EC-COUNCIL 312-50V8 Online Practice Questions and Exam Preparation

EC-COUNCIL 312-50V8 Online Questions & Answers

• Question 471:

  Neil is closely monitoring his firewall rules and logs on a regular basis. Some of the users have complained to Neil that there are a few employees who are visiting offensive web site during work hours, without any consideration for others. Neil knows that he has an up-to-date content filtering system and such access should not be authorized.

  What type of technique might be used by these offenders to access the Internet without restriction?

  A. They are using UDP that is always authorized at the firewall
  B. They are using HTTP tunneling software that allows them to communicate with protocols in a way it was not intended
  C. They have been able to compromise the firewall,modify the rules,and give themselves proper access
  D. They are using an older version of Internet Explorer that allow them to bypass the proxy server
  B. They are using HTTP tunneling software that allows them to communicate with protocols in a way it was not intended

• Question 472:

  Exhibit

  

  Study the log given in the exhibit,

  Precautionary measures to prevent this attack would include writing firewall rules. Of these firewall rules, which among the following would be appropriate?

  A. Disallow UDP 53 in from outside to DNS server
  B. Allow UDP 53 in from DNS server to outside
  C. Disallow TCP 53 in form secondaries or ISP server to DNS server
  D. Block all UDP traffic
  B. Allow UDP 53 in from DNS server to outside

• Question 473:

  You have successfully gained access to a victim's computer using Windows 2003 Server SMB Vulnerability. Which command will you run to disable auditing from the cmd?

  A. stoplog stoplog ?
  B. EnterPol /nolog
  C. EventViewer o service
  D. auditpol.exe /disable
  D. auditpol.exe /disable

• Question 474:

  Anonymizer sites access the Internet on your behalf, protecting your personal information from disclosure. An anonymizer protects all of your computer's identifying information while it surfs for you, enabling you to remain at least one step removed from the sites you visit.

  You can visit Web sites without allowing anyone to gather information on sites visited by you. Services that provide anonymity disable pop-up windows and cookies, and conceal visitor's IP address.

  These services typically use a proxy server to process each HTTP request. When the user requests a Web page by clicking a hyperlink or typing a URL into their browser, the service

  retrieves and displays the information using its own server. The remote server (where the requested Web page resides) receives information on the anonymous Web surfing service in place of your information.

  In which situations would you want to use anonymizer? (Select 3 answers)

  A. Increase your Web browsing bandwidth speed by using Anonymizer
  B. To protect your privacy and Identity on the Internet
  C. To bypass blocking applications that would prevent access to Web sites or parts of sites that you want to visit.
  D. Post negative entries in blogs without revealing your IP identity
  B. To protect your privacy and Identity on the Internet
  C. To bypass blocking applications that would prevent access to Web sites or parts of sites that you want to visit.
  D. Post negative entries in blogs without revealing your IP identity

• Question 475:

  In an attempt to secure his wireless network, Bob turns off broadcasting of the SSID. He concludes that since his access points require the client computer to have the proper SSID, it would prevent others from connecting to the wireless network. Unfortunately unauthorized users are still able to connect to the wireless network.

  Why do you think this is possible?

  A. Bob forgot to turn off DHCP.
  B. All access points are shipped with a default SSID.
  C. The SSID is still sent inside both client and AP packets.
  D. Bob's solution only works in ad-hoc mode.
  B. All access points are shipped with a default SSID.

• Question 476:

  Matthew re-injects a captured wireless packet back onto the network. He does this hundreds of times within a second. The packet is correctly encrypted and Matthew assumes it is an ARP request packet. The wireless host responds with a stream of responses, all individually encrypted with different IVs.

  What is this attack most appropriately called?

  A. Spoof attack
  B. Replay attack
  C. Injection attack
  D. Rebound attack
  B. Replay attack

• Question 477:

  If you send a SYN to an open port, what is the correct response?(Choose all correct answers.)

  A. SYN
  B. ACK
  C. FIN
  D. PSH
  A. SYN
  B. ACK

• Question 478:

  If you come across a sheepdip machine at your client's site, what should you do?

  A. A sheepdip computer is used only for virus-checking.
  B. A sheepdip computer is another name for a honeypot
  C. A sheepdip coordinates several honeypots.
  D. A sheepdip computers defers a denial of service attack.
  A. A sheepdip computer is used only for virus-checking.

• Question 479:

  You perform the above traceroute and notice that hops 19 and 20 both show the same IP address.

  

  This probably indicates what?

  A. A host based IDS
  B. A Honeypot
  C. A stateful inspection firewall
  D. An application proxying firewall
  C. A stateful inspection firewall

• Question 480:

  You work as security technician at XYZ.com. While doing web application testing, you might be required to look through multiple web pages online which can take a long time. Which of the processes listed below would be a more efficient way of doing this type of validation?

  A. Use mget to download all pages locally for further inspection.
  B. Use wget to download all pages locally for further inspection.
  C. Use get* to download all pages locally for further inspection.
  D. Use get() to download all pages locally for further inspection.
  B. Use wget to download all pages locally for further inspection.