Month End Special 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: sale65best

ECCouncil 312-50 Exam Made Easy: Step-by-Step Preparation Guide

Questions 21

Which of the following processes of PKI (Public Key Infrastructure) ensures that a trust relationship exists and that a certificate is still valid for specific operations?

Options:
A.

Certificate issuance

B.

Certificate validation

C.

Certificate cryptography

D.

Certificate revocation

ECCouncil 312-50 Premium Access
Questions 22

What is the primary drawback to using advanced encryption standard (AES) algorithm with a 256 bit key to share sensitive data?

Options:
A.

Due to the key size, the time it will take to encrypt and decrypt the message hinders efficient communication.

B.

To get messaging programs to function with this algorithm requires complex configurations.

C.

It has been proven to be a weak cipher; therefore, should not be trusted to protect sensitive data.

D.

It is a symmetric key algorithm, meaning each recipient must receive the key through a different channel than the message.

Questions 23

Which of the following descriptions is true about a static NAT?

Options:
A.

A static NAT uses a many-to-many mapping.

B.

A static NAT uses a one-to-many mapping.

C.

A static NAT uses a many-to-one mapping.

D.

A static NAT uses a one-to-one mapping.

Questions 24

An NMAP scan of a server shows port 69 is open. What risk could this pose?

Options:
A.

Unauthenticated access

B.

Weak SSL version

C.

Cleartext login

D.

Web portal data leak

Questions 25

A Security Engineer at a medium-sized accounting firm has been tasked with discovering how much information can be obtained from the firm's public facing web servers. The engineer decides to start by using netcat to port 80.

The engineer receives this output:

312-50 Question 25

Which of the following is an example of what the engineer performed?

Options:
A.

Cross-site scripting

B.

Banner grabbing

C.

SQL injection

D.

Whois database query

Questions 26

Passive reconnaissance involves collecting information through which of the following?

Options:
A.

Social engineering

B.

Network traffic sniffing

C.

Man in the middle attacks

D.

Publicly accessible sources

Questions 27

How can rainbow tables be defeated?

Options:
A.

Password salting

B.

Use of non-dictionary words

C.

All uppercase character passwords

D.

Lockout accounts under brute force password cracking attempts

Questions 28

What information should an IT system analysis provide to the risk assessor?

Options:
A.

Management buy-in

B.

Threat statement

C.

Security architecture

D.

Impact analysis

Questions 29

The following is a sample of output from a penetration tester's machine targeting a machine with the IP address of 192.168.1.106:

312-50 Question 29

What is most likely taking place?

Options:
A.

Ping sweep of the 192.168.1.106 network

B.

Remote service brute force attempt

C.

Port scan of 192.168.1.106

D.

Denial of service attack on 192.168.1.106

Questions 30

A company has publicly hosted web applications and an internal Intranet protected by a firewall. Which technique will help protect against enumeration?

Options:
A.

Reject all invalid email received via SMTP.

B.

Allow full DNS zone transfers.

C.

Remove A records for internal hosts.

D.

Enable null session pipes.