[Free] Download New Updated (February 2016) ECCouncil 312-50 Practice Tests 251-260

Ensurepass

QUESTION 251

Simon is security analyst writing signatures for a Snort node he placed internally that captures all mirrored traffic from his border firewall. From the following signature, what will Snort look for in the payload of the suspected packets?

 

alert tcp $EXTERNAL_NET any -> $HOME_NET 27374 (msg. “BACKDOOR SIG – SubSseven 22”;

flags: A+; content: “|0d0a5b52504c5d3030320d0a|”; reference:arachnids, 485;) alert

 

A.     The payload of 485 is what this Snort signature will look for.

B.     Snort will look for 0d0a5b52504c5d3030320d0a in the payload.

C.     Packets that contain the payload of BACKDOOR SIG – SubSseven 22 will be flagged.

D.     From this snort signature, packets with HOME_NET 27374 in the payload will be flagged.

 

Correct Answer: B

 

 

QUESTION 252

You are trying to package a RAT Trojan so that Anti-Virus software will not detect it. Which of the listed technique will NOT be effective in evading Anti-Virus scanner?

 

A.     Convert the Trojan.exe file extension to Trojan.txt disguising as text file.

B.     Break the Trojan into multiple smaller files and zip the individual pieces.

C.     Change the content of the Trojan using hex editor and modify the checksum.

D.     Encrypt the Trojan using multiple hashing algorithms like MD5 and SHA-1.

 

Correct Answer: A

 

 

QUESTION 253

What will the following command produce on a website’s login page if executed successfully?

 

SELECT email, passwd, login_id, full_name FROM members WHERE email =

‘someone@somewhere.com’; DROP TABLE members; –‘

 

A.     This code will insert the someone@somewhere.com email address into the members table.

B.     This command will delete the entire members table.

C.     It retrieves the password for the first user in the members table.

D.     This command will not produce anything since the syntax is incorrect.

 

Correct Answer: B

 

 

QUESTION 254

Oregon Corp is fighting a litigation suit with Scamster Inc. Oregon has assigned a private investigative agency to go through garbage, recycled paper, and other rubbish at Scamster’s office site in order to find relevant information. What would you call this kind of activity?

 

A.     CI Gathering

B.     Scanning

C.     Dumpster Diving

D.     Garbage Scooping

 

Correct Answer: C

 

 

QUESTION 255

What type of port scan is represented here?

&n
bsp;

clip_image002

 

A.     Stealth Scan

B.     Full Scan

C.     XMAS Scan

D.     FIN Scan

 

Correct Answer: A

 

 

QUESTION 256

One way to defeat a multi-level security solution is to leak data via

 

A.     a bypass regulator

B.     steganography

C.     a covert channel

D.     asymmetric routing

 

Correct Answer: C

 

 

QUESTION 257

On a Linux device, which of the following commands will start the Nessus client in the background so that the Nessus server can be configured?

 

A.     nessus +

B.     nessus *s

C.     nessus &

D.     nessus -d

 

Correct Answer: C

 

 

QUESTION 258

Least privilege is a security concept that requires that a user is

 

A.     limited to those functions required to do the job

B.     given root or administrative privileges

C.     trusted to keep all data and access to that data under their sole control

D.     given privileges equal to everyone else in the department

 

Correct Answer: A

 

 

QUESTION 259

A covert channel is a channel that

 

A.     transfers information over, within a computer system, or network that is outside of the security policy

B.     transfers information over, within a computer system, or network that is within the security policy

C.     transfers information via a communication path within a computer system, or network for transfer of data

D.     transfers information over, within a computer system, or network that is encrypted

 

Correct Answer: A

 

 

QUESTION 260

SOAP services use which technology to format information?

 

A.     SATA

B.     PCI

C.     XML

D.     ISDN

 

Correct Answer: C

 

Free VCE & PDF File for ECCouncil 312-50 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in 312-50 Practice Tests (February 2016) and tagged , , , , . Bookmark the permalink.