[Free] Download New Updated (February 2016) ECCouncil 312-50 Practice Tests 471-480

Ensurepass

QUESTION 471

A hacker searches in Google for filetype:pcf to find Cisco VPN config files. Those files may contain connectivity passwords that can be decoded with which of the following?

 

A.     Cupp

B.     Nessus

C.     Cain and Abel

D.     John The Ripper Pro

 

Correct Answer: C

 

 

QUESTION 472

Which technical characteristic do Ethereal/Wireshark, TCPDump, and Snort have in common?

 

A.     They are written in Java.

B.     They send alerts to security monitors.

C.     They use the same packet analysis engine.

D.     They use the same packet capture utility.

 

Correct Answer: D

 

 

QUESTION 473

A pentester gains access to a Windows application server and needs to determine the settings of the built-in Windows firewall. Which command would be used?

 

A.     Netsh firewall show config

B.     WMIC firewall show config

C.     Net firewall show config

D.     Ipconfig firewall show config

 

Correct Answer: A

QUESTION 474

The following is a sample of output from a penetration tester’s machine targeting a machine with the IP address of 192.168.1.106:

 

clip_image002

 

What is most likely taking place?

 

A.     Ping sweep of the 192.168.1.106 network.

B.     Remote service brute force attempt.

C.     Port scan of 192.168.1.106.

D.     Denial of service attack on 192.168.1.106.

 

Correct Answer: B

 

 

QUESTION 475

A tester is attempting to capture and analyze the traffic on a given network and realizes that the network has several switches. What could be used to successfully sniff the traffic on this switched network? (Choose three.)

 

A.     ARP spoofing

B.     MAC duplication

C.     MAC flooding

D.     SYN flood

E.      Reverse smurf attack

F.      ARP broadcasting

 

Correct Answer: ABC

 

 

QUESTION 476

A newly discovered flaw in a software application would be considered which kind of security vulnerability?

 

A.     Input validation flaw

B.     HTTP header injection vulnerability

C.     0-day vulnerability

< span style="mso-list: ignore">D.     Time-to-check to time-to-use flaw

 

Correct Answer: C

 

 

QUESTION 477

What are the three types of authentication?

 

A.     Something you: know, remember, prove.

B.     Something you: have, know, are.

C.     Something you: show, prove, are.

D.     Something you: show, have, prove.

 

Correct Answer: B

 

 

QUESTION 478

What are the three types of compliance that the Open Source Security Testing Methodology Manual (OSSTMM) recognizes?

 

A.     Legal, performance, audit.

B.     Audit, standards based, regulatory.

C.     Contractual, regulatory, industry.

D.     Legislative, contractual, standards based.

 

Correct Answer: D

 

 

QUESTION 479

While checking the settings on the internet browser, a technician finds that the proxy server settings have been checked and a computer is trying to use itself as a proxy server. What specific octet within the subnet does the technician see?

 

A.     10.10.10.10

B.     127.0.0.1

C.     192.168.1.1

D.     192.168.168.168

 

Correct Answer: B

 

 

QUESTION 480

Which of the following business challenges could be solved by using a vulnerability scanner?

 

A.     Auditors want to discover if all systems are following a standard naming convention.

B.     A web server was compromised and management needs to know if any further systems were compromised.

C.     There is an emergency need to remove administrator access from multiple machines for an employee that quit.

D.     There is a monthly requirement to test corporate compliance with host application usage and security policies.

 

Correct Answer: D

 

Free VCE & PDF File for ECCouncil 312-50 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in 312-50 Practice Tests (February 2016) and tagged , , , , , , , . Bookmark the permalink.