EC-COUNCIL 312-50V7 Online Practice Questions and Exam Preparation

EC-COUNCIL 312-50V7 Online Questions & Answers

• Question 381:

  SSL has been seen as the solution to a lot of common security problems. Administrator will often time make use of SSL to encrypt communications from points A to point B. Why do you think this could be a bad idea if there is an Intrusion Detection System deployed to monitor the traffic between point A and B?

  A. SSL is redundant if you already have IDS's in place
  B. SSL will trigger rules at regular interval and force the administrator to turn them off
  C. SSL will slow down the IDS while it is breaking the encryption to see the packet content
  D. SSL will blind the content of the packet and Intrusion Detection Systems will not be able to detect them
  D. SSL will blind the content of the packet and Intrusion Detection Systems will not be able to detect them

• Question 382:

  A tester is attempting to capture and analyze the traffic on a given network and realizes that the network has several switches. What could be used to successfully sniff the traffic on this switched network? (Choose three.)

  A. ARP spoofing
  B. MAC duplication
  C. MAC flooding
  D. SYN flood
  E. Reverse smurf attack
  F. ARP broadcasting
  A. ARP spoofing
  B. MAC duplication
  C. MAC flooding

• Question 383:

  A common technique for luring e-mail users into opening virus-launching attachments is to send messages that would appear to be relevant or important to many of their potential recipients. One way of accomplishing this feat is to make the virus-carrying messages appear to come from some type of business entity retailing sites, UPS, FEDEX, CITIBANK or a major provider of a common service.

  Here is a fraudulent e-mail claiming to be from FedEx regarding a package that could not be delivered. This mail asks the receiver to open an attachment in order to obtain the FEDEX tracking number for picking up the package. The attachment contained in this type of e-mail activates a virus.

  

  Vendors send e-mails like this to their customers advising them not to open any files attached with the mail, as they do not include attachments. Fraudulent e-mail and legit e-mail that arrives in your inbox contain the fedex.com as the sender

  of the mail.

  How do you ensure if the e-mail is authentic and sent from fedex.com?

  A. Verify the digital signature attached with the mail, the fake mail will not have Digital ID at all
  B. Check the Sender ID against the National Spam Database (NSD)
  C. Fake mail will have spelling/grammatical errors
  D. Fake mail uses extensive images, animation and flash content
  A. Verify the digital signature attached with the mail, the fake mail will not have Digital ID at all

• Question 384:

  Hampton is the senior security analyst for the city of Columbus in Ohio. His primary responsibility is to ensure that all physical and logical aspects of the city's computer network are secure from all angles. Bill is an IT technician that works with Hampton in the same IT department. Bill's primary responsibility is to keep PC's and servers up to date and to keep track of all the agency laptops that the company owns and lends out to its employees. After Bill setup a wireless network for the agency, Hampton made sure that everything was secure. He instituted encryption, rotating keys, turned off SSID broadcasting, and enabled MAC filtering. According to agency policy, only company laptops are allowed to use the wireless network, so Hampton entered all the MAC addresses for those laptops into the wireless security utility so that only those laptops should be able to access the wireless network.

  Hampton does not keep track of all the laptops, but he is pretty certain that the agency only purchases Dell laptops. Hampton is curious about this because he notices Bill working on a Toshiba laptop one day and saw that he was on the Internet. Instead of jumping to conclusions, Hampton decides to talk to Bill's boss and see if they had purchased a Toshiba laptop instead of the usual Dell. Bill's boss said no, so now Hampton is very curious to see how Bill is accessing the Internet. Hampton does site surveys every couple of days, and has yet to see any outside wireless network signals inside the company's building.

  How was Bill able to get Internet access without using an agency laptop?

  A. Bill spoofed the MAC address of Dell laptop
  B. Bill connected to a Rogue access point
  C. Toshiba and Dell laptops share the same hardware address
  D. Bill brute forced the Mac address ACLs
  A. Bill spoofed the MAC address of Dell laptop

• Question 385:

  Joseph has just been hired on to a contractor company of the Department of Defense as their Senior Security Analyst. Joseph has been instructed on the company's strict security policies that have been implemented, and the policies that have yet to be put in place. Per the Department of Defense, all DoD users and the users of their contractors must use two-factor authentication to access their networks. Joseph has been delegated the task of researching and implementing the best two-factor authentication method for his company. Joseph's supervisor has told him that they would like to use some type of hardware device in tandem with a security or identifying pin number. Joseph's company has already researched using smart cards and all the resources needed to implement them, but found the smart cards to not be cost effective. What type of device should Joseph use for two-factor authentication?

  A. Biometric device
  B. OTP
  C. Proximity cards
  D. Security token
  D. Security token

• Question 386:

  How do you defend against DHCP Starvation attack?

  

  A. Enable ARP-Block on the switch
  B. Enable DHCP snooping on the switch
  C. Configure DHCP-BLOCK to 1 on the switch
  D. Install DHCP filters on the switch to block this attack
  B. Enable DHCP snooping on the switch

• Question 387:

  In the context of Trojans, what is the definition of a Wrapper?

  A. An encryption tool to protect the Trojan
  B. A tool used to bind the Trojan with a legitimate file
  C. A tool used to calculate bandwidth and CPU cycles wasted by the Trojan
  D. A tool used to encapsulate packets within a new header and footer
  B. A tool used to bind the Trojan with a legitimate file

• Question 388:

  While investigating a claim of a user downloading illegal material, the investigator goes through the files on the suspect's workstation. He comes across a file that is just called "file.txt" but when he opens it, he finds the following:

  

  What can he infer from this file?

  A. A picture that has been renamed with a .txt extension
  B. An encrypted file
  C. An encoded file
  D. A buffer overflow
  D. A buffer overflow

• Question 389:

  Web servers are often the most targeted and attacked hosts on organizations' networks. Attackers may exploit software bugs in the Web server, underlying operating system, or active content to gain unauthorized access.

  

  Identify the correct statement related to the above Web Server installation?

  A. Lack of proper security policy, procedures and maintenance
  B. Bugs in server software, OS and web applications
  C. Installing the server with default settings
  D. Unpatched security flaws in the server software, OS and applications
  C. Installing the server with default settings

• Question 390:

  Which of the following techniques will identify if computer files have been changed?

  A. Network sniffing
  B. Permission sets
  C. Integrity checking hashes
  D. Firewall alerts
  C. Integrity checking hashes