[Free] Download New Updated (February 2016) ECCouncil 312-50 Practice Tests 501-510

Ensurepass

QUESTION 501

The use of alert thresholding in an IDS can reduce the volume of repeated alerts, but introduces which of the following vulnerabilities?

 

A.     An attacker, working slowly enough, can evade detection by the IDS.

B.     Network packets are dropped if the volume exceeds the threshold.

C.     Thresholding interferes with the IDS’ ability to reassemble fragmented packets.

D.     The IDS will not distinguish among packets originating from different sources.

 

Correct Answer: A

 

 

QUESTION 502

Which of the following is considered an acceptable option when managing a risk?

 

A.     Reject the risk.

B.     Deny the risk.

C.     Mitigate the risk.

D.     Initiate the risk.

 

Correct Answer: C

 

 

QUESTION 503

A person approaches a network administrator and wants advice on how to send encrypted email from home. The end user does not want to have to pay for any license fees or manage server services. Which of the following is the most secure encryption protocol that the network administrator should recommend?

 

A.     IP Security (IPSEC)

B.     Multipurpose Internet Mail Extensions (MIME)

C.     Pretty Good Privacy (PGP)

D.     Hyper Text Transfer Protocol with Secure Socket Layer (HTTPS)

 

Correct Answer: C

 

 

 

QUESTION 504

__________ is found in all versions of NTFS and is described as the ability to fork file data into existing files without affecting their functionality, size, or display to traditional file browsing utilities like dir or Windows Explorer

 

A.     Alternate Data Streams

B.     Merge Streams

C.     Steganography

D.     NetBIOS vulnerability

 

Correct Answer: A

 

 

QUESTION 505

A company is legally liable for the content of email that is sent from its systems, regardless of whether the message was sent for private or business-related purposes. This could lead to prosecution for the sender and for the company’s directors if, for example, outgoing email was found to contain material that was pornographic, racist, or likely to incite someone to commit an act of terrorism. You can always defend yourself by “ignorance of the law” clause.

 

A.     true

B.     false

 

Correct Answer: B

 

 

QUESTION 506

Paul has just finished setting up his wireless network. He has enabled numerous security features such as changing the default SSID, enabling WPA encryption, and enabling MAC filtering on his wireless router. Paul notices that when he uses his wireless connection, the speed is sometimes

54 Mbps and sometimes it is only 24Mbps or less. Paul connects to his wireless router’s management utility and notices that a machine with an unfamiliar name is connected through his wireless connection. Paul checks the router’s logs and notices that the unfamiliar machine has the same MAC address as his laptop. What is Paul seeing here?

 

A.     MAC spoofing

B.     Macof

C.     ARP spoofing

D.     DNS spoofing

 

Correct Answer: A

 

 

 

QUESTION 507

What two things will ha
ppen if a router receives an ICMP packet, which has a TTL value of 1, and the destination host is several hops away? (Select 2 answers)

 

A.     The router will discard the packet.

B.     The router will decrement the TTL value and forward the packet to the next router on the path to the destination host.

C.     The router will send a time exceeded message to the source host.

D.     The router will increment the TTL value and forward the packet to the next router on the path to the destination host.

E.      The router will send an ICMP Redirect Message to the source host.

 

Correct Answer: AC

 

 

QUESTION 508

Which of the following LM hashes represents a password of less than 8 characters?

 

A.     0182BD0BD4444BF836077A718CCDF409

B.    
44EFCE164AB921CQAAD3B435B51404EE

C.     BA810DBA98995F1817306D272A9441BB

D.     CEC52EB9C8E3455DC2265B23734E0DAC

E.      B757BF5C0D87772FAAD3B435B51404EE

F.      E52CAC67419A9A224A3B108F3FA6CB6D

 

Correct Answer: CE

 

 

QUESTION 509

Harold is the senior security analyst for a small state agency in New York. He has no other security professionals that work under him, so he has to do all the security-related tasks for the agency. Coming from a computer hardware background, Harold does not have a lot of experience with security methodologies and technologies, but he was the only one who applied for the position. Harold is currently trying to run a Sniffer on the agency’s network to get an idea of what kind of traffic is being passed around, but the program he is using does not seem to be capturing anything. He pours through the Sniffer’s manual, but cannot find anything that directly relates to his problem. Harold decides to ask the network administrator if he has any thoughts on the problem. Harold is told that the Sniffer was not working because the agency’s network is a switched network, which cannot be sniffed by some programs without some tweaking. What technique could Harold use to sniff his agency’s switched network?

 

A.     ARP spoof the default gateway

B.     Conduct MITM against the switch

C.     Launch smurf attack against the switch

D.     Flood the switch with ICMP packets

 

Correct Answer: A

 

 

QUESTION 510

While investigating a claim of a user downloading illegal material, the investigator goes through the files on the suspect’s workstation. He comes across a file that is just called “file.txt” but when he opens it, he finds the following:

 

clip_image002

 

What can he infer from this file?

 

A.     A picture that has been renamed with a .txt extension.

B.     An encrypted file.

C.     An encoded file.

D.     A buffer overflow.

 

Correct Answer: D

 

Free VCE & PDF File for ECCouncil 312-50 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in 312-50 Practice Tests (February 2016) and tagged , , , , . Bookmark the permalink.