EC-COUNCIL 312-50V8 Online Practice Questions and Exam Preparation

EC-COUNCIL 312-50V8 Online Questions & Answers

• Question 161:

  Which of the following open source tools would be the best choice to scan a network for potential targets?

  A. NMAP
  B. NIKTO
  C. CAIN
  D. John the Ripper
  A. NMAP

• Question 162:

  What do you call a system where users need to remember only one username and password, and be authenticated for multiple services?

  A. Simple Sign-on
  B. Unique Sign-on
  C. Single Sign-on
  D. Digital Certificate
  C. Single Sign-on

• Question 163:

  Which of the following Netcat commands would be used to perform a UDP scan of the lower 1024 ports?

  A. Netcat -h -U
  B. Netcat -hU
  C. Netcat -sU -p 1-1024
  D. Netcat -u -v -w2 1-1024
  E. Netcat -sS -O target/1024
  D. Netcat -u -v -w2 1-1024

• Question 164:

  Which of the following encryption is NOT based on block cipher?

  A. DES
  B. Blowfish
  C. AES (Rijndael)
  D. RC4
  D. RC4

• Question 165:

  Which of the following is considered the best way to prevent Personally Identifiable Information (PII) from web application vulnerabilities?

  A. Use encrypted communications protocols to transmit PII
  B. Use full disk encryption on all hard drives to protect PII
  C. Use cryptographic storage to store all PII
  D. Use a security token to log onto into all Web application that use PII
  A. Use encrypted communications protocols to transmit PII

• Question 166:

  Why do you need to capture five to ten million packets in order to crack WEP with AirSnort?

  A. All IVs are vulnerable to attack
  B. Air Snort uses a cache of packets
  C. Air Snort implements the FMS attack and only encrypted packets are counted
  D. A majority of weak IVs transmitted by access points and wireless cards are not filtered by contemporary wireless manufacturers
  C. Air Snort implements the FMS attack and only encrypted packets are counted

• Question 167:

  Smart cards use which protocol to transfer the certificate in a secure manner?

  A. Extensible Authentication Protocol (EAP)
  B. Point to Point Protocol (PPP)
  C. Point to Point Tunneling Protocol (PPTP)
  D. Layer 2 Tunneling Protocol (L2TP)
  A. Extensible Authentication Protocol (EAP)

• Question 168:

  Attackers target HINFO record types stored on a DNS server to enumerate information.

  These are information records and potential source for reconnaissance. A network administrator has the option of entering host information specifically the CPU type and operating system when creating a new DNS record. An attacker can

  extract this type of information easily from a DNS server.

  Which of the following commands extracts the HINFO record?

  

  A. Option A
  B. Option B
  C. Option C
  D. Option D
  A. Option A

• Question 169:

  Which of the following is optimized for confidential communications, such as bidirectional voice and video?

  A. RC4
  B. RC5
  C. MD4
  D. MD5
  A. RC4

• Question 170:

  SYN Flood is a DOS attack in which an attacker deliberately violates the three-way handshake and opens a large number of half-open TCP connections. The signature of attack for SYN Flood contains:

  A. The source and destination address having the same value
  B. A large number of SYN packets appearing on a network without the corresponding reply packets
  C. The source and destination port numbers having the same value
  D. A large number of SYN packets appearing on a network with the corresponding reply packets
  B. A large number of SYN packets appearing on a network without the corresponding reply packets