The practical realities facing organizations today make risk response strategies essential. Which of the following is NOT one of the five basic responses to risk?
A. Accept
B. Mitigate
C. Delegate
D. Avoid
A company recently hired your team of Ethical Hackers to test the security of their network systems. The
company wants to have the attack be as realistic as possible. They did not provide any information besides
the name of their company.
What phase of security testing would your team jump in right away?
A. Scanning
B. Reconnaissance
C. Escalation
D. Enumeration
TCP/IP stack fingerprinting is the passive collection of configuration attributes from a remote device during standard layer 4 network communications. Which of the following tools can be used for passive OS fingerprinting?
A. nmap
B. ping
C. tracert
D. tcpdump
Matthew received an email with an attachment named "YouWon$10Grand.zip." The zip file contains a file named "HowToClaimYourPrize.docx.exe." Out of excitement and curiosity, Matthew opened the said file. Without his knowledge, the file copies itself to Matthew's APPDATA\IocaI directory and begins to beacon to a Command-and-control server to download additional malicious binaries. What type of malware has Matthew encountered?
A. Key-logger
B. Trojan
C. Worm
D. Macro Virus
It is a short-range wireless communication technology that allows mobile phones, computers and other devices to connect and communicate. This technology intends to replace cables connecting portable devices with high regards to security.
A. Bluetooth
B. Radio-Frequency Identification
C. WLAN
D. InfraRed
Which of the following is an NMAP script that could help detect HTTP Methods such as GET, POST, HEAD, PUT, DELETE, TRACE?
A. http-git
B. http-headers
C. http enum
D. http-methods
Which of the following is the most important phase of ethical hacking wherein you need to spend considerable amount of time?
A. Gaining access
B. Escalating privileges
C. Network mapping
D. Footprinting
One of the Forbes 500 companies has been subjected to a large scale attack. You are one of the shortlisted pen testers that they may hire. During the interview with the CIO, he emphasized that he wants to totally eliminate all risks. What is one of the first things you should do when hired?
A. Interview all employees in the company to rule out possible insider threats.
B. Establish attribution to suspected attackers.
C. Explain to the CIO that you cannot eliminate all risk, but you will be able to reduce risk to acceptable levels.
D. Start the Wireshark application to start sniffing network traffic.
Which of the following security policies defines the use of VPN for gaining access to an internal corporate network?
A. Network security policy
B. Remote access policy
C. Information protection policy
D. Access control policy
It has been reported to you that someone has caused an information spillage on their computer. You go to the computer, disconnect it from the network, remove the keyboard and mouse, and power it down. What step in incident handling did you just complete?
A. Containment
B. Eradication
C. Recovery
D. Discovery
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-50V9 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.