EC-COUNCIL 312-50V8 Online Practice Questions and Exam Preparation

EC-COUNCIL 312-50V8 Online Questions & Answers

• Question 211:

  A consultant is hired to do physical penetration testing at a large financial company. In the first day of his assessment, the consultant goes to the company`s building dressed like an electrician and waits in the lobby for an employee to pass through the main access gate, then the consultant follows the employee behind to get into the restricted area.

  Which type of attack did the consultant perform?

  A. Man trap
  B. Tailgating
  C. Shoulder surfing
  D. Social engineering
  B. Tailgating

• Question 212:

  Which of the following are password cracking tools? (Choose three.)

  A. BTCrack
  B. John the Ripper
  C. KerbCrack
  D. Nikto
  E. Cain and Abel
  F. Havij
  B. John the Ripper
  C. KerbCrack
  E. Cain and Abel

• Question 213:

  Which command line switch would be used in NMAP to perform operating system detection?

  A. -OS
  B. -sO
  C. -sP
  D. -O
  D. -O

• Question 214:

  In which part of OSI layer, ARP Poisoning occurs?

  

  A. Transport Layer
  B. Datalink Layer
  C. Physical Layer
  D. Application layer
  B. Datalink Layer

• Question 215:

  Use the traceroute results shown above to answer the following question:

  

  The perimeter security at targetcorp.com does not permit ICMP TTL-expired packets out.

  A. True
  B. False
  A. True

• Question 216:

  Snort is an open source Intrusion Detection system. However, it can also be used for a few other purposes as well. Which of the choices below indicate the other features offered by Snort?

  A. IDS,Packet Logger,Sniffer
  B. IDS,Firewall,Sniffer
  C. IDS,Sniffer,Proxy
  D. IDS,Sniffer,content inspector
  A. IDS,Packet Logger,Sniffer

• Question 217:

  Which is the Novell Netware Packet signature level used to sign all packets ?

  B. 1
  C. 2
  D. 3
  D. 3

• Question 218:

  A Regional bank hires your company to perform a security assessment on their network after a recent data breach. The attacker was able to steal financial data from the bank by compromising only a single server. Based on this information, what should be one of your key recommendations to the bank?

  A. Move the financial data to another server on the same IP subnet
  B. Place a front-end web server in a demilitarized zone that only handles external web traffic
  C. Issue new certificates to the web servers from the root certificate authority
  D. Require all employees to change their passwords immediately
  A. Move the financial data to another server on the same IP subnet

• Question 219:

  An Internet Service Provider (ISP) has a need to authenticate users connecting using analog modems, digital Subscriber Line (DSL), wireless data services, and virtual Private Networks (VPN) over a Frame Relay network. Which AAA protocol is most likely able to handle this requirement?

  A. DIAMETER
  B. Kerberos
  C. RADIUS
  D. TACACS+
  D. TACACS+

• Question 220:

  A distributed port scan operates by:

  A. Blocking access to the scanning clients by the targeted host
  B. Using denial-of-service software against a range of TCP ports
  C. Blocking access to the targeted host by each of the distributed scanning clients
  D. Having multiple computers each scan a small number of ports,then correlating the results
  D. Having multiple computers each scan a small number of ports,then correlating the results