A Regional bank hires your company to perform a security assessment on their network after a recent data breach. The attacker was able to steal financial data from the bank by compromising only a single server.
Based on this information, what should be one of your key recommendations to the bank?
A. Move the financial data to another server on the same IP subnet
B. Place a front-end web server in a demilitarized zone that only handles external web traffic
C. Issue new certificates to the web servers from the root certificate authority
D. Require all employees to change their passwords immediately
You are usingNMAP to resolve domain names into IP addresses for a ping sweep later. Which of the following commands looks for IP addresses?
A. >host -t ns hackeddomain.com
B. >host -t AXFR hackeddomain.com
C. >host -t soa hackeddomain.com
D. >host -t a hackeddomain.com
An incident investigator asks to receive a copy of the event from all firewalls, prosy servers, and Intrusion Detection Systems (IDS) on the network of an organization that has experienced a possible breach of security. When the investigator attempts to correlate the information in all of the logs the sequence of many of the logged events do not match up.
What is the most likely cause?
A. The network devices are not all synchronized
B. The securitybreach was a false positive.
C. The attack altered or erased events from the logs.
D. Proper chain of custody was not observed while collecting the logs.
What is the benefit of performing an unannounced Penetration Testing?
A. The tester will have an actual security posture visibility of thetarget network.
B. The tester could not provide an honest analysis.
C. Network security would be in a "best state" posture.
D. It is best to catch critical infrastructure unpatched.
During a recent security assessment, you discover the organization has one Domain Name Server (DNS) in a Demilitarized Zone (DMZ) and a second DNS server on the internal Network.
What is this type of DNS configuration commonly called?
A. DNS Scheme
B. DynDNS
C. Split DNS
D. DNSSEC
You have compromised a server and successfully gained a root access. You want to pivot and pass traffic undetected over the network and evade any possible Intrusion Detection System.
What is the best approach?
A. Install and use Telnet to encrypt all outgoing traffic from this server.
B. Install Cryptcat and encrypt outgoing packets from this server
C. Use Alternate Data Streams to hide the outgoing packets from this server.
D. Use HTTP so that all traffic can be routed via a browser, thus evading the internal Intrusion Detection Systems.
You've gained physical access to a Windows 2008 R2 server which has as accessible disc drive. When you attempt to boot the server and log in, you are unable to guess the password. In your tool kit you have an Ubuntu 9.10 Linux LiveCD.Which Linux tool has the ability to change any user's password or to activate disabled Windows Accounts?
A. John the Ripper
B. CHNTPW
C. Cain and Abel
D. SET
A network administrator discovers several unknown files in the root directory of his Linux FTP server. One of the files is a tarball, two are shallscript files, and the third is a binary file is named "nc." The FTP server's access logs show that the anonymous user account logged in the server, uploaded the files, and extracted the contents of the tarball and ran the script using a function providedby the FTP server's software. The ps command shows that the nc file is running as process, and the netstat command shows the nc process is listening on a network port.
Which kind of vulnerability must be present to make this remote attack possible?
A. Filesystem permissions
B. Brute Force Login
C. Privilege Escalation
D. Directory Traversal
Your company was hired by a small healthcare provider to perform a technical assessment on the network. What is the best approach for discovering vulnerabilities on a Windows-based computer?
A. Use the built-in Windows Update tool
B. Create a disk imageof a clean Windows installation
C. Check MITRE.org for the latest list of CVE findings
D. Used a scan tool like Nessus
A company's Web development team has become aware ofa certain type of security vulnerability in their Web software. To mitigate the possibility of this vulnerability being exploited, the team wants to modify the software requirements to disallow users from entering HTML as input into their Web application.
What kind of web application vulnerability likely exists in their software?
A. Web site defacement vulnerability
B. SQL injection vulnerability
C. Cross-site Scripting vulnerability
D. Cross-site Request Forgery vulnerability
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-50V8 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.