EC-COUNCIL 312-50V8 Online Practice Questions and Exam Preparation

EC-COUNCIL 312-50V8 Online Questions & Answers

• Question 601:

  Rebecca is a security analyst and knows of a local root exploit that has the ability to enable local users to use available exploits to gain root privileges. This vulnerability exploits a condition in the Linux kernel within the execve() system call. There is no known workaround that exists for this vulnerability.

  What is the correct action to be taken by Rebecca in this situation as a recommendation to management?

  A. Rebecca should make a recommendation to disable the() system call
  B. Rebecca should make a recommendation to upgrade the Linux kernel promptly
  C. Rebecca should make a recommendation to set all child-process to sleep within the execve()
  D. Rebecca should make a recommendation to hire more system administrators to monitor all child processes to ensure that each child process can't elevate privilege
  B. Rebecca should make a recommendation to upgrade the Linux kernel promptly

• Question 602:

  Which of the following is a protocol specifically designed for transporting event messages?

  A. SMS
  B. SNMP
  C. SYSLOG
  D. ICMP
  C. SYSLOG

• Question 603:

  Your team has won a contract to infiltrate an organization. The company wants to have the attack be a realistic as possible; therefore, they did not provide any information besides the company name. What should be thefirst step in security testing the client?

  A. Scanning
  B. Escalation
  C. Enumeration
  D. Reconnaissance
  D. Reconnaissance

• Question 604:

  Bob has set up three web servers on Windows Server 2008 IIS 7.0. Bob has followed all the recommendations for securing the operating system and IIS. These servers are going to run numerous e-commerce websites that are projected to bring in thousands of dollars a day. Bob is still concerned about the security of these servers because of the potential for financial loss. Bob has asked his company's firewall administrator to set the firewall to inspect all incoming traffic on ports 80 and 443 to ensure that no malicious data is getting into the network.

  Why will this not be possible?

  A. Firewalls cannot inspect traffic coming through port 443
  B. Firewalls can only inspect outbound traffic
  C. Firewalls cannot inspect traffic at all,they can only block or allow certain ports
  D. Firewalls cannot inspect traffic coming through port 80
  C. Firewalls cannot inspect traffic at all,they can only block or allow certain ports

• Question 605:

  Exhibit:

  

  You are conducting pen-test against a company's website using SQL Injection techniques.

  You enter "anuthing or 1=1-" in the username filed of an authentication form. This is the output returned from the server.

  What is the next step you should do?

  A. Identify the user context of the web application by running_ http://www.example.com/order/include_rsa_asp?pressReleaseID=5 AND USER_NAME() = `dbo'
  B. Identify the database and table name by running: http://www.example.com/order/include_rsa.asp?pressReleaseID=5 AND ascii(lower(substring((SELECT TOP 1 name FROM sysobjects WHERE xtype='U'),1))) > 109
  C. Format the C: drive and delete the database by running: http://www.example.com/order/include_rsa.asp?pressReleaseID=5 AND xp_cmdshell `format c: /q /yes `; drop database myDB; -
  D. Reboot the web server by running: http://www.example.com/order/include_rsa.asp?pressReleaseID=5 AND xp_cmdshell `iisreset eboot'; -
  A. Identify the user context of the web application by running_ http://www.example.com/order/include_rsa_asp?pressReleaseID=5 AND USER_NAME() = `dbo'

• Question 606:

  The fundamental difference between symmetric and asymmetric key cryptographic systems is that symmetric key cryptography uses which of the following?

  A. Multiple keys for non-repudiation of bulk data
  B. Different keys on both ends of the transport medium
  C. Bulk encryption for data transmission over fiber
  D. The same key on each end of the transmission medium
  D. The same key on each end of the transmission medium

• Question 607:

  Tess King is making use of Digest Authentication for her Web site. Why is this considered to be more secure than Basic authentication?

  A. Basic authentication is broken
  B. The password is never sent in clear text over the network
  C. The password sent in clear text over the network is never reused.
  D. It is based on Kerberos authentication protocol
  B. The password is never sent in clear text over the network

• Question 608:

  A pentester is using Metasploit to exploit an FTP server and pivot to a LAN. How will the pentester pivot using Metasploit?

  A. Issue the pivot exploit and set the meterpreter.
  B. Reconfigure the network settings in the meterpreter.
  C. Set the payload to propagate through the meterpreter.
  D. Create a route statement in the meterpreter.
  D. Create a route statement in the meterpreter.

• Question 609:

  Which of the following items of a computer system will an anti-virus program scan for viruses?

  A. Boot Sector
  B. Deleted Files
  C. Windows Process List
  D. Password Protected Files
  A. Boot Sector

• Question 610:

  You have compromised a server and successfully gained a root access. You want to pivot and pass traffic undetected over the network and evade any possible Intrusion Detection System. What is the best approach?

  A. Install and use Telnet to encrypt all outgoing traffic from this server.
  B. Install Cryptcat and encrypt outgoing packets from this server
  C. Use Alternate Data Streams to hide the outgoing packets from this server.
  D. Use HTTP so that all traffic can be routed via a browser, thus evading the internal Intrusion Detection Systems.
  A. Install and use Telnet to encrypt all outgoing traffic from this server.