Our Eccouncil 312-50v10 dumps are key to get success. More than 80000+ success stories.
Clients Passed Eccouncil 312-50v10 Exam Today
Passing score in Real Eccouncil 312-50v10 Exam
Questions were from our given 312-50v10 dumps
Why containers are less secure that virtual machines?
A. Host OS on containers has a larger surface attack.
B. Containers may full fill disk space of the host.
C. A compromise container may cause a CPU starvation of the host.
D. Containers are attached to the same virtual network.
An unauthorized individual enters a building following an employee through the employeeentrance after the lunch rush. What type of breach has the individual just performed?
A. Reverse Social Engineering
If you want only to scan fewer ports than the default scan using Nmap tool, which optionwould you use?
Which of the following is an adaptive SQL Injection testing technique used to discovercoding errors by inputting massive amounts of random data and observing the changes inthe output?
A. Function Testing
B. Dynamic Testing
C. Static Testing
D. Fuzzing Testing
Which of the following DoS tools is used to attack target web applications by starvation ofavailable sessions on the web server?The tool keeps sessions at halt using never-ending POST transmissions and sending anarbitrarily large content-length header value.
A. My Doom
You need a tool that can do network intrusion prevention and intrusion detection, functionas a network sniffer, and record network activity, what tool would you most likely select?
B. Cain & Abel
Which of the following antennas is commonly used in communications for a frequency band of 10 MHz to VHF and UHF?
A. Omnidirectional antenna
B. Dipole antenna
C. Yagi antenna
D. Parabolic grid antenna
What is the purpose of a demilitarized zone on a network?
A. To scan all traffic coming through the DMZ to the internal network
B. To only provide direct access to the nodes within the DMZ and protect the network behind it
C. To provide a place to put the honeypot
D. To contain the network devices you wish to protect
In the field of cryptanalysis, what is meant by a “rubber-hose" attack?
A. Attempting to decrypt cipher text by making logical assumptions about the contents of the original plain text.
B. Extraction of cryptographic secrets through coercion or torture.
C. Forcing the targeted key stream through a hardware-accelerated device such as an ASIC.
D. A backdoor placed into a cryptographic algorithm by its creator.
Which is the first step followed by Vulnerability Scanners for scanning a network?
A. TCP/UDP Port scanning
B. Firewall detection
C. OS Detection
D. Checking if the remote host is alive
Insecure direct object reference is a type of vulnerability where the application does notverify if the user is authorized to access the internal object via its name or key.Suppose a malicious user Rob tries to get access to the account of a benign user Ned.Which of the following requests best illustrates an attempt to exploit an insecure directobject reference vulnerability?
A. “GET/restricted/goldtransfer?to=Rob&from=1 or 1=1’ HTTP/1.1Host: westbank.com”
B. “GET/restricted/accounts/?name=Ned HTTP/1.1 Host: westbank.com”
C. “GET/restricted/bank.getaccount(‘Ned’) HTTP/1.1 Host: westbank.com”
D. “GET/restricted/\r\n\%00account%00Ned%00access HTTP/1.1 Host: westbank.com”
Bob, your senior colleague, has sent you a mail regarding a deal with one of the clients.You are requested to accept the offer and you oblige. After 2 days. Bob denies that he hadever sent a mail. What do you want to ""know"" to prove yourself that it was Bob who hadsend a mail?
Which Nmap option would you use if you were not concerned about being detected andwanted to perform a very fast scan?
Sam is working as s pen-tester in an organization in Houston. He performs penetrationtesting on IDS in order to find the different ways an attacker uses to evade the IDS. Samsends a large amount of packets to the target IDS that generates alerts, which enable Samto hide the real traffic. What type of method is Sam using to evade IDS?
B. False Positive Generation
C. Insertion Attack
Company XYZ has asked you to assess the security of their perimeter email gateway.From your office in New York, you craft a specially formatted email message and send itacross the Internet to an employee of Company XYZ. The employee of Company XYZ isaware of your test.Your email message looks like this:From: email@example.comTo: firstname.lastname@example.orgSubject: Test messageDate: 4/3/2017 14:37The employee of Company XYZ receives your email message. This proves that CompanyXYZ's email gateway doesn't prevent what?
A. Email Phishing
B. Email Masquerading
C. Email Spoofing
D. Email Harvesting
In which of the following password protection technique, random strings of characters are added to the password before calculating their hashes?
A. Keyed Hashing
B. Key Stretching
D. Double Hashing
You are looking for SQL injection vulnerability by sending a special character to webapplications. Which of the following is the most useful for quick validation?
A. Double quotation
D. Single quotation
The network team has well-established procedures to follow for creating new rules on the firewall. This includes having approval from a manager prior to implementing any new rules. While reviewing the firewall configuration, you notice a recently implemented rule but cannot locate manager approval for it. What would be a good step to have in the procedures for a situation like this?
A. Have the network team document the reason why the rule was implemented withoutprior manager approval.
B. Monitor all traffic using the firewall rule until a manager can approve it.
C. Do not roll back the firewall rule as the business may be relying upon it, but try to getmanager approval as soon as possible.
D. Immediately roll back the firewall rule until a manager can approve it
Which of the following program infects the system boot sector and the executable files atthe same time?
A. Stealth virus
B. Polymorphic virus
C. Macro virus
D. Multipartite Virus
Trinity needs to scan all hosts on a /16 network for TCP port 445 only. What is the fastestway she can accomplish this with Nmap? Stealth is not a concern.
A. nmap -sn -sF 10.1.0.0/16 445
B. nmap -p 445 -n -T4 –open 10.1.0.0/16
C. nmap -s 445 -sU -T5 10.1.0.0/16
D. nmap -p 445 –max -Pn 10.1.0.0/16
You need to deploy a new web-based software package for your organization. The package requires three separate servers and needs to be available on the Internet. What is the recommended architecture in terms of server placement?
A. All three servers need to be placed internally
B. A web server facing the Internet, an application server on the internal network, a database server on the internal network
C. A web server and the database server facing the Internet, an application server on the internal network
D. All three servers need to face the Internet so that they can communicate between themselves
You are a Penetration Tester and are assigned to scan a server. You need to use a scanning technique wherein the TCP Header is split into many packets so that it becomes difficult to detect what the packets are meant for.Which of the below scanning technique will you use?
A. ACK flag scanning
B. TCP Scanning
C. IP Fragment Scanning
D. Inverse TCP flag scanning
Vlady works in a fishing company where the majority of the employees have very littleunderstanding of IT let alone IT Security. Several information security issues that Vladyoften found includes, employees sharing password, writing his/her password on a post itnote and stick it to his/her desk, leaving the computer unlocked, didn’t log out from emailsor other social media accounts, and etc.After discussing with his boss, Vlady decided to make some changes to improve thesecurity environment in his company. The first thing that Vlady wanted to do is to make theemployees understand the importance of keeping confidential information, such aspassword, a secret and they should not share it with other persons.Which of the following steps should be the first thing that Vlady should do to make theemployees in his company understand to importance of keeping confidential information asecret?
A. Warning to those who write password on a post it note and put it on his/her desk
B. Developing a strict information security policy
C. Information security awareness training
D. Conducting a one to one discussion with the other employees about the importance of information security
Which of the following Secure Hashing Algorithm (SHA) produces a 160-bit digest from a message with a maximum length of (264-1) bits and resembles the MD5 algorithm?
Which of the following options represents a conceptual characteristic of an anomaly-based IDS over a signature-based IDS?
A. Produces less false positives
B. Can identify unknown attacks
C. Requires vendor updates for a new threat
D. Cannot deal with encrypted network traffic