312-50v10 | Avant-garde 312-50v10 Cram 2019

It is impossible to pass EC-Council 312-50v10 exam without any help in the short term. Come to Ucertify soon and find the most advanced, correct and guaranteed EC-Council 312-50v10 practice questions. You will get a surprising result by our Improved Certified Ethical Hacker v10 practice guides.

NEW QUESTION 1

What ports should be blocked on the firewall to prevent NetBIOS traffic from not coming through the firewall if your network is comprised of Windows NT, 2000, and XP?

  • A. 110
  • B. 135
  • C. 139
  • D. 161
  • E. 445
  • F. 1024

Answer: BCE

NEW QUESTION 2

While you were gathering information as part of security assessments for one of your clients, you were able to gather data that show your client is involved with fraudulent activities. What should you do?

  • A. Immediately stop work and contact the proper legal authorities
  • B. Ignore the data and continue the assessment until completed as agreed
  • C. Confront the client in a respectful manner and ask her about the data
  • D. Copy the data to removable media and keep it in case you need it

Answer: A

NEW QUESTION 3

A hacker is attempting to see which ports have been left open on a network. Which NMAP switch would the hacker use?

  • A. -sO
  • B. -sP
  • C. -sS
  • D. -sU

Answer: A

NEW QUESTION 4

Which of the following is an NMAP script that could help detect HTTP Methods such as GET, POST, HEAD, PUT, DELETE, TRACE?

  • A. http-git
  • B. http-headers
  • C. http enum
  • D. http-methods

Answer: D

NEW QUESTION 5

In order to have an anonymous Internet surf, which of the following is best choice?

  • A. Use SSL sites when entering personal information
  • B. Use Tor network with multi-node
  • C. Use shared WiFi
  • D. Use public VPN

Answer: B

NEW QUESTION 6

Which set of access control solutions implements two-factor authentication?

  • A. USB token and PIN
  • B. Fingerprint scanner and retina scanner
  • C. Password and PIN
  • D. Account and password

Answer: A

NEW QUESTION 7

Which of the following cryptography attack methods is usually performed without the use of a computer?

  • A. Ciphertext-only attack
  • B. Chosen key attack
  • C. Rubber hose attack
  • D. Rainbow table attack

Answer: C

NEW QUESTION 8

While doing a technical assessment to determine network vulnerabilities, you used the TCP XMAS scan. What would be the response of all open ports?

  • A. The port will send an ACK
  • B. The port will send a SYN
  • C. The port will ignore the packets
  • D. The port will send an RST

Answer: C

NEW QUESTION 9

You are the Systems Administrator for a large corporate organization. You need to monitor all network traffic on your local network for suspicious activities and receive notifications when an attack is occurring. Which tool would allow you to accomplish this goal?

  • A. Network-based IDS
  • B. Firewall
  • C. Proxy
  • D. Host-based IDS

Answer: A

Explanation:
A network-based intrusion detection system (NIDS) is used to monitor and analyze network traffic to protect a system from network-based threats.
A NIDS reads all inbound packets and searches for any suspicious patterns. When threats are discovered, based on its severity, the system can take action such as notifying administrators, or barring the source IP address from accessing the network.
References: https://www.techopedia.com/definition/12941/network-based-intrusion-detection-system-nids

NEW QUESTION 10

Which method can provide a better return on IT security investment and provide a thorough and comprehensive assessment of organizational security covering policy, procedure design, and implementation?

  • A. Penetration testing
  • B. Social engineering
  • C. Vulnerability scanning
  • D. Access control list reviews

Answer: A

NEW QUESTION 11

When analyzing the IDS logs, the system administrator noticed an alert was logged when the external router was accessed from the administrator's computer to update the router configuration. What type of an alert is this?

  • A. False positive
  • B. False negative
  • C. True positve
  • D. True negative

Answer: A

NEW QUESTION 12

The configuration allows a wired or wireless network interface controller to pass all traffic it receives to the central processing unit (CPU), rather than passing only the frames that the controller is intended to receive.
Which of the following is being described?

  • A. promiscuous mode
  • B. port forwarding
  • C. multi-cast mode
  • D. WEM

Answer: A

Explanation:
Promiscuous mode refers to the special mode of Ethernet hardware, in particular network interface cards (NICs), that allows a NIC to receive all traffic on the network, even if it is not addressed to this NIC. By default, a NIC ignores all traffic that is not addressed to it, which is done by comparing the destination address of the Ethernet packet with the hardware address (a.k.a. MAC) of the device. While this makes perfect sense for networking, non-promiscuous mode makes it difficult to use network monitoring and analysis software for diagnosing connectivity issues or traffic accounting.
References: https://www.tamos.com/htmlhelp/monitoring/

NEW QUESTION 13

Which of the following is a detective control?

  • A. Smart card authentication
  • B. Security policy
  • C. Audit trail
  • D. Continuity of operations plan

Answer: C

NEW QUESTION 14

Code injection is a form of attack in which a malicious user:

  • A. Inserts text into a data field that gets interpreted as code
  • B. Gets the server to execute arbitrary code using a buffer overflow
  • C. Inserts additional code into the JavaScript running in the browser
  • D. Gains access to the codebase on the server and inserts new code

Answer: A

NEW QUESTION 15

In order to show improvement of security over time, what must be developed?

  • A. Reports
  • B. Testing tools
  • C. Metrics
  • D. Taxonomy of vulnerabilities

Answer: C

Explanation:
Today, management demands metrics to get a clearer view of security.
Metrics that measure participation, effectiveness, and window of exposure, however, offer information the organization can use to make plans and improve programs.
References:
http://www.infoworld.com/article/2974642/security/4-security-metrics-that-matter.html

NEW QUESTION 16

Which of the following is the best countermeasure to encrypting ransomwares?

  • A. Use multiple antivirus softwares
  • B. Keep some generation of off-line backup
  • C. Analyze the ransomware to get decryption key of encrypted data
  • D. Pay a ransom

Answer: B

NEW QUESTION 17

Switches maintain a CAM Table that maps individual MAC addresses on the network to physical ports on the switch.
312-50v10 dumps exhibit
In MAC flooding attack, a switch is fed with many Ethernet frames, each containing different source MAC addresses, by the attacker. Switches have a limited memory for mapping various MAC addresses to physical ports. What happens when the CAM table becomes full?

  • A. Switch then acts as hub by broadcasting packets to all machines on the network
  • B. The CAM overflow table will cause the switch to crash causing Denial of Service
  • C. The switch replaces outgoing frame switch factory default MAC address of FF:FF:FF:FF:FF:FF
  • D. Every packet is dropped and the switch sends out SNMP alerts to the IDS port

Answer: A

NEW QUESTION 18

Which of the following is a component of a risk assessment?

  • A. Administrative safeguards
  • B. Physical security
  • C. DMZ
  • D. Logical interface

Answer: A

Explanation:
Risk assessment include:
References: https://en.wikipedia.org/wiki/IT_risk_management#Risk_assessment

NEW QUESTION 19

Which of the following tools are used for enumeration? (Choose three.)

  • A. SolarWinds
  • B. USER2SID
  • C. Cheops
  • D. SID2USER
  • E. DumpSec

Answer: BDE

NEW QUESTION 20

What is the way to decide how a packet will move from an untrusted outside host to a protected inside that is behind a firewall, which permits the hacker to determine which ports are open and if the packets can pass through the packet-filtering of the firewall?

  • A. Firewalking
  • B. Session hijacking
  • C. Network sniffing
  • D. Man-in-the-middle attack

Answer: A

NEW QUESTION 21

An ethical hacker for a large security research firm performs penetration tests, vulnerability tests, and risk assessments. A friend recently started a company and asks the hacker to perform a penetration test and vulnerability assessment of the new company as a favor. What should the hacker's next step be before starting work on this job?

  • A. Start by foot printing the network and mapping out a plan of attack.
  • B. Ask the employer for authorization to perform the work outside the company.
  • C. Begin the reconnaissance phase with passive information gathering and then move into active information gathering.
  • D. Use social engineering techniques on the friend's employees to help identify areas that may be susceptible to attack.

Answer: B

NEW QUESTION 22

A specific site received 91 ICMP_ECHO packets within 90 minutes from 47 different sites.
77 of the ICMP_ECHO packets had an ICMP ID:39612 and Seq:57072. 13 of the ICMP_ECHO packets had an ICMP ID:0 and Seq:0. What can you infer from this information?

  • A. The packets were sent by a worm spoofing the IP addresses of 47 infected sites
  • B. ICMP ID and Seq numbers were most likely set by a tool and not by the operating system
  • C. All 77 packets came from the same LAN segment and hence had the same ICMP ID and Seq number
  • D. 13 packets were from an external network and probably behind a NAT, as they had an ICMP ID 0 and Seq 0

Answer: B

NEW QUESTION 23

If executives are found liable for not properly protecting their company's assets and information systems, what type of law would apply in this situation?

  • A. Civil
  • B. International
  • C. Criminal
  • D. Common

Answer: A

NEW QUESTION 24

When creating a security program, which approach would be used if senior management is supporting and enforcing the security policy?

  • A. A bottom-up approach
  • B. A top-down approach
  • C. A senior creation approach
  • D. An IT assurance approach

Answer: B

NEW QUESTION 25

As a securing consultant, what are some of the things you would recommend to a company to ensure DNS security?

  • A. Use the same machines for DNS and other applications
  • B. Harden DNS servers
  • C. Use split-horizon operation for DNS servers
  • D. Restrict Zone transfers
  • E. Have subnet diversity between DNS servers

Answer: BCDE

NEW QUESTION 26
......

100% Valid and Newest Version 312-50v10 Questions & Answers shared by prep-labs.com, Get Full Dumps HERE: https://www.prep-labs.com/dumps/312-50v10/ (New 736 Q&As)