EC-COUNCIL EC-COUNCIL Certifications 312-50V10 Questions & Answers

• Question 611:

  Which of the following business challenges could be solved by using a vulnerability scanner?

  A. Auditors want to discover if all systems are following a standard naming convention.

  B. A web server was compromised and management needs to know if any further systems were compromised.

  C. There is an emergency need to remove administrator access from multiple machines for an employee that quit.

  D. There is a monthly requirement to test corporate compliance with host application usage and security policies.

  Correct Answer: D

• Question 612:

  Which technical characteristic do Ethereal/Wireshark, TCPDump, and Snort have in common?

  A. They are written in Java.

  B. They send alerts to security monitors.

  C. They use the same packet analysis engine.

  D. They use the same packet capture utility.

  Correct Answer: D

• Question 613:

  A security consultant is trying to bid on a large contract that involves penetration testing and reporting. The company accepting bids wants proof of work so the consultant prints out several audits that have been performed. Which of the following is likely to occur as a result?

  A. The consultant will ask for money on the bid because of great work.

  B. The consultant may expose vulnerabilities of other companies.

  C. The company accepting bids will want the same type of format of testing.

  D. The company accepting bids will hire the consultant because of the great work performed.

  Correct Answer: B

• Question 614:

  A security engineer has been asked to deploy a secure remote access solution that will allow employees to connect to the company's internal network. Which of the following can be implemented to minimize the opportunity for the man-in-the-middle attack to occur?

  A. SSL

  B. Mutual authentication

  C. IPSec

  D. Static IP addresses

  Correct Answer: C

• Question 615:

  A penetration tester is attempting to scan an internal corporate network from the internet without alerting the border sensor. Which is the most efficient technique should the tester consider using?

  A. Spoofing an IP address

  B. Tunneling scan over SSH

  C. Tunneling over high port numbers

  D. Scanning using fragmented IP packets

  Correct Answer: B

• Question 616:

  What type of OS fingerprinting technique sends specially crafted packets to the remote OS and analyzes the received response?

  A. Passive

  B. Reflective

  C. Active

  D. Distributive

  Correct Answer: C

• Question 617:

  Which of the following viruses tries to hide from anti-virus programs by actively altering and corrupting the chosen service call interruptions when they are being run?

  A. Cavity virus

  B. Polymorphic virus

  C. Tunneling virus

  D. Stealth virus

  Correct Answer: D

• Question 618:

  A tester has been using the msadc.pl attack script to execute arbitrary commands on a Windows NT4 web server. While it is effective, the tester finds it tedious to perform extended functions. On further research, the tester come across a perl script that runs the following msadc functions:

  

  Which exploit is indicated by this script?

  A. A buffer overflow exploit

  B. A chained exploit

  C. A SQL injection exploit

  D. A denial of service exploit

  Correct Answer: B

• Question 619:

  What technique is used to perform a Connection Stream Parameter Pollution (CSPP) attack?

  A. Injecting parameters into a connection string using semicolons as a separator

  B. Inserting malicious Javascript code into input parameters

  C. Setting a user's session identifier (SID) to an explicit known value

  D. Adding multiple parameters with the same name in HTTP requests

  Correct Answer: A

• Question 620:

  A hacker, who posed as a heating and air conditioning specialist, was able to install a sniffer program in a switched environment network. Which attack could the hacker use to sniff all of the packets in the network?

  A. Fraggle

  B. MAC Flood

  C. Smurf

  D. Tear Drop

  Correct Answer: B