EC-COUNCIL EC-COUNCIL Certifications 312-50V10 Questions & Answers

• Question 571:

  Which of the following problems can be solved by using Wireshark?

  A. Tracking version changes of source code

  B. Checking creation dates on all webpages on a server

  C. Resetting the administrator password on multiple systems

  D. Troubleshooting communication resets between two systems

  Correct Answer: D

• Question 572:

  A botnet can be managed through which of the following?

  A. IRC

  B. E-Mail

  C. Linkedin and Facebook

  D. A vulnerable FTP server

  Correct Answer: A

• Question 573:

  During a penetration test, the tester conducts an ACK scan using NMAP against the external interface of the DMZ firewall. NMAP reports that port 80 is unfiltered. Based on this response, which type of packet inspection is the firewall conducting?

  A. Host

  B. Stateful

  C. Stateless

  D. Application

  Correct Answer: C

• Question 574:

  What is the best defense against privilege escalation vulnerability?

  A. Patch systems regularly and upgrade interactive login privileges at the system administrator level.

  B. Run administrator and applications on least privileges and use a content registry for tracking.

  C. Run services with least privileged accounts and implement multi-factor authentication and authorization.

  D. Review user roles and administrator privileges for maximum utilization of automation services.

  Correct Answer: C

• Question 575:

  Which of the following is a client-server tool utilized to evade firewall inspection?

  A. tcp-over-dns

  B. kismet

  C. nikto

  D. hping

  Correct Answer: A

• Question 576:

  Which of the following resources does NMAP need to be used as a basic vulnerability scanner covering several vectors like SMB, HTTP and FTP?

  A. Metasploit scripting engine

  B. Nessus scripting engine

  C. NMAP scripting engine

  D. SAINT scripting engine

  Correct Answer: C

• Question 577:

  A penetration tester is conducting a port scan on a specific host. The tester found several ports opened that were confusing in concluding the Operating System (OS) version installed. Considering the NMAP result below, which of the following is likely to be installed on the target machine by the OS?

  

  A. The host is likely a Windows machine.

  B. The host is likely a Linux machine.

  C. The host is likely a router.

  D. The host is likely a printer.

  Correct Answer: D

• Question 578:

  Which type of access control is used on a router or firewall to limit network activity?

  A. Mandatory

  B. Discretionary

  C. Rule-based

  D. Role-based

  Correct Answer: C

• Question 579:

  In order to show improvement of security over time, what must be developed?

  A. Reports

  B. Testing tools

  C. Metrics

  D. Taxonomy of vulnerabilities

  Correct Answer: C

  Today, management demands metrics to get a clearer view of security. Metrics that measure participation, effectiveness, and window of exposure, however, offer information the organization can use to make plans and improve programs.

  References: http://www.infoworld.com/article/2974642/security/4-security-metrics-that- matter.html

• Question 580:

  Windows file servers commonly hold sensitive files, databases, passwords and more. Which of the following choices would be a common vulnerability that usually exposes them?

  A. Cross-site scripting

  B. SQL injection

  C. Missing patches

  D. CRLF injection

  Correct Answer: C