Passive reconnaissance involves collecting information through which of the following?
A. Social engineering
B. Network traffic sniffing
C. Man in the middle attacks
D. Publicly accessible sources
What is the main advantage that a network-based IDS/IPS system has over a host-based solution?
A. They do not use host system resources.
B. They are placed at the boundary, allowing them to inspect all traffic.
C. They are easier to install and configure.
D. They will not interfere with user interfaces.
When analyzing the IDS logs, the system administrator noticed an alert was logged when the external router was accessed from the administrator's computer to update the router configuration. What type of an alert is this?
A. False positive
B. False negative
C. True positve
D. True negative
When an alert rule is matched in a network-based IDS like snort, the IDS does which of the following?
A. Drops the packet and moves on to the next one
B. Continues to evaluate the packet until all rules are checked
C. Stops checking rules, sends an alert, and lets the packet continue
D. Blocks the connection with the source IP address in the packet
A newly discovered flaw in a software application would be considered which kind of security vulnerability?
A. Input validation flaw
B. HTTP header injection vulnerability
C. 0-day vulnerability D. Time-to-check to time-to-use flaw
The use of technologies like IPSec can help guarantee the following: authenticity, integrity, confidentiality and:
A. non-repudiation.
B. operability.
C. security.
D. usability.
How can a rootkit bypass Windows 7 operating system's kernel mode, code signing policy?
A. Defeating the scanner from detecting any code change at the kernel
B. Replacing patch system calls with its own version that hides the rootkit (attacker's) actions
C. Performing common services for the application process and replacing real applications with fake ones
D. Attaching itself to the master boot record in a hard drive and changing the machine's boot sequence/ options
Which of the following is an application that requires a host application for replication?
A. Micro
B. Worm
C. Trojan
D. Virus
An attacker uses a communication channel within an operating system that is neither designed nor intended to transfer information. What is the name of the communications channel?
A. Classified
B. Overt
C. Encrypted
D. Covert
Which command line switch would be used in NMAP to perform operating system detection?
A. -OS
B. -sO
C. -sP
D. -O
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-50V10 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.