Practical of 312-50v8 free exam questions materials and dump for EC-Council certification for candidates, Real Success Guaranteed with Updated 312-50v8 pdf dumps vce Materials. 100% PASS Certified Ethical Hacker v8 exam Today!
2016 Dec 312-50v8 cost:
Q131. Which of the following guidelines or standards is associated with the credit card industry?
A. Control Objectives for Information and Related Technology.(COBIT)
B. Sarbanes-Oxley Act (SOX)
C. Health Insurance Portability and Accountability Act (HIPAA)
D. Payment Card Industry Data Security Standards (PCI DSS)
Q132. _________ ensures that the enforcement of organizational security policy does not rely on voluntary web application user compliance. It secures information by assigning sensitivity labels on information and comparing this to the level of security a user is operating at.
A. Mandatory Access Control
B. Authorized Access Control
C. Role-based Access Control
D. Discretionary Access Control
Q133. In this attack, a victim receives an e-mail claiming from PayPal stating that their account has been disabled and confirmation is required before activation. The attackers then scam to collect not one but two credit card numbers, ATM PIN number and other personal details.
Ignorant users usually fall prey to this scam. Which of the following statement is incorrect
related to this attack?
A. Do not reply to email messages or popup ads asking for personal or financial information
B. Do not trust telephone numbers in e-mails or popup ads
C. Review credit card and bank account statements regularly
D. Antivirus,anti-spyware,and firewall software can very easily detect these type of attacks
E. Do not send credit card numbers,and personal or financial information via e-mail
Q134. Liza has forgotten her password to an online bookstore. The web application asks her to key in her email so that they can send her the password. Liza enters her email firstname.lastname@example.org'. The application displays server error. What is wrong with the web application?
A. The email is not valid
B. User input is not sanitized
C. The web server may be down
D. The ISP connection is not reliable
Q135. You are trying to hijack a telnet session from a victim machine with IP address 10.0.0.5 to Cisco router at 10.0.0.1. You sniff the traffic and attempt to predict the sequence and acknowledgement numbers to successfully hijack the telnet session.
Here is the captured data in tcpdump.
What are the next sequence and acknowledgement numbers that the router will send to the victim machine?
A. Sequence number: 82980070 Acknowledgement number: 17768885A.
B. Sequence number: 17768729 Acknowledgement number: 82980070B.
C. Sequence number: 87000070 Acknowledgement number: 85320085C.
D. Sequence number: 82980010 Acknowledgement number: 17768885D.
Refresh eccouncil 312-50v8:
Q136. What techniques would you use to evade IDS during a Port Scan? (Select 4 answers)
A. Use fragmented IP packets
B. Spoof your IP address when launching attacks and sniff responses from the server
C. Overload the IDS with Junk traffic to mask your scan
D. Use source routing (if possible)
E. Connect to proxy servers or compromised Trojaned machines to launch attacks
Q137. You have just installed a new Linux file server at your office. This server is going to be used by several individuals in the organization, and unauthorized personnel must not be able to modify any data.
What kind of program can you use to track changes to files on the server?
A. Network Based IDS (NIDS)
B. Personal Firewall
C. System Integrity Verifier (SIV)
D. Linux IP Chains
Q138. LM authentication is not as strong as Windows NT authentication so you may want to disable its use, because an attacker eavesdropping on network traffic will attack the weaker protocol. A successful attack can compromise the user's password. How do you disable LM authentication in Windows XP?
A. Stop the LM service in Windows XP
B. Disable LSASS service in Windows XP
C. Disable LM authentication in the registry
D. Download and install LMSHUT.EXE tool from Microsoft website
Q139. A company firewall engineer has configured a new DMZ to allow public systems to be located away from the internal network. The engineer has three security zones set:
Untrust (Internet).– (Remote network = 184.108.40.206/24)
DMZ (DMZ) – (220.127.116.11/24)
Trust (Intranet) – (192.168.0.0/24)
The engineer wants to configure remote desktop access from a fixed IP on the remote network to a remote desktop server in the DMZ. Which rule would best fit this requirement?
A. Permit 18.104.22.168/24 22.214.171.124/24.RDP 3389
B. Permit 126.96.36.199 188.8.131.52 RDP 3389
C. Permit 184.108.40.206 220.127.116.11/24.RDP 3389
D. Permit 18.104.22.168/24 22.214.171.124 RDP 3389
Q140. What information should an IT system analysis provide to the risk assessor?
A. Management buy-in
B. Threat statement
C. Security architecture
D. Impact analysis
see more 312-50v8 dumps