What is the most common method to exploit the "Bash Bug" or ShellShock" vulnerability?
A. SSH
B. SYN Flood
C. Manipulate format strings in text fields
D. Through Web servers utilizing CGI (CommonGateway Interface) to send a malformed environment variable to a vulnerable Web server
Which of the following is considered the best way to prevent Personally Identifiable Information (PII) from web application vulnerabilities?
A. Use encrypted communications protocols to transmit PII
B. Use full disk encryption on all hard drives to protect PII
C. Use cryptographic storage to store all PII
D. Use a security token to log onto into all Web application that use PII
The "white box testing" methodology enforces what kind of restriction?
A. The internal operation of a system is completely known to the tester.
B. Only the internal operation of a system is known to the tester.
C. Only the external operation of a system is accessible to the tester.
D. The internal operation of a system is only partly accessible to the tester.
It is a kind of malware (malicious software) that criminals install on your computer so they can lock it from a remote location. This malware generates a pop-up windows, webpage,or email warning from what looks like an officialauthority. It explains your computer has been locked because of possible illegal activities and demands payment before you can access your files and programs again.
Which term best matches this definition?
A. Spyware
B. Adware
C. Ransomware
D. Riskware
Which of the following tools performs comprehensive tests against web servers, including dangerous files and CGI's?
A. Snort
B. Dsniff
C. Nikto
D. John the Ripper
Risk = Threats x Vulnerabilities is referred to as the:
A. Threat assessment
B. Disaster recovery formula
C. BIA equation
D. Risk equation
Which of the following tools is used to detect wireless LANs using the 802.11a/b/g/n WLAN standards on a linux platform?
A. Kismet
B. Netstumbler
C. Abel
D. Nessus
You are tasked to perform a penetration test. While you are performinginformation gathering, you find ab employee list in Google. You find receptionist's email, and you send her an email changing the source email to her boss's email ( boss@company ). In this email, you ask for a pdf with information. She reads your email and sends back a pdf with links. You exchange the pdf links with your malicious links (these links contain malware) and send back the modified pdf, saying that the links don't work. She reads your email, opens the links, and her machine gets infected.
What testing method did you use?
A. Piggybacking
B. Tailgating
C. Evesdropping
D. Social engineering
To maintain compliance with regulatory requirements, a security audit of the systems on a network must be performed to determine their compliance with security policies. Which one of the following tools would most likely be used in such as audit?
A. Port scanner
B. Protocol analyzer
C. Vulnerability scanner
D. Intrusion Detection System
Which mode of IPSec should you use to assure security and confidentiality of data within the same LAN?
A. ESP confidential
B. AH Tunnel mode
C. ESP transport mode
D. AH permiscuous
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-50V8 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.