Top EC-Council 312-50v10 rapidshare Choices

Q4. Which regulation defines security and privacy controls for Federal information systems and organizations?

A. HIPAA

B. EU Safe Harbor

C. PCI-DSS

D. NIST-800-53

Q5. What is the least important information when you analyze a public IP address in a security alert?

A. ARP

B. Whois

C. DNS

D. Geolocation

Q6. ........is an attack type for a rogue Wi-Fi access point that appears to be a legitimate one offered on the premises, but actually has been set up to eavesdrop on wireless communications. It is the wireless version of the phishing scam. An attacker fools wireless users into connecting a laptop or mobile phone to a tainted hotspot by posing as a legitimate provider. This type of attack may be used to steal the passwords of unsuspecting users by either snooping the communication link or by phishing, which involves setting up a fraudulent web site and luring people there.

Fill in the blank with appropriate choice.

A. Evil Twin Attack

B. Sinkhole Attack

C. Collision Attack

D. Signal Jamming Attack

Q7. Code injection is a form of attack in which a malicious user:

A. Inserts text into a data field that gets interpreted as code

B. Gets the server to execute arbitrary code using a buffer overflow

C. Inserts additional code into the JavaScript running in the browser

D. Gains access to the codebase on the server and inserts new code

Q8. Bob, your senior colleague, has sent you a mail regarding aa deal with one of the clients. You are requested to accept the offer and you oblige.

After 2 days, Bob denies that he had ever sent a mail.

What do you want to u201cknowu201d to prove yourself that it was Bob who had send a mail?

A. Confidentiality

B. Integrity

C. Non-Repudiation

D. Authentication

Q9. You are attempting to run an Nmap port scan on a web server. Which of the following commands would result in a scan of common ports with the least amount of noise in order to evade IDS?

A. nmap u2013A - Pn

B. nmap u2013sP u2013p-65535-T5

C. nmap u2013sT u2013O u2013T0

D. nmap u2013A --host-timeout 99-T1

Q10. You have successfully gained access to a Linux server and would like to ensure that the succeeding outgoing traffic from this server will not be caught by Network-Based Intrusion Detection Systems (NIDS).

What is the best way to evade the NIDS?

A. Out of band signaling

B. Protocol Isolation

C. Encryption

D. Alternate Data Streams

Q11. You need a tool that can do network intrusion prevention and intrusion detection, function as a network sniffer, and record network activity. What tool would you most likely select?

A. Snort

B. Nmap

C. Cain & Abel

D. Nessus

Q12. Which of the following is the BEST way to defend against network sniffing?

A. Restrict Physical Access to Server Rooms hosting Critical Servers

B. Use Static IP Address

C. Using encryption protocols to secure network communications

D. Register all machines MAC Address in a Centralized Database

Q13. In an internal security audit, the white hat hacker gains control over a user account and attempts to acquire access to another account's confidential files and information. How can he achieve this?

A. Privilege Escalation

B. Shoulder-Surfing

C. Hacking Active Directory

D. Port Scanning