Our EC-Council 312-50v8 exam demos are presented by means of Pdf and Analyze ENGINE. The particular Pdf files are printable as well as portable; and the Analyze ENGINE is downloadable. Both of them will be obtainable after you pay for the EC-Council 312-50v8 products. You can carry your tests as well as prepare pertaining to them with your study or perhaps in a class through self-training. The check engine can easily create a true test-taking environment in your case. In a expression, our EC-Council 312-50v8 exam braindumps price little span of energy and a tiny amount of income. Guaranteed results are waiting in your case.
2016 Oct 312-50v8 questions:
Q11. Windump is the windows port of the famous TCPDump packet sniffer available on a variety of platforms. In order to use this tool on the Windows platform you must install a packet capture library.
What is the name of this library?
Q12. What port scanning method involves sending spoofed packets to a target system and then looking for adjustments to the IPID on a zombie system?
A. Blind Port Scanning
B. Idle Scanning
C. Bounce Scanning
D. Stealth Scanning
E. UDP Scanning
Q13. Kevin sends an email invite to Chris to visit a forum for security professionals. Chris clicks on the link in the email message and is taken to a web based bulletin board. Unknown to Chris, certain functions are executed on his local system under his privileges, which allow Kevin access to information used on the BBS. However, no executables are downloaded and run on the local system. What would you term this attack?
B. Denial of Service
C. Cross Site Scripting
D. Backdoor installation
Q14. What is the advantage in encrypting the communication between the agent and the monitor in an Intrusion Detection System?
A. Encryption of agent communications will conceal the presence of the agents
B. The monitor will know if counterfeit messages are being generated because they will not be encrypted
C. Alerts are sent to the monitor when a potential intrusion is detected
D. An intruder could intercept and delete data or alerts and the intrusion can go undetected
Q15. According to the CEH methodology, what is the next step to be performed after footprinting?
C. System Hacking
D. Social Engineering
E. Expanding Influence
Refresh 312-50v8 download:
Q16. TCP packets transmitted in either direction after the initial three-way handshake will have which of the following bit set?
A. SYN flag
B. ACK flag
C. FIN flag
D. XMAS flag
Q17. Your XYZ trainee Sandra asks you which are the four existing Regional Internet Registry (RIR's)?
B. RIPE NCC,LACNIC,ARIN,APNIC
C. RIPE NCC,NANIC,ARIN,APNIC
D. RIPE NCC,ARIN,APNIC,LATNIC
Q18. Take a look at the following attack on a Web Server using obstructed URL:
The request is made up of:
%2e%2e%2f%2e%2e%2f%2e%2f% = ../../../
%65%74%63 = etc
%2f = /
%70%61%73%73%77%64 = passwd
How would you protect information systems from these attacks?
A. Configure Web Server to deny requests involving Unicode characters.
B. Create rules in IDS to alert on strange Unicode requests.
C. Use SSL authentication on Web Servers.
D. Enable Active Scripts Detection at the firewall and routers.
Q19. A rootkit is a collection of tools (programs) that enable administrator-level access to a computer. This program hides itself deep into an operating system for malicious activity and is extremely difficult to detect. The malicious software operates in a stealth fashion by hiding its files, processes and registry keys and may be used to create a hidden directory or folder designed to keep out of view from a user's operating system and security software.
What privilege level does a rootkit require to infect successfully on a Victim's machine?
A. User level privileges
B. Ring 3 Privileges
C. System level privileges
D. Kernel level privileges
Q20. Switches maintain a CAM Table that maps individual MAC addresses on the network to physical ports on the switch.
In MAC flooding attack, a switch is fed with many Ethernet frames, each containing different source MAC addresses, by the attacker. Switches have a limited memory for mapping various MAC addresses to physical ports. What happens when the CAM table becomes full?
A. Switch then acts as hub by broadcasting packets to all machines on the network
B. The CAM overflow table will cause the switch to crash causing Denial of Service
C. The switch replaces outgoing frame switch factory default MAC address of FF:FF:FF:FF:FF:FF
D. Every packet is dropped and the switch sends out SNMP alerts to the IDS port
see more 312-50v8 dumps