Which protocol and port number might be needed in order to send log messages to a log analysis tool that resides behind a firewall?
A. UDP 123
B. UDP 541
C. UDP 514
D. UDP 415
A certified ethical hacker (CEH) is approached by a friend who believes her husband is cheating. She offers to pay to break into her husband's email account in order to find proof so she can take him to court.
What is the ethical response?
A. Say no; the friend is not the owner of the account.
B. Say yes; the friend needs help to gather evidence.
C. Say yes; do the job for free.
D. Say no; make sure that the friend knows the risk she's asking the CEH to take.
During a penetration test, a tester finds that the web application being analyzed is vulnerable to Cross Site Scripting (XSS).
Which of the following conditions must be met to exploit this vulnerability?
A. The web application does not have the secure flag set.
B. The session cookies do not have the HttpOnly flag set.
C. The victim user should not have an endpoint security solution.
D. The victim's browser must have ActiveX technology enabled.
Advanced encryption standard is an algorithm used for which of the following?
A. Data integrity
B. Key discovery
C. Bulk data encryption
D. Key recovery
Which statement best describes a server type under an N-tier architecture?
A. A group of servers at a specific layer
B. A single server with a specific role
C. A group of servers with a unique role
D. A single server at a specific layer
Which set of access control solutions implements two-factor authentication?
A. USB token and PIN
B. Fingerprint scanner and retina scanner
C. Password and PIN
D. Account and password
What is the name of the international standard that establishes a baseline level of confidence in the
security functionality of IT products by providing a set of requirements for evaluation?
A. Blue Book
B. ISO 26029
C. Common Criteria
D. The Wassenaar Agreement
Which system consists of a publicly available set of databases that contain domain name registration contact information?
A. WHOIS
B. IANA
C. CAPTCHA
D. IETF
A tester has been hired to do a web application security test. The tester notices that the site is dynamic and must make use of a back end database.
In order for the tester to see if SQL injection is possible, what is the first character that the tester should use to attempt breaking a valid SQL request?
A. Semicolon
B. Single quote
C. Exclamation mark
D. Double quote
If an e-commerce site was put into a live environment and the programmers failed to remove the secret entry point that was used during the application development, what is this secret entry point known as?
A. SDLC process
B. Honey pot
C. SQL injection
D. Trap door
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-50V8 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.