protect the sensitive information on the laptops
  D. You could have implemented Encrypted File System (EFS) to encrypt the sensitive files on the laptops
  D. You could have implemented Encrypted File System (EFS) to encrypt the sensitive files on the laptops

• Question 259:

  What is the IV key size used in WPA2?

  A. 32
  B. 24
  C. 16
  D. 48
  E. 128
  D. 48

• Question 260:

  Hayden is the network security administrator for her company, a large finance firm based in Miami. Hayden just returned from a security conference in Las Vegas where they talked about all kinds of old and new security threats; many of which she did not know of. Hayden is worried about the current security state of her company's network so she decides to start scanning the network from an external IP address. To see how some of the hosts on her network react, she sends out SYN packets to an IP range. A number of IPs responds with a SYN/ACK response. Before the connection is established she sends RST packets to those hosts to stop the session. She does this to see how her intrusion detection system will log the traffic. What type of scan is Hayden attempting here?

  A. Hayden is attempting to find live hosts on her company's network by using an XMAS scan
  B. She is utilizing a SYN scan to find live hosts that are listening on her network
  C. The type of scan, she is using is called a NULL scan
  D. Hayden is using a half-open scan to find live hosts on her network
  D. Hayden is using a half-open scan to find live hosts on her network