[Free] Download New Updated (February 2016) ECCouncil 312-50 Practice Tests 351-360

Ensurepass

QUESTION 351

Which of the following is a detective control?

 

A.     Smart card authentication

B.     Security policy

C.     Audit trail

D.     Continuity of operations plan

 

Correct Answer: C

 

 

QUESTION 352

A penetration tester is attempting to scan an internal corporate network from the internet without alerting the border sensor. Which is the most efficient technique should the tester consider using?

 

A.     Spoofing an IP address

B.     Tunneling scan over SSH

C.     Tunneling over high port numbers

D.     Scanning using fragmented IP packets

 

Correct Answer: B

 

 

QUESTION 353

A circuit level gateway works at which of the following layers of the OSI Model?

 

A.     Layer 5 – Application

B.     Layer 4 – TCP

C.     Layer 3 – Internet protocol

D.     Layer 2 – Data link

 

Correct Answer: B

 

 

QUESTION 354

Which of the followin
g lists are valid data-gathering activities associated with a risk assessment?

 

A.     Threat identification, vulnerability identification, control analysis.

B.     Threat identification, response identification, mitigation identification.

C.     Attack profile, defense profile, loss profile.

D.     System profile, vulnerability identification, security determination.

 

Correct Answer: A

 

 

QUESTION 355

A network security administrator is worried about potential man-in-the-middle attacks when users access a corporate web site from their workstations. Which of the following is the best remediation against this type of attack?

 

A.     Implementing server-side PKI certificates for all connections.

B.     Mandating only client-side PKI certificates for all connections.

C. 
   
Requiring client and server PKI certificates for all connections.

D.     Requiring strong authentication for all DNS queries.

 

 

Correct Answer: C

 

 

 

QUESTION 356

Which command line switch would be used in NMAP to perform operating system detection?

 

A.     -OS

B.     -sO

C.     -sP

D.     -O

 

Correct Answer: D

 

 

QUESTION 357

Bluetooth uses which digital modulation technique to exchange information between paired devices?

 

A.     PSK (phase-shift keying)

B.     FSK (frequency-shift keying)

C.     ASK (amplitude-shift keying)

D.     QAM (quadrature amplitude modulation)

 

Correct Answer: A

 

 

QUESTION 358

A security consultant decides to use multiple layers of anti-virus defense, such as end user desktop anti-virus and E-mail gateway. This approach can be used to mitigate which kind of attack?

 

A.     Forensic attack

B.     ARP spoofing attack

C.     Social engineering attack

D.     Scanning attack

 

Correct Answer: C

 

 

QUESTION 359

A security policy will be more accepted by employees if it is consistent and has the support of

 

A.     coworkers

B.     executive management

C.     the security officer

D.     a supervisor

 

Correct Answer: B

 

 

QUESTION 360

There is a WEP encrypted wireless access point (AP) with no clients connected. In order to crack the WEP key, a fake authentication needs to be performed. What information is needed when performing fake au
thentication to an AP? (Choose two.)

 

A.     The IP address of the AP.

B.     The MAC address of the AP.

C.     The SSID of the wireless network.

D.     A failed authentication packet.

 

Correct Answer: BC

 

Free VCE & PDF File for ECCouncil 312-50 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in 312-50 Practice Tests (February 2016) and tagged , , , , . Bookmark the permalink.