EC-Council 312-50v9 Study Guides 2021

NEW QUESTION 1
During a recent security assessment, you discover the organization has one Domain Name Server (DNS) in a Demilitarized Zone (DMZ) and a second DNS server on the internal Network.
What is this type of DNS configuration commonly called?

• A. DNS Scheme
• B. DynDNS
• C. Split DNS
• D. DNSSEC

Answer: C

NEW QUESTION 2
Which mode of IPSec should you use to assure security and confidentiality of data within the same LAN?

• A. ESP confidential
• B. AH Tunnel mode
• C. ESP transport mode
• D. AH permiscuous

Answer: C

NEW QUESTION 3
PGP, SSL, and IKE are all examples of which type of cryptography?

• A. Hash Algorithm
• B. Secret Key
• C. Public Key
• D. Digest

Answer: C

NEW QUESTION 4
You have several plain-text firewall logs that you must review to evaluate network traffic. You know that in order to do this fast and efficiently you must user regular expressions.
Which command-line utility are you most likely to use?

• A. Notepad
• B. MS Excel
• C. Grep
• D. Relational Database

Answer: C

NEW QUESTION 5
In 2007, this wireless security algorithm was rendered useless by capturing packets and discovering the passkey in a matter of seconds. This security flaw led to a network invasion of TJ Maxx and data theft through a technique known wardriving.
Which algorithm is this referring to?

• A. Wired Equivalent Privacy (WEP)
• B. Temporal Key Integrity Protocol (TRIP)
• C. Wi-Fi Protected Access (WPA)
• D. Wi-Fi Protected Access 2(WPA2)

Answer: A

NEW QUESTION 6
An Internet Service Provider (ISP) has a need to authenticate users connecting using analog modems, digital Subscriber Line (DSL), wireless data services, and virtual Private Networks (VPN) over a Frame Relay network.
Which AAA protocol is most likely able to handle this requirement?

• A. DIAMETER
• B. Kerberos
• C. RADIUS
• D. TACACS+

Answer: D

NEW QUESTION 7
The heartland bug was discovered in 2014 and is widely referred to under MITRE’s Common Vulnerabilities and Exposures (CVE) as CVE-2004-1060. Thisbug affects the OpenSSL implementation of the transport Layer security (TLS) protocols defined in RFC6520.
What types of key does this bug leave exposed to the Internet making exploitation of any compromised system very easy?

• A. Root
• B. Private
• C. Shared
• D. Public

Answer: A

NEW QUESTION 8
The “white box testing” methodology enforces what kind of restriction?

• A. The internal operation of a system is completely known to the tester.
• B. Only the internal operation of a system is known to the tester.
• C. Only the external operation of a system is accessible to the tester.
• D. The internal operation of a system is only partly accessible to the tester.

Answer: A

NEW QUESTION 9
Which of the following is the structure designed to verify and authenticate the identity of individuals within the enterprise taking part in a data exchange?

• A. PKI
• B. biometrics
• C. SOA
• D. single sign on

Answer: A

NEW QUESTION 10
It is a kind of malware (malicious software) that criminals install on your computer so they can lock it from a remote location. This malware generates a pop-up windows, webpage,or email warning from what looks like an officialauthority. It explains your computer has been locked because of possible illegal activities and demands payment before you can access your files and programs again.
Which term best matches this definition?

• A. Spyware
• B. Adware
• C. Ransomware
• D. Riskware

Answer: C

NEW QUESTION 11
Using Windows CMD, how would an attacker list all the shares to which the current user context hasaccess?

• A. NET CONFIG
• B. NET USE
• C. NET FILE
• D. NET VIEW

Answer: D

NEW QUESTION 12
To determine if a software program properly handles a wide range of invalid input, a form of automated testing can be used randomly generate invalid input in an attempt to crash the program.
What term is commonly used when referring to this type of testing?

• A. Bounding
• B. Mutating
• C. Puzzing
• D. Randomizing

Answer: C

NEW QUESTION 13
Session splicing is an IDS evasiontechnique in which an attacker delivers data in multiple, smallsized packets to the target computer, making it very difficult for an IDS to detect the attack signatures.
Which tool can used to perform session splicing attacks?

• A. Hydra
• B. Burp
• C. Whisker
• D. Tcpsplice

Answer: C

NEW QUESTION 14
Which of the following is considered the best way to prevent Personally Identifiable Information (PII) from web application vulnerabilities?

• A. Use encrypted communications protocols to transmit PII
• B. Use full disk encryption on all hard drives to protect PII
• C. Use cryptographic storage to store all PII
• D. Use a security token to log onto into all Web application that use PII

Answer: A

NEW QUESTION 15
When you are getting informationabout a web server, it is very important to know the HTTP Methods (GET, POST, HEAD, PUT, DELETE, TRACE) that are available because there are two critical methods (PUT and DELETE). PUT can upload a file to the server and DELETE can delete a file from the server. You can detect all these methods (GET, POST, HEAD, PUT, DELETE, TRACE) using NMAP script engine.
What nmap script will help you with this task?

• A. http enum
• B. http-git
• C. http-headers
• D. http-methods

Answer: B

NEW QUESTION 16
Which of the following tools can be used for passiveOS fingerprinting?

• A. tcpdump
• B. ping
• C. nmap
• D. Tracert

Answer: C

NEW QUESTION 17
Under the “Post-attach Phase and Activities,” it is the responsibility of the tester to restore the system to a pre-test state.
Which of the following activities should not be included in this phase? I.Removing all files uploaded on the system
II.Cleaning all registry entries III.Mapping of network state
IV.Removing all tools and maintaining backdoor for reporting

• A. III
• B. IV
• C. III and IV
• D. All should be included.

Answer: A

NEW QUESTION 18
Which of the following is an extremelycommon IDS evasion technique in the web world?

• A. post knocking
• B. subnetting
• C. unicode characters
• D. spyware

Answer: C