EC-COUNCIL 312-50V8 Online Practice Questions and Exam Preparation

EC-COUNCIL 312-50V8 Online Questions & Answers

• Question 561:

  Exhibit:

  ettercap –NCLzs --quiet

  What does the command in the exhibit do in "Ettercap"?

  A. This command will provide you the entire list of hosts in the LAN
  B. This command will check if someone is poisoning you and will report its IP.
  C. This command will detach from console and log all the collected passwords from the network to a file.
  D. This command broadcasts ping to scan the LAN instead of ARP request of all the subnet IPs.
  C. This command will detach from console and log all the collected passwords from the network to a file.

• Question 562:

  What two things will happen if a router receives an ICMP packet, which has a TTL value of 1, and the destination host is several hops away? (Select 2 answers)

  A. The router will discard the packet
  B. The router will decrement the TTL value and forward the packet to the next router on the path to the destination host
  C. The router will send a time exceeded message to the source host
  D. The router will increment the TTL value and forward the packet to the next router on the path to the destination host.
  E. The router will send an ICMP Redirect Message to the source host
  A. The router will discard the packet
  C. The router will send a time exceeded message to the source host

• Question 563:

  An NMAP scan of a server shows port 25 is open. What risk could this pose?

  A. Open printer sharing
  B. Web portal data leak
  C. Clear text authentication
  D. Active mail relay
  D. Active mail relay

• Question 564:

  While performing data validation of web content, a security technician is required to restrict malicious input. Which of the following processes is an efficient way of restricting malicious input?

  A. Validate web content input for query strings.
  B. Validate web content input with scanning tools.
  C. Validate web content input for type,length,and range.
  D. Validate web content input for extraneous queries.
  C. Validate web content input for type,length,and range.

• Question 565:

  One of the most common and the best way of cracking RSA encryption is to begin to derive the two prime numbers, which are used in the RSA PKI mathematical process. If the two numbers p and q are discovered through a _____________ process, then the private key can be derived.

  A. Factorization
  B. Prime Detection
  C. Hashing
  D. Brute-forcing
  A. Factorization

• Question 566:

  What is War Dialing?

  A. War dialing involves the use of a program in conjunction with a modem to penetrate the modem/PBX-based systems
  B. War dialing is a vulnerability scanning technique that penetrates Firewalls
  C. It is a social engineering technique that uses Phone calls to trick victims
  D. Involves IDS Scanning Fragments to bypass Internet filters and stateful Firewalls
  A. War dialing involves the use of a program in conjunction with a modem to penetrate the modem/PBX-based systems

• Question 567:

  Jimmy, an attacker, knows that he can take advantage of poorly designed input validation routines to create or alter SQL commands to gain access to private data or execute commands in the database. What technique does Jimmy use to compromise a database?

  A. Jimmy can submit user input that executes an operating system command to compromise a target system
  B. Jimmy can gain control of system to flood the target system with requests,preventing legitimate users from gaining access
  C. Jimmy can utilize an incorrect configuration that leads to access with higher-than expected privilege of the database
  D. Jimmy can utilize this particular database threat that is an SQL injection technique to penetrate a target system
  D. Jimmy can utilize this particular database threat that is an SQL injection technique to penetrate a target system

• Question 568:

  The following excerpt is taken from a honeyput log. The log captures activities across three days. There are several intrusion attempts; however, a few are successful. Study the log given below and answer the following question:

  (Note: The objective of this questions is to test whether the student has learnt about passive OS fingerprinting (which should tell them the OS from log captures):

  can they tell a SQL injection attack signature; can they infer if a user ID has been created by an attacker and whether they can read plain source ?destination entries from log entries.)

  

  What can you infer from the above log?

  A. The system is a windows system which is being scanned unsuccessfully.
  B. The system is a web application server compromised through SQL injection.
  C. The system has been compromised and backdoored by the attacker.
  D. The actual IP of the successful attacker is 24.9.255.53.
  A. The system is a windows system which is being scanned unsuccessfully.

• Question 569:

  A majority of attacks come from insiders, people who have direct access to a company's computer system as part of their job function or a business relationship. Who is considered an insider?

  A. A competitor to the company because they can directly benefit from the publicity generated by making such an attack
  B. Disgruntled employee,customers,suppliers,vendors,business partners,contractors,temps,and consultants
  C. The CEO of the company because he has access to all of the computer systems
  D. A government agency since they know the company's computer system strengths and weaknesses
  B. Disgruntled employee,customers,suppliers,vendors,business partners,contractors,temps,and consultants

• Question 570:

  If an e-commerce site was put into a live environment and the programmers failed to remove the secret entry point that was used during the application development, what is this secret entry point known as?

  A. SDLC process
  B. Honey pot
  C. SQL injection
  D. Trap door
  D. Trap door