[Free] Download New Updated (February 2016) ECCouncil 312-50 Practice Tests 381-390

Ensurepass

QUESTION 381

While testing the company’s web applications, a tester attempts to insert the following test script into the search area on the company’s web site.

 

<script>alert(” Testing Testing Testing “)</script>

 

Afterwards, when the tester presses the search button, a pop-up box appears on the screen with the text: “Testing Testing Testing”. Which vulnerability has been detected in the web application?

 

A.     Buffer overflow

B.     Cross-site request forgery

C.     Distributed denial of service

D.     Cross-site scripting

 

Correct Answer: D

 

 

 

 

 

QUESTION 382

A hacker was able to sniff packets on a company’s wireless network. The following information was discovered.

 

Ÿ   The Key 10110010 01001011

Ÿ   The Cyphertext 01100101 01011010

 

Using the Exclusive OR, what was the original message?

 

A.     00101000 11101110

B.     11010111 00010001

C.     00001101 10100100

D.     11110010 01011011

 

Correct Answer: B

 

 

QUESTION 383

International Organization for Standardization (ISO) standard 27002 provides guidance for compliance by outlining

 

A.     guidelines and practices for security controls

B.     financial soundness and business viability metrics

C.     standard best practice for configuration management

D.     contract agreement writing standards

 

Correct Answer: A

 

 

QUESTION 384

Which solution can be used to emulate computer services, such as mail and ftp, and to capture information related to logins or actions?

 

A.     Firewall

B.     Honeypot

C.     Core server

D.     Layer 4 switch

 

Correct Answer: B

 

 

 

 

 

QUESTION 385

A network administrator received an administrative alert at 3:00 a.m. from the intrusion detection system. The alert was generated because a large number of packets were coming into the network over ports 20 and 21. During analysis, there were no signs of attack on the FTP servers. How should the administrator classify this situation?

 

A.     True negatives

B.     False negatives

C.     True positives

D.     False positives

 

Correct Answer: D

 

 

QUESTION 386

The following is part of a log file taken from the machine on the network with the IP address of 192.168.1.106:

 

Time:Mar 13 17:30:15 Port:20 Source:192.168.1.103 Destination:192.168.1.106 Protocol:TCP

Time:Mar 13 17:30:17 Port:21 Source:192.168.1.103 Destination:192.168.1.106 Protocol:TCP

Time:Mar 13 17:30:19 Port:22 Source:192.168.1.103 Destination:192.168.1.106 Protocol:TCP

Time:Mar 13 17:30:21 Port:23 Source:192.168.1.103 Destination:192.168.1.106 Protocol:TCP

Time:Mar 13 17:30:22 Port:25 Source:192.168.1.103 Destination:192.168.1.106 Protocol:TCP

Time:Mar 13 17:30:23 Port:80 Source:192.168.1.103 Destination:192.168.1.106 Protocol:TCP

Time:Mar 13 17:30:30 Port:443 Source:192.168.1.103 Destination:192.168.1.106 Protocol:TCP

 

What type of activity has been logged?

 

A.     Port scan targeting 192.168.1.103.

B.     Teardrop attack targeting 192.168.1.106.

C.     Denial of service attack targeting 192.168.1.103.

D.     Port scan targeting 192.168.1.106.

 

Correct Answer: D

 

 

QUESTION 387

Which type of in
trusion detection system can monitor and alert on attacks, but cannot stop them?

 

A.     Detective

B.     Passive

C.     Intuitive

D.     Reactive

Correct Answer: B

 

 

QUESTION 388

Which of the following settings enables Nessus to detect when it is sending too many packets and the network pipe is approaching capacity?

 

A.     Netstat WMI Scan

B.     Silent Dependencies

C.     Consider unscanned ports as closed

D.     Reduce parallel connections on congestion

 

Correct Answer: D

 

 

QUESTION 389

Diffie-Hellman (DH) groups determine the strength of the key used in the key exchange process. Which of the following is the correct bit size of the Diffie-Hellman (DH) group 5?

 

A.     768 bit key

B.     1025 bit key

C.     1536 bit key

D.     2048 bit key

 

Correct Answer: C

 

 

QUESTION 390

Which results will be returned with the following Google search query?

 

site:target.com -site:Marketing.target.com accounting

&nbs
p;

A.     Results matching all words in the query

B.     Results matching “accounting” in domain target.com but not on the site

Marketing.target.com

C.     Results from matches on the site marketing.target.com that are in the domain target.com but do not include the word accounting

D.     Results for matches on target.com and Marketing.target.com that include the word

“accounting”

 

Correct Answer: B

 

Free VCE & PDF File for ECCouncil 312-50 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in 312-50 Practice Tests (February 2016) and tagged , , , , , , , . Bookmark the permalink.