EC-COUNCIL EC-COUNCIL Certifications 312-50V9 Questions & Answers

• Question 201:

  Which of the following is considered an acceptable option when managing a risk?

  A. Reject the risk.

  B. Deny the risk.

  C. Mitigate the risk.

  D. Initiate the risk.

  Correct Answer: C Section: (none)

• Question 202:

  Which of the following is a preventive control?

  A. Smart card authentication

  B. Security policy

  C. Audit trail

  D. Continuity of operations plan

  Correct Answer: A Section: (none)

• Question 203:

  A bank stores and processes sensitive privacy information related to home loans. However, auditing has never been enabled on the system. What is the first step that the bank should take before enabling the audit feature?

  A. Perform a vulnerability scan of the system.

  B. Determine the impact of enabling the audit feature.

  C. Perform a cost/benefit analysis of the audit feature.

  D. Allocate funds for staffing of audit log review.

  Correct Answer: B Section: (none)

• Question 204:

  Which results will be returned with the following Google search query?

  site:target.com -site:Marketing.target.com accounting

  A. Results matching all words in the query

  B. Results matching "accounting" in domain target.com but not on the site Marketing.target.com

  C. Results from matches on the site marketing.target.com that are in the domain target.com but do not include the word accounting

  D. Results for matches on target.com and Marketing.target.com that include the word "accounting"

  Correct Answer: B Section: (none)

• Question 205:

  What information should an IT system analysis provide to the risk assessor?

  A. Management buy-in

  B. Threat statement

  C. Security architecture

  D. Impact analysis

  Correct Answer: C Section: (none)

• Question 206:

  An NMAP scan of a server shows port 69 is open. What risk could this pose?

  A. Unauthenticated access

  B. Weak SSL version

  C. Cleartext login

  D. Web portal data leak

  Correct Answer: A Section: (none)

• Question 207:

  A Security Engineer at a medium-sized accounting firm has been tasked with discovering how much

  information can be obtained from the firm's public facing web servers. The engineer decides to start by

  using netcat to port 80.

  The engineer receives this output:

  

  Which of the following is an example of what the engineer performed?

  A. Cross-site scripting

  B. Banner grabbing

  C. SQL injection

  D. Whois database query

  Correct Answer: B Section: (none)

• Question 208:

  The following is part of a log file taken from the machine on the network with the IP address of

  192.168.1.106:

  

  What type of activity has been logged?

  A. Port scan targeting 192.168.1.103

  B. Teardrop attack targeting 192.168.1.106

  C. Denial of service attack targeting 192.168.1.103

  D. Port scan targeting 192.168.1.106

  Correct Answer: D Section: (none)

• Question 209:

  A penetration tester was hired to perform a penetration test for a bank. The tester began searching for IP ranges owned by the bank, performing lookups on the bank's DNS servers, reading news articles online about the bank, watching what times the bank employees come into work and leave from work, searching the bank's job postings (paying special attention to IT related jobs), and visiting the local dumpster for the bank's corporate office. What phase of the penetration test is the tester currently in?

  A. Information reporting

  B. Vulnerability assessment

  C. Active information gathering

  D. Passive information gathering

  Correct Answer: D Section: (none)

• Question 210:

  Which system consists of a publicly available set of databases that contain domain name registration contact information?

  A. WHOIS

  B. IANA

  C. CAPTCHA

  D. IETF

  Correct Answer: A Section: (none)