All About Best Quality 312-50v10 Question

Our pass rate is high to 98.9% and the similarity percentage between our 312-50v10 study guide and real exam is 90% based on our seven-year educating experience. Do you want achievements in the EC-Council 312-50v10 exam in just one try? I am currently studying for the EC-Council 312-50v10 exam. Latest EC-Council 312-50v10 Test exam practice questions and answers, Try EC-Council 312-50v10 Brain Dumps First.

EC-Council 312-50v10 Free Dumps Questions Online, Read and Test Now.

Page: 1 / 61
Total 736 questions Full Exam Access
Question 1
- (Exam Topic 5)
A large mobile telephony and data network operator has a data that houses network elements. These are essentially large computers running on Linux. The perimeter of the data center is secured with firewalls and IPS systems. What is the best security policy concerning this setup?
My answer: -
Reference answer: A
Reference analysis:

None

Question 2
- (Exam Topic 7)
What kind of detection techniques is being used in antivirus softwares that identifies malware by collecting data from multiple protected systems and instead of analyzing files locally it's made on the premiers
environment-
My answer: -
Reference answer: A
Reference analysis:

None

Question 3
- (Exam Topic 5)
Risks = Threats x Vulnerabilities is referred to as the:
My answer: -
Reference answer: A
Reference analysis:

The most effective way to define risk is with this simple equation: Risk = Threat x Vulnerability x Cost
This equation is fundamental to all information security. References: http://www.icharter.org/articles/risk_equation.html

Question 4
- (Exam Topic 2)
Windows file servers commonly hold sensitive files, databases, passwords and more. Which of the following choices would be a common vulnerability that usually exposes them?
My answer: -
Reference answer: C
Reference analysis:

None

Question 5
- (Exam Topic 2)
During a penetration test, a tester finds a target that is running MS SQL 2000 with default credentials. The tester assumes that the service is running with Local System account. How can this weakness be exploited to access the system?
My answer: -
Reference answer: D
Reference analysis:

None

Question 6
- (Exam Topic 5)
Ricardo wants to send secret messages to a competitor company. To secure these messages, he uses a technique of hiding a secret message within an ordinary message. The technique provides 'security through obscurity'.
What technique is Ricardo using?
My answer: -
Reference answer: A
Reference analysis:

Steganography is the practice of concealing a file, message, image, or video within another file, message, image, or video.
References: https://en.wikipedia.org/wiki/Steganography

Question 7
- (Exam Topic 2)
Which system consists of a publicly available set of databases that contain domain name registration contact information?
My answer: -
Reference answer: A
Reference analysis:

None

Question 8
- (Exam Topic 1)
DNS cache snooping is a process of determining if the specified resource address is present in the DNS cache records. It may be useful during the examination of the network to determine what software update resources are used, thus discovering what software is installed.
What command is used to determine if the entry is present in DNS cache?
My answer: -
Reference answer: C
Reference analysis:

None

Question 9
- (Exam Topic 4)
Which of the following is the successor of SSL?
My answer: -
Reference answer: A
Reference analysis:

Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL), both of which are frequently referred to as 'SSL', are cryptographic protocols that provide communications security over a computer network.
References: https://en.wikipedia.org/wiki/Transport_Layer_Security

Question 10
- (Exam Topic 1)
Chandler works as a pen-tester in an IT-firm in New York. As a part of detecting viruses in the systems, he uses a detection method where the anti-virus executes the malicious codes on a virtual machine to simulate CPU and memory activities.
Which type of virus detection method did Chandler use in this context?
My answer: -
Reference answer: B
Reference analysis:

None

Question 11
- (Exam Topic 7)
Which of the following is the primary objective of a rootkit?
My answer: -
Reference answer: C
Reference analysis:

None

Question 12
- (Exam Topic 4)
During a blackbox pen test you attempt to pass IRC traffic over port 80/TCP from a compromised web enabled host. The traffic gets blocked; however, outbound HTTP traffic is unimpeded.
What type of firewall is inspecting outbound traffic?
My answer: -
Reference answer: A
Reference analysis:

An application firewall is an enhanced firewall that limits access by applications to the operating system (OS) of a computer. Conventional firewalls merely control the flow of data to and from the central processing unit (CPU), examining each packet and determining whether or not to forward it toward a particular destination. An application firewall offers additional protection by controlling the execution of files or the handling of data by specific applications.
References:
http://searchsoftwarequality.techtarget.com/definition/application-firewall

Question 13
- (Exam Topic 3)
In the OSI model, where does PPTP encryption take place?
My answer: -
Reference answer: C
Reference analysis:

None

Question 14
- (Exam Topic 4)
You've gained physical access to a Windows 2008 R2 server which has an accessible disc drive. When you attempt to boot the server and log in, you are unable to guess the password. In your tool kit you have an Ubuntu 9.10 Linux LiveCD. Which Linux based tool has the ability to change any user's password or to activate disabled Windows accounts?
My answer: -
Reference answer: A
Reference analysis:

chntpw is a software utility for resetting or blanking local passwords used by Windows NT, 2000, XP, Vista, 7, 8 and 8.1. It does this by editing the SAM database where Windows stores password hashes.
References: https://en.wikipedia.org/wiki/Chntpw

Question 15
- (Exam Topic 5)
What is correct about digital signatures?
My answer: -
Reference answer: A
Reference analysis:

None

Question 16
- (Exam Topic 5)
An attacker attaches a rogue router in a network. He wants to redirect traffic to a LAN attached to his router as part of a man-in-the-middle attack. What measure on behalf of the legitimate admin can mitigate this attack?
My answer: -
Reference answer: B
Reference analysis:

None

Question 17
- (Exam Topic 5)
Which of the following tools can be used for passive OS fingerprinting?
My answer: -
Reference answer: A
Reference analysis:

The passive operating system fingerprinting is a feature built into both the pf and tcpdump tools.
References:
http://geek00l.blogspot.se/2007/04/tcpdump-privilege-dropping-passive-os.html

Question 18
- (Exam Topic 4)
The Open Web Application Security Project (OWASP) is the worldwide not-for-profit charitable organization focused on improving the security of software. What item is the primary concern on OWASP's Top Ten Project Most Critical Web Application Security Risks?
My answer: -
Reference answer: A
Reference analysis:

The top item of the OWASP 2013 OWASP's Top Ten Project Most Critical Web Application Security Risks is injection.
Injection flaws, such as SQL, OS, and LDAP injection occur when untrusted data is sent to an interpreter as part of a command or query. The attacker’s hostile data can trick the interpreter into executing unintended commands or accessing data without proper authorization.
References: https://www.owasp.org/index.php/Top_10_2013-Top_10

Question 19
- (Exam Topic 6)
An enterprise recently moved to a new office and the new neighborhood is a little risky. The CEO wants to monitor the physical perimeter and the entrance doors 24 hours. What is the best option to do this job?
My answer: -
Reference answer: B
Reference analysis:

None

Question 20
- (Exam Topic 1)
Based on the below log, which of the following sentences are true?
Mar 1, 2016, 7:33:28 AM 10.240.250.23 – 54373 10.249.253.15 – 22 tcp_ip
My answer: -
Reference answer: C
Reference analysis:

None

Question 21
- (Exam Topic 1)
Darius is analysing IDS logs. During the investigation, he noticed that there was nothing suspicious found and an alert was triggered on normal web application traffic. He can mark this alert as:
My answer: -
Reference answer: A
Reference analysis:

None

Question 22
- (Exam Topic 2)
Which set of access control solutions implements two-factor authentication?
My answer: -
Reference answer: A
Reference analysis:

None

Question 23
- (Exam Topic 6)
Which of the following tools would MOST LIKELY be used to perform security audit on various of forms of network systems?
My answer: -
Reference answer: B
Reference analysis:

None

Question 24
- (Exam Topic 2)
Which of the following programs is usually targeted at Microsoft Office products?
My answer: -
Reference answer: C
Reference analysis:

A macro virus is a virus that is written in a macro language: a programming language which is embedded inside a software application (e.g., word processors and spreadsheet applications). Some applications, such as Microsoft Office, allow macro programs to be embedded in documents such that the macros are run automatically when the document is opened, and this provides a distinct mechanism by which malicious computer instructions can spread.
References: https://en.wikipedia.org/wiki/Macro_virus

Question 25
- (Exam Topic 1)
On performing a risk assessment, you need to determine the potential impacts when some of the critical business process of the company interrupt its service. What is the name of the process by which you can determine those critical business?
My answer: -
Reference answer: D
Reference analysis:

None

Page: 1 / 61
Total 736 questions Full Exam Access