Month End Special 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: sale65best

ECCouncil 312-50 Exam Made Easy: Step-by-Step Preparation Guide

Questions 101

Which type of access control is used on a router or firewall to limit network activity?

Options:
A.

Mandatory

B.

Discretionary

C.

Rule-based

D.

Role-based

ECCouncil 312-50 Premium Access
Questions 102

Which of the following is a strong post designed to stop a car?

Options:
A.

Gate

B.

Fence

C.

Bollard

D.

Reinforced rebar

Questions 103

A computer science student needs to fill some information into a secured Adobe PDF job application that was received from a prospective employer. Instead of requesting a new document that allowed the forms to be completed, the student decides to write a script that pulls passwords from a list of commonly used passwords to try against the secured PDF until the correct password is found or the list is exhausted.

Which cryptography attack is the student attempting?

Options:
A.

Man-in-the-middle attack

B.

Brute-force attack

C.

Dictionary attack

D.

Session hijacking

Questions 104

Windows file servers commonly hold sensitive files, databases, passwords and more. Which of the following choices would be a common vulnerability that usually exposes them?

Options:
A.

Cross-site scripting

B.

SQL injection

C.

Missing patches

D.

CRLF injection

Questions 105

The use of alert thresholding in an IDS can reduce the volume of repeated alerts, but introduces which of the following vulnerabilities?

Options:
A.

An attacker, working slowly enough, can evade detection by the IDS.

B.

Network packets are dropped if the volume exceeds the threshold.

C.

Thresholding interferes with the IDS’ ability to reassemble fragmented packets.

D.

The IDS will not distinguish among packets originating from different sources.

Questions 106

Which of the following conditions must be given to allow a tester to exploit a Cross-Site Request Forgery (CSRF) vulnerable web application?

Options:
A.

The victim user must open the malicious link with an Internet Explorer prior to version 8.

B.

The session cookies generated by the application do not have the HttpOnly flag set.

C.

The victim user must open the malicious link with a Firefox prior to version 3.

D.

The web application should not use random tokens.

Questions 107

Low humidity in a data center can cause which of the following problems?

Options:
A.

Heat

B.

Corrosion

C.

Static electricity

D.

Airborne contamination

Questions 108

WPA2 uses AES for wireless data encryption at which of the following encryption levels?

Options:
A.

64 bit and CCMP

B.

128 bit and CRC

C.

128 bit and CCMP

D.

128 bit and TKIP

Questions 109

What is the most secure way to mitigate the theft of corporate information from a laptop that was left in a hotel room?

Options:
A.

Set a BIOS password.

B.

Encrypt the data on the hard drive.

C.

Use a strong logon password to the operating system.

D.

Back up everything on the laptop and store the backup in a safe place.

Questions 110

During a penetration test, the tester conducts an ACK scan using NMAP against the external interface of the DMZ firewall. NMAP reports that port 80 is unfiltered. Based on this response, which type of packet inspection is the firewall conducting?

Options:
A.

Host

B.

Stateful

C.

Stateless

D.

Application