EC-COUNCIL 312-50V7 Online Practice Questions and Exam Preparation

EC-COUNCIL 312-50V7 Online Questions & Answers

• Question 351:

  Which of the following are password cracking tools? (Choose three.)

  A. BTCrack
  B. John the Ripper
  C. KerbCrack
  D. Nikto
  E. Cain and Abel
  F. Havij
  B. John the Ripper
  C. KerbCrack
  E. Cain and Abel

• Question 352:

  Buffer X in an Accounting application module for Brownies Inc. can contain 200 characters. The programmer makes an assumption that 200 characters are more than enough. Because there were no proper boundary checks being conducted, Bob decided to insert 400 characters into the 200-character buffer. (Overflows the buffer). Below is the code snippet:

  

  How can you protect/fix the problem of your application as shown above?

  A. Because the counter starts with 0, we would stop when the counter is less than 200
  B. Because the counter starts with 0, we would stop when the counter is more than 200
  C. Add a separate statement to signify that if we have written less than 200 characters to the buffer, the stack should stop because it cannot hold any more data
  D. Add a separate statement to signify that if we have written 200 characters to the buffer, the stack should stop because it cannot hold any more data
  A. Because the counter starts with 0, we would stop when the counter is less than 200
  D. Add a separate statement to signify that if we have written 200 characters to the buffer, the stack should stop because it cannot hold any more data

• Question 353:

  Harold just got home from working at Henderson LLC where he works as an IT technician. He was able to get off early because they were not too busy. When he walks into his home office, he notices his teenage daughter on the computer, apparently chatting with someone online. As soon as she hears Harold enter the room, she closes all her windows and tries to act like she was playing a game. When Harold asks her what she was doing, she acts very nervous and does not give him a straight answer. Harold is very concerned because he does not want his daughter to fall victim to online predators and the sort. Harold doesn't necessarily want to install any programs that will restrict the sites his daughter goes to, because he doesn't want to alert her to his trying to figure out what she is doing. Harold wants to use some kind of program that will track her activities online, and send Harold an email of her activity once a day so he can see what she has been up to. What kind of software could Harold use to accomplish this?

  A. Install hardware Keylogger on her computer
  B. Install screen capturing Spyware on her computer
  C. Enable Remote Desktop on her computer
  D. Install VNC on her computer
  B. Install screen capturing Spyware on her computer

• Question 354:

  Which of the following programs is usually targeted at Microsoft Office products?

  A. Polymorphic virus
  B. Multipart virus
  C. Macro virus
  D. Stealth virus
  C. Macro virus

• Question 355:

  How can a rootkit bypass Windows 7 operating system's kernel mode, code signing policy?

  A. Defeating the scanner from detecting any code change at the kernel
  B. Replacing patch system calls with its own version that hides the rootkit (attacker's) actions
  C. Performing common services for the application process and replacing real applications with fake ones
  D. Attaching itself to the master boot record in a hard drive and changing the machine's boot sequence/options
  D. Attaching itself to the master boot record in a hard drive and changing the machine's boot sequence/options

• Question 356:

  You are the security administrator for a large network. You want to prevent attackers from running any sort of traceroute into your DMZ and discovering the internal structure of publicly accessible areas of the network. How can you achieve this?

  A. There is no way to completely block tracerouting into this area
  B. Block UDP at the firewall
  C. Block TCP at the firewall
  D. Block ICMP at the firewall
  A. There is no way to completely block tracerouting into this area

• Question 357:

  What does ICMP (type 11, code 0) denote?

  A. Source Quench
  B. Destination Unreachable
  C. Time Exceeded
  D. Unknown Type
  C. Time Exceeded

• Question 358:

  Which of the following Trojans would be considered 'Botnet Command Control Center'?

  A. YouKill DOOM
  B. Damen Rock
  C. Poison Ivy
  D. Matten Kit
  C. Poison Ivy

• Question 359:

  In the OSI model, where does PPTP encryption take place?

  A. Transport layer
  B. Application layer
  C. Data link layer
  D. Network layer
  C. Data link layer

• Question 360:

  A company has hired a security administrator to maintain and administer Linux and Windows-based systems. Written in the nightly report file is the followinG.

  Firewall log files are at the expected value of 4 MB. The current time is 12am. Exactly two hours later the size has decreased considerably. Another hour goes by and the log files have shrunk in size again.

  Which of the following actions should the security administrator take?

  A. Log the event as suspicious activity and report this behavior to the incident response team immediately.
  B. Log the event as suspicious activity, call a manager, and report this as soon as possible.
  C. Run an anti-virus scan because it is likely the system is infected by malware.
  D. Log the event as suspicious activity, continue to investigate, and act according to the site's security policy.
  D. Log the event as suspicious activity, continue to investigate, and act according to the site's security policy.