EC-COUNCIL EC-COUNCIL Certifications 312-50V11 Questions & Answers

• Question 501:

  Which type of malware spreads from one system to another or from one network to another and causes similar types of damage as viruses do to the infected system?

  A. Rootkit

  B. Trojan

  C. Worm

  D. Adware

  Correct Answer: C

• Question 502:

  You have gained physical access to a Windows 2008 R2 server which has an accessible disc drive. When you attempt to boot the server and log in, you are unable to guess the password. In your toolkit, you have an Ubuntu 9.10 Linux LiveCD. Which Linux-based tool can change any user's password or activate disabled Windows accounts?

  A. John the Ripper

  B. SET

  C. CHNTPW

  D. Cain and Abel

  Correct Answer: C

• Question 503:

  Scenario: Joe turns on his home computer to access personal online banking. When he enters the URL www.bank.com. the website is displayed, but it prompts him to re-enter his credentials as if he has never visited the site before. When he examines the website URL closer, he finds that the site is not secure and the web address appears different. What type of attack he is experiencing?.

  A. Dos attack

  B. DHCP spoofing

  C. ARP cache poisoning

  D. DNS hijacking

  Correct Answer: D

• Question 504:

  Which system consists of a publicly available set of databases that contain domain name registration contact information?

  A. WHOIS

  B. CAPTCHA

  C. IANA

  D. IETF

  Correct Answer: A

• Question 505:

  In Trojan terminology, what is a covert channel?

  

  A. A channel that transfers information within a computer system or network in a way that violates the security policy

  B. A legitimate communication path within a computer system or network for transfer of data

  C. It is a kernel operation that hides boot processes and services to mask detection

  D. It is Reverse tunneling technique that uses HTTPS protocol instead of HTTP protocol to establish connections

  Correct Answer: A

• Question 506:

  What is the file that determines the basic configuration (specifically activities, services, broadcast receivers, etc.) in an Android application?

  A. AndroidManifest.xml

  B. APK.info

  C. resources.asrc

  D. classes.dex

  Correct Answer: A

  The AndroidManifest.xml file contains information of your package, including components of the appliance

  like activities, services, broadcast receivers, content providers etc.It performs another tasks also:?it's

  responsible to guard the appliance to access any protected parts by providing the permissions.

  It also declares the android api that the appliance goes to use.

  It lists the instrumentation classes.

  The instrumentation classes provides profiling and other informations. These informations are removed

  just before the appliance is published etc.This is the specified xml file for all the android application and

  located inside the basis directory.

• Question 507:

  You are analysing traffic on the network with Wireshark. You want to routinely run a cron job which will run the capture against a specific set of IPs - 192.168.8.0/24. What command you would use?

  A. wireshark --fetch ''192.168.8*''

  B. wireshark --capture --local masked 192.168.8.0 ---range 24

  C. tshark -net 192.255.255.255 mask 192.168.8.0

  D. sudo tshark -f''net 192 .68.8.0/24''

  Correct Answer: D

• Question 508:

  There have been concerns in your network that the wireless network component is not sufficiently secure. You perform a vulnerability scan of the wireless network and find that it is using an old encryption protocol that was designed to mimic wired encryption, what encryption protocol is being used?

  A. WEP

  B. RADIUS

  C. WPA

  D. WPA3

  Correct Answer: A

  Wired Equivalent Privacy (WEP) may be a security protocol, laid out in the IEEE wireless local area network (Wi-Fi) standard, 802.11b, that's designed to supply a wireless local area network (WLAN) with A level of security and privacy like what's usually expected of a wired LAN. A wired local area network (LAN) is usually protected by physical security mechanisms (controlled access to a building, for example) that are effective for a controlled physical environment, but could also be ineffective for WLANs because radio waves aren't necessarily bound by the walls containing the network. WEP seeks to determine similar protection thereto offered by the wired network's physical security measures by encrypting data transmitted over the WLAN. encoding protects the vulnerable wireless link between clients and access points; once this measure has been taken, other typical LAN security mechanisms like password protection, end-to-end encryption, virtual private networks (VPNs), and authentication are often put in situ to make sure privacy.A research group from the University of California at Berkeley recently published a report citing "major security flaws" in WEP that left WLANs using the protocol susceptible to attacks (called wireless equivalent privacy attacks). within the course of the group's examination of the technology, they were ready to intercept and modify transmissions and gain access to restricted networks. The Wireless Ethernet Compatibility Alliance (WECA) claims that WEP ?which is included in many networking products ?was never intended to be the only security mechanism for a WLAN, and that, in conjunction with traditional security practices, it's very effective.

• Question 509:

  While examining audit logs, you discover that people are able to telnet into the SMTP server on port 25. You would like to block this, though you do not see any evidence of an attack or other wrong doing. However, you are concerned about affecting the normal functionality of the email server. From the following options choose how best you can achieve this objective?

  A. Block port 25 at the firewall.

  B. Shut off the SMTP service on the server.

  C. Force all connections to use a username and password.

  D. Switch from Windows Exchange to UNIX Sendmail.

  E. None of the above.

  Correct Answer: E

• Question 510:

  If you want to only scan fewer ports than the default scan using Nmap tool, which option would you use?

  A. -r

  B. -F

  C. -P

  D. -sP

  Correct Answer: B