Uncategorized

Latest ECCouncil 312-50v8 Real Exam Download 371-380

EnsurepassQUESTION 371 Which Open Web Application Security Project (OWASP) implements a web application full of known vulnerabilities?   A. WebBugs B. WebGoat C. VULN_HTML D. WebScarab   Answer: B      QUESTION 372 A hacker is attempting to use nslookup to query Domain Name Service (DNS). The hacker uses the nslookup interactive mode for the search. Which command should the hacker type into the command shell to request the appropriate records?   Read more [...]
Uncategorized

Latest ECCouncil 312-50v8 Real Exam Download 361-370

EnsurepassQUESTION 361 There is a WEP encrypted wireless access point (AP) with no clients connected. In order to crack the WEP key, a fake authentication needs to be performed. What information is needed when performing fake authentication to an AP? (Choose two.)   A. The IP address of the AP B. The MAC address of the AP C. The SSID of the wireless network D. A failed authentication packet   Answer: B,C      QUESTION 362 What type of OS fingerprinting Read more [...]
Uncategorized

Latest ECCouncil 312-50v8 Real Exam Download 351-360

EnsurepassQUESTION 351 A security administrator notices that the log file of the company`s webserver contains suspicious entries: Based on source code analysis, the analyst concludes that the login.php script is vulnerable to   A. command injection. B. SQL injection. C. directory traversal. D. LDAP injection.   Answer: B      QUESTION 352 Which of the following is a detective control?   A. Smart card authentication B. Security policy C. Read more [...]
Uncategorized

Latest ECCouncil 312-50v8 Real Exam Download 341-350

EnsurepassQUESTION 341 Which of the following problems can be solved by using Wireshark?   A. Tracking version changes of source code B. Checking creation dates on all webpages on a server C. Resetting the administrator password on multiple systems D. Troubleshooting communication resets between two systems   Answer: D      QUESTION 342 Which of the following is an example of an asymmetric encryption implementation?   A. SHA1 B. PGP C. 3DES Read more [...]
Uncategorized

Latest ECCouncil 312-50v8 Real Exam Download 331-340

EnsurepassQUESTION 331 When comparing the testing methodologies of Open Web Application Security Project (OWASP) and Open Source Security Testing Methodology Manual (OSSTMM) the main difference is   A. OWASP is for web applications and OSSTMM does not include web applications. B. OSSTMM is gray box testing and.OWASP is black box testing. C. OWASP addresses controls and.OSSTMM does not. D. OSSTMM addresses controls and.OWASP does not.   Answer: D      QUESTION Read more [...]
Uncategorized

Latest ECCouncil 312-50v8 Real Exam Download 321-330

EnsurepassQUESTION 321 For messages sent through an insecure channel, a properly implemented digital signature gives the receiver reason to believe the message was sent by the claimed sender. While using a digital signature, the message digest is encrypted with which key?   A. Sender's public key B. Receiver's private key C. Receiver's public key D. Sender's private key   Answer: D      QUESTION 322 Which method can provide a better return on IT security Read more [...]
Uncategorized

Latest ECCouncil 312-50v8 Real Exam Download 311-320

EnsurepassQUESTION 311 A computer technician.is using a new version of a word processing software package when.it is.discovered that a special sequence of characters causes the entire computer to crash..The technician.researches the bug and discovers that no one else experienced the problem..What is the appropriate next step?   A. Ignore the problem completely and let someone else deal with it. B. Create a document that will crash the computer when opened and send it to friends. C. Read more [...]
Uncategorized

Latest ECCouncil 312-50v8 Real Exam Download 301-310

EnsurepassQUESTION 301 Employees in a company are no longer able to access Internet web sites on their computers. The network administrator is able to successfully ping IP address of web servers on the Internet and is able to open web sites by using an IP address in place of the URL..The administrator runs the nslookup command for www.eccouncil.org and receives an error message stating there is no response from the server. What should the administrator do next?   A. Configure the firewall Read more [...]
Uncategorized

Latest ECCouncil 312-50v8 Real Exam Download 291-300

EnsurepassQUESTION 291 Which of the following describes a component of Public Key Infrastructure (PKI) where a copy of a private key is stored to provide third-party access and to facilitate recovery operations?   A. Key registry B. Recovery agent C. Directory D. Key escrow   Answer: D      QUESTION 292 Which tool would be used to collect wireless packet data?   A. NetStumbler B. John the Ripper C. Nessus D. Netcat   Answer: A  Read more [...]
Uncategorized

Latest ECCouncil 312-50v8 Real Exam Download 281-290

EnsurepassQUESTION 281 Which tool is used to automate SQL injections and exploit a database by forcing a given web application to connect to another database controlled by a hacker?   A. DataThief B. NetCat C. Cain and Abel D. SQLInjector   Answer: D      QUESTION 282 A security analyst is performing an audit on.the network to determine if there are any deviations from the security policies in place. The analyst.discovers that a user from the IT department Read more [...]
Uncategorized

Latest ECCouncil 312-50v8 Real Exam Download 271-280

EnsurepassQUESTION 271 A company.has made the decision to host their own email and basic web services. The administrator needs to set up the external firewall to limit what protocols should be allowed to get to the public part of the company's network. Which ports should the administrator open? (Choose.three.)   A. Port 22 B. Port 23 C. Port 25 D. Port 53 E. Port 80 F. Port 139 G. Port 445   Answer: C,D,E      QUESTION 272 Which type of scan measures Read more [...]
Uncategorized

Latest ECCouncil 312-50v8 Real Exam Download 261-270

EnsurepassQUESTION 261 A security engineer is attempting to map a companyos internal network. The engineer enters in the following NMAP commanD. NMAP Ƀn ɃsS ɃP0 Ƀp 80 ***.***.**.** What type of scan is this?   A. Quick scan B. Intense scan C. Stealth scan D. Comprehensive scan   Answer: C      QUESTION 262 Which of the following is a hashing algorithm?   A. MD5 B. PGP C. DES D. ROT13   Answer: A      QUESTION Read more [...]
Uncategorized

Latest ECCouncil 312-50v8 Real Exam Download 251-260

EnsurepassQUESTION 251 Simon is security analyst writing signatures for a Snort node he placed internally that captures all mirrored traffic from his border firewall. From the following signature, what will Snort look for in the payload of the suspected packets? alert tcp $EXTERNAL_NET any -> $HOME_NET 27374 (msG. "BACKDOOR SIG - SubSseven 22";flags: A+; content: "|0d0a5b52504c5d3030320d0a|"; reference:arachnids, 485;) alert   A. The payload of 485 is what this Read more [...]
Uncategorized

Latest ECCouncil 312-50v8 Real Exam Download 241-250

EnsurepassQUESTION 241 A majority of attacks come from insiders, people who have direct access to a company's computer system as part of their job function or a business relationship. Who is considered an insider?   A. A competitor to the company because they can directly benefit from the publicity generated by making such an attack B. Disgruntled employee,customers,suppliers,vendors,business partners,contractors,temps,and consultants C. The CEO of the company because he has access Read more [...]