EC-COUNCIL EC-COUNCIL Certifications 312-50V7 Questions & Answers

• Question 411:

  You are the CIO for Avantes Finance International, a global finance company based in Geneva. You are responsible for network functions and logical security throughout the entire corporation. Your company has over 250 servers running Windows Server, 5000 workstations running Windows Vista, and 200 mobile users working from laptops on Windows 7.

  Last week, 10 of your company's laptops were stolen from salesmen while at a conference in Amsterdam. These laptops contained proprietary company information. While doing damage assessment on the possible public relations nightmare this may become, a news story leaks about the stolen laptops and also that sensitive information from those computers was posted to a blog online.

  What built-in Windows feature could you have implemented to protect the sensitive information on these laptops?

  A. You should have used 3DES which is built into Windows

  B. If you would have implemented Pretty Good Privacy (PGP) which is built into Windows, the sensitive information on the laptops would not have leaked out

  C. You should have utilized the built-in feature of Distributed File System (DFS) to protect the sensitive information on the laptops

  D. You could have implemented Encrypted File System (EFS) to encrypt the sensitive files on the laptops

  Correct Answer: D

• Question 412:

  What sequence of packets is sent during the initial TCP three-way handshake?

  A. SYN, SYN-ACK, ACK

  B. SYN, URG, ACK

  C. SYN, ACK, SYN-ACK

  D. FIN, FIN-ACK, ACK

  Correct Answer: A

• Question 413:

  Steve scans the network for SNMP enabled devices. Which port number Steve should scan?

  A. 150

  B. 161

  C. 169

  D. 69

  Correct Answer: B

• Question 414:

  You are footprinting an organization and gathering competitive intelligence. You visit the company's website for contact information and telephone numbers but do not find them listed there. You know they had the entire staff directory listed on their website 12 months ago but now it is not there. Is there any way you can retrieve information from a website that is outdated?

  A. Visit Google's search engine and view the cached copy

  B. Crawl the entire website and store them into your computer

  C. Visit Archive.org web site to retrieve the Internet archive of the company's website

  D. Visit the company's partners and customers website for this information

  Correct Answer: C

• Question 415:

  Lori was performing an audit of her company's internal Sharepoint pages when she came across the following codE. What is the purpose of this code?

  

  A. This JavaScript code will use a Web Bug to send information back to another server.

  B. This code snippet will send a message to a server at 192.154.124.55 whenever the "escape" key is pressed.

  C. This code will log all keystrokes.

  D. This bit of JavaScript code will place a specific image on every page of the RSS feed.

  Correct Answer: C

• Question 416:

  Which type of scan does NOT open a full TCP connection?

  A. Stealth Scan

  B. XMAS Scan

  C. Null Scan

  D. FIN Scan

  Correct Answer: A

• Question 417:

  Which of the following statement correctly defines ICMP Flood Attack? (Select 2 answers) A. Bogus ECHO reply packets are flooded on the network spoofing the IP and MAC address

  

  B. The ICMP packets signal the victim system to reply and the combination of traffic saturates the bandwidth of the victim's network

  C. ECHO packets are flooded on the network saturating the bandwidth of the subnet causing denial of service

  D. A DDoS ICMP flood attack occurs when the zombies send large volumes of ICMP_ECHO_REPLY packets to the victim system.

  Correct Answer: BD

• Question 418:

  Bob has set up three web servers on Windows Server 2008 IIS 7.0. Bob has followed all the recommendations for securing the operating system and IIS. These servers are going to run numerous e-commerce websites that are projected to bring in thousands of dollars a day. Bob is still concerned about the security of these servers because of the potential for financial loss. Bob has asked his company's firewall administrator to set the firewall to inspect all incoming traffic on ports 80 and 443 to ensure that no malicious data is getting into the network.

  Why will this not be possible?

  A. Firewalls cannot inspect traffic coming through port 443

  B. Firewalls can only inspect outbound traffic

  C. Firewalls cannot inspect traffic at all, they can only block or allow certain ports

  D. Firewalls cannot inspect traffic coming through port 80

  Correct Answer: C

• Question 419:

  Which of the following tool would be considered as Signature Integrity Verifier (SIV)?

  A. Nmap

  B. SNORT

  C. VirusSCAN

  D. Tripwire

  Correct Answer: D

• Question 420:

  Attackers footprint target Websites using Google Hacking techniques. Google hacking is a term that refers to the art of creating complex search engine queries. It detects websites that are vulnerable to numerous exploits and vulnerabilities. Google operators are used to locate specific strings of text within the search results.

  The configuration file contains both a username and a password for an SQL database. Most sites with forums run a PHP message base. This file gives you the keys to that forum, including FULL ADMIN access to the database. WordPress uses config.php that stores the database Username and Password. Which of the below Google search string brings up sites with "config.php" files?

  A. Search:index config/php

  B. Wordpress:index config.php

  C. intitle:index.of config.php

  D. Config.php:index list

  Correct Answer: C