EC-COUNCIL 312-50V8 Online Practice Questions and Exam Preparation

EC-COUNCIL 312-50V8 Online Questions & Answers

• Question 341:

  What does an ICMP (Code 13) message normally indicates?

  A. It indicates that the destination host is unreachable
  B. It indicates to the host that the datagram which triggered the source quench message will need to be re-sent
  C. It indicates that the packet has been administratively dropped in transit
  D. It is a request to the host to cut back the rate at which it is sending traffic to the Internet destination
  C. It indicates that the packet has been administratively dropped in transit

• Question 342:

  Which of the followingtypes of firewalls ensures that the packets are part of the established session?

  A. Switch-level firewall
  B. Stateful inspection firewall
  C. Application-level firewall
  D. Circuit-level firewall
  B. Stateful inspection firewall

• Question 343:

  Simon is security analyst writing signatures for a Snort node he placed internally that captures all mirrored traffic from his border firewall. From the following signature, what will Snort look for in the payload of the suspected packets? alert tcp $EXTERNAL_NET any -> $HOME_NET 27374 (msG. "BACKDOOR SIG - SubSseven 22";flags: A+; content: "|0d0a5b52504c5d3030320d0a|"; reference:arachnids, 485;) alert

  A. The payload of 485 is what this Snort signature will look for.
  B. Snort will look for 0d0a5b52504c5d3030320d0a in the payload.
  C. Packets that contain the payload of BACKDOOR SIG - SubSseven 22 will be flagged.
  D. From this snort signature,packets with HOME_NET 27374 in the payload will be flagged.
  B. Snort will look for 0d0a5b52504c5d3030320d0a in the payload.

• Question 344:

  Samuel is the network administrator of DataX Communications, Inc. He is trying to configure his firewall to block password brute force attempts on his network. He enables blocking the intruder's IP address for a period of 24 hours' time after more than three unsuccessful attempts. He is confident that this rule will secure his network from hackers on the Internet.

  But he still receives hundreds of thousands brute-force attempts generated from various IP addresses around the world. After some investigation he realizes that the intruders are using a proxy somewhere else on the Internet which has been scripted to enable the random usage of various proxies on each request so as not to get caught by the firewall rule.

  Later he adds another rule to his firewall and enables small sleep on the password attempt so that if the password is incorrect, it would take 45 seconds to return to the user to begin another attempt. Since an intruder may use multiple machines to brute force the password, he also throttles the number of connections that will be prepared to accept from a particular IP address. This action will slow the intruder's attempts.

  Samuel wants to completely block hackers brute force attempts on his network.

  What are the alternatives to defending against possible brute-force password attacks on his site?

  A. Enforce a password policy and use account lockouts after three wrong logon attempts even though this might lock out legit users
  B. Enable the IDS to monitor the intrusion attempts and alert you by e-mail about the IP address of the intruder so that you can block them at the Firewall manually
  C. Enforce complex password policy on your network so that passwords are more difficult to brute force
  D. You cannot completely block the intruders attempt if they constantly switch proxies
  D. You cannot completely block the intruders attempt if they constantly switch proxies

• Question 345:

  In Trojan terminology, what is required to create the executable file chess.exe as shown below?

  

  A. Mixer
  B. Converter
  C. Wrapper
  D. Zipper
  C. Wrapper

• Question 346:

  What does black box testing mean?

  A. You have full knowledge of the environment
  B. You have no knowledge of the environment
  C. You have partial knowledge of the environment
  B. You have no knowledge of the environment

• Question 347:

  Which of the following incident handling process phases is responsible for defining rules, creating a back-up plan, and testing the plans for an enterprise?

  A. Preparation phase
  B. Recovery phase
  C. Identification phase
  D. Containment phase
  A. Preparation phase

• Question 348:

  Kevin is an IT security analyst working for Emerson Time Makers, a watch manufacturing company in Miami. Kevin and his girlfriend Katy recently broke up after a big fight. Kevin believes that she was seeing another person. Kevin, who has

  an online email account that he uses for most of his mail, knows that Katy has an account with that same company.

  Kevin logs into his email account online and gets the following URL after successfully logged in: http://www.youremailhere.com/mail.asp? mailbox=KevinandSmith=121%22 Kevin changes the URL to:

  http://www.youremailhere.com/mail.asp?mailbox=KatyandSanchez=121%22 Kevin is trying to access her email account to see if he can find out any information.

  What is Kevin attempting here to gain access to Katy's mailbox?

  A. This type of attempt is called URL obfuscation when someone manually changes a URL to try and gain unauthorized access
  B. By changing the mailbox's name in the URL,Kevin is attempting directory transversal
  C. Kevin is trying to utilize query string manipulation to gain access to her email account
  D. He is attempting a path-string attack to gain access to her mailbox
  C. Kevin is trying to utilize query string manipulation to gain access to her email account

• Question 349:

  Jake works as a system administrator at Acme Corp. Jason, an accountant of the firm befriends him at the canteen and tags along with him on the pretext of appraising him about potential tax benefits. Jason waits for Jake to swipe his access card and follows him through the open door into the secure systems area.

  How would you describe Jason's behavior within a security context?

  A. Smooth Talking
  B. Swipe Gating
  C. Tailgating
  D. Trailing
  C. Tailgating

• Question 350:

  Which Steganography technique uses Whitespace to hide secret messages?

  A. snow
  B. beetle
  C. magnet
  D. cat
  A. snow