Month End Special 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: sale65best

ECCouncil 312-50 Exam Made Easy: Step-by-Step Preparation Guide

Questions 31

What is one thing a tester can do to ensure that the software is trusted and is not changing or tampering with critical data on the back end of a system it is loaded on?

Options:
A.

Proper testing

B.

Secure coding principles

C.

Systems security and architecture review

D.

Analysis of interrupts within the software

ECCouncil 312-50 Premium Access
Questions 32

Which of the following lists are valid data-gathering activities associated with a risk assessment?

Options:
A.

Threat identification, vulnerability identification, control analysis

B.

Threat identification, response identification, mitigation identification

C.

Attack profile, defense profile, loss profile

D.

System profile, vulnerability identification, security determination

Questions 33

Which of the following techniques will identify if computer files have been changed?

Options:
A.

Network sniffing

B.

Permission sets

C.

Integrity checking hashes

D.

Firewall alerts

Questions 34

Which results will be returned with the following Google search query?

site:target.com -site:Marketing.target.com accounting

Options:
A.

Results matching all words in the query

B.

Results matching “accounting” in domain target.com but not on the site Marketing.target.com

C.

Results from matches on the site marketing.target.com that are in the domain target.com but do not include the word accounting

D.

Results for matches on target.com and Marketing.target.com that include the word “accounting”

Questions 35

A penetration tester was hired to perform a penetration test for a bank. The tester began searching for IP ranges owned by the bank, performing lookups on the bank's DNS servers, reading news articles online about the bank, watching what times the bank employees come into work and leave from work, searching the bank's job postings (paying special attention to IT related jobs), and visiting the local dumpster for the bank's corporate office. What phase of the penetration test is the tester currently in?

Options:
A.

Information reporting

B.

Vulnerability assessment

C.

Active information gathering

D.

Passive information gathering

Questions 36

Which security control role does encryption meet?

Options:
A.

Preventative

B.

Detective

C.

Offensive

D.

Defensive

Questions 37

John the Ripper is a technical assessment tool used to test the weakness of which of the following?

Options:
A.

Usernames

B.

File permissions

C.

Firewall rulesets

D.

Passwords

Questions 38

What type of OS fingerprinting technique sends specially crafted packets to the remote OS and analyzes the received response?

Options:
A.

Passive

B.

Reflective

C.

Active

D.

Distributive

Questions 39

Which system consists of a publicly available set of databases that contain domain name registration contact information?

Options:
A.

WHOIS

B.

IANA

C.

CAPTCHA

D.

IETF

Questions 40

Least privilege is a security concept that requires that a user is

Options:
A.

limited to those functions required to do the job.

B.

given root or administrative privileges.

C.

trusted to keep all data and access to that data under their sole control.

D.

given privileges equal to everyone else in the department.