Free EC-Council 312-50v11 Free Exam Online

NEW QUESTION 1
This TCP flag instructs the sending system to transmit all buffered data immediately.

• A. SYN
• B. RST
• C. PSH
• D. URG
• E. FIN

Answer: C

NEW QUESTION 2
Which service in a PKI will vouch for the identity of an individual or company?

• A. KDC
• B. CR
• C. CBC
• D. CA

Answer: D

NEW QUESTION 3
When you are getting information about a web server, it is very important to know the HTTP Methods (GET, POST, HEAD, PUT, DELETE, TRACE) that are available because there are two critical methods (PUT and DELETE). PUT can upload a file to the server and DELETE can delete a file from the server. You can detect all these methods (GET, POST, HEAD, DELETE, PUT, TRACE) using NMAP script engine. What Nmap script will help you with this task?

• A. http-methods
• B. http enum
• C. http-headers
• D. http-git

Answer: A

NEW QUESTION 4
Eve is spending her day scanning the library computers. She notices that Alice is using a computer whose port 445 is active and listening. Eve uses the ENUM tool to enumerate Alice machine. From the command prompt, she types the following command.

What is Eve trying to do?

• A. Eve is trying to connect as a user with Administrator privileges
• B. Eve is trying to enumerate all users with Administrative privileges
• C. Eve is trying to carry out a password crack for user Administrator
• D. Eve is trying to escalate privilege of the null user to that of Administrator

Answer: C

NEW QUESTION 5
What is the purpose of DNS AAAA record?

• A. Authorization, Authentication and Auditing record
• B. Address prefix record
• C. Address database record
• D. IPv6 address resolution record

Answer: D

NEW QUESTION 6
You need to deploy a new web-based software package for your organization. The package requires three separate servers and needs to be available on the Internet. What is the recommended architecture in terms of server placement?

• A. All three servers need to be placed internally
• B. A web server facing the Internet, an application server on the internal network, a database server on the internal network
• C. A web server and the database server facing the Internet, an application server on the internal network
• D. All three servers need to face the Internet so that they can communicate between themselves

Answer: B

NEW QUESTION 7
This is an attack that takes advantage of a web site vulnerability in which the site displays content that includes un-sanitized user-provided data.

What is this attack?

• A. Cross-site-scripting attack
• B. SQL Injection
• C. URL Traversal attack
• D. Buffer Overflow attack

Answer: A

NEW QUESTION 8
Todd has been asked by the security officer to purchase a counter-based authentication system. Which of the following best describes this type of system?

• A. A biometric system that bases authentication decisions on behavioral attributes.
• B. A biometric system that bases authentication decisions on physical attributes.
• C. An authentication system that creates one-time passwords that are encrypted with secret keys.
• D. An authentication system that uses passphrases that are converted into virtual passwords.

Answer: C

NEW QUESTION 9
When analyzing the IDS logs, the system administrator noticed an alert was logged when the external router was accessed from the administrator’s Computer to update the router configuration. What type of an alert is this?

• A. False negative
• B. True negative
• C. True positive
• D. False positive

Answer: D

NEW QUESTION 10
You are a Network Security Officer. You have two machines. The first machine (192.168.0.99) has snort installed, and the second machine (192.168.0.150) has kiwi syslog installed. You perform a syn scan in your network, and you notice that kiwi syslog is not receiving the alert message from snort. You decide to run wireshark in the snort machine to check if the messages are going to the kiwi syslog machine. What Wireshark filter will show the connections from the snort machine to kiwi syslog machine?

• A. tcp.srcport= = 514 && ip.src= = 192.168.0.99
• B. tcp.srcport= = 514 && ip.src= = 192.168.150
• C. tcp.dstport= = 514 && ip.dst= = 192.168.0.99
• D. tcp.dstport= = 514 && ip.dst= = 192.168.0.150

Answer: D

NEW QUESTION 11
Bob received this text message on his mobile phone: “Hello, this is Scott Smelby from the Yahoo Bank. Kindly contact me for a vital transaction on: scottsmelby@yahoo.com”. Which statement below is true?

• A. This is a scam as everybody can get a @yahoo address, not the Yahoo customer service employees.
• B. This is a scam because Bob does not know Scott.
• C. Bob should write to scottmelby@yahoo.com to verify the identity of Scott.
• D. This is probably a legitimate message as it comes from a respectable organization.

Answer: A

NEW QUESTION 12
What term describes the amount of risk that remains after the vulnerabilities are classified and the countermeasures have been deployed?

• A. Residual risk
• B. Impact risk
• C. Deferred risk
• D. Inherent risk

Answer: A

NEW QUESTION 13
The collection of potentially actionable, overt, and publicly available information is known as

• A. Open-source intelligence
• B. Real intelligence
• C. Social intelligence
• D. Human intelligence

Answer: A

NEW QUESTION 14
What kind of detection techniques is being used in antivirus software that identifies malware by collecting data from multiple protected systems and instead of analyzing files locally it’s made on the provider’s environment?

• A. Behavioral based
• B. Heuristics based
• C. Honeypot based
• D. Cloud based

Answer: D

NEW QUESTION 15
What is the minimum number of network connections in a multihomed firewall?

• A. 3
• B. 5
• C. 4
• D. 2

Answer: A

NEW QUESTION 16
You need a tool that can do network intrusion prevention and intrusion detection, function as a network sniffer, and record network activity, what tool would you most likely select?

• A. Nmap
• B. Cain & Abel
• C. Nessus
• D. Snort

Answer: D

NEW QUESTION 17
The Payment Card Industry Data Security Standard (PCI DSS) contains six different categories of control objectives. Each objective contains one or more requirements, which must be followed in order to achieve compliance. Which of the following requirements would best fit under the objective, "Implement strong access control measures"?

• A. Regularly test security systems and processes.
• B. Encrypt transmission of cardholder data across open, public networks.
• C. Assign a unique ID to each person with computer access.
• D. Use and regularly update anti-virus software on all systems commonly affected by malware.

Answer: C

NEW QUESTION 18
ViruXine.W32 virus hides their presence by changing the underlying executable code.
This Virus code mutates while keeping the original algorithm intact, the code changes itself each time it runs, but the function of the code (its semantics) will not change at all.

Here is a section of the Virus code:

What is this technique called?

• A. Polymorphic Virus
• B. Metamorphic Virus
• C. Dravidic Virus
• D. Stealth Virus

Answer: A

NEW QUESTION 19
One of your team members has asked you to analyze the following SOA record.
What is the TTL? Rutgers.edu.SOA NS1.Rutgers.edu ipad.college.edu (200302028 3600 3600 604800 2400.)

• A. 200303028
• B. 3600
• C. 604800
• D. 2400
• E. 60
• F. 4800

Answer: D

NEW QUESTION 20
Which mode of IPSec should you use to assure security and confidentiality of data within the same LAN?

• A. ESP transport mode
• B. ESP confidential
• C. AH permiscuous
• D. AH Tunnel mode

Answer: A

NEW QUESTION 21
During the process of encryption and decryption, what keys are shared? During the process of encryption and decryption, what keys are shared?

• A. Private keys
• B. User passwords
• C. Public keys
• D. Public and private keys

Answer: C

NEW QUESTION 22
......