[2021.1] ECCouncil 312-50V10 practice test | Leads4pass New Exam Dumps Questions And Answers Update

Welcome to your [2021.1] ECCouncil 312-50V10 practice test

QUESTION 1

Which of the following is an example of two-factor authentication?

A. PIN Number and Birth Date

B. Username and Password

C. Digital Certificate and Hardware Token

D. Fingerprint and Smartcard ID

QUESTION 2

Which protocol and the port number might be needed in order to send log messages to a log analysis tool that resides
behind a firewall?

A. UDP 123

B. UDP 541

C. UDP 514

D. UDP 415

QUESTION 3

The precaution of prohibiting employees from bringing personal computing devices into a facility is what type of security
control?

A. Physical

B. Procedural

C. Technical

D. Compliance

QUESTION 4

WPA2 uses AES for wireless data encryption at which of the following encryption levels?

A. 64 bit and CCMP

B. 128 bit and CRC

C. 128 bit and CCMP

D. 128 bit and TKIP

QUESTION 5

Fred is the network administrator for his company. Fred is testing an internal switch.
From an external IP address, Fred wants to try and trick this switch into thinking it already has established a session
with his computer. How can Fred accomplish this?

A. Fred can accomplish this by sending an IP packet with the RST/SIN bit and the source address of his computer.

B. He can send an IP packet with the SYN bit and the source address of his computer.

C. Fred can send an IP packet with the ACK bit set to zero and the source address of the switch.

D. Fred can send an IP packet to the switch with the ACK bit and the source address of his machine.

QUESTION 6

Your team has won a contract to infiltrate an organization. The company wants to have the attack be as realistic as
possible; therefore, they did not provide any information besides the company name. What should be the first step in
security testing the client?

A. Reconnaissance

B. Enumeration

C. Scanning

D. Escalation

QUESTION 7

Your next-door neighbor, that you do not get along with, is having issues with their network, so he yells to his spouse the
network\\’s SSID and password and you hear them both clearly. What do you do with this information?

A. Nothing, but suggest to him to change the network\\’s SSID and password.

B. Sell his SSID and password to friends that come to your house, so it doesn\\’t slows down your network.

C. Log onto his network, after all, it\\’s his fault that you can get in.

D. Only use his network when you have large downloads so you don\\’t tax your own network.

QUESTION 8

One of your team members has asked you to analyze the following SOA record. What is the version?
Rutgers.edu.SOA NS1.Rutgers.edu ipad.college.edu (200302028 3600 3600 604800 2400.) (Choose four.)

A. 200303028

B. 3600

C. 604800

D. 2400

E. 60

F. 4800

QUESTION 9

In many states sending spam is illegal. Thus, the spammers have techniques to try and ensure that no one knows they
sent the spam out to thousands of users at a time. Which of the following best describes what spammers use to hide the
origin of these types of e-mails?

A. A blacklist of companies that have their mail server relays configured to allow traffic only to their specific domain name.

B. Mail relaying, which is a technique of bouncing e-mail from internal to external mails servers continuously.

C. A blacklist of companies that have their mail server relays configured to be wide open.

D. Tools that will reconfigure a mail server\\’s relay component to send the e-mail back to the spammers occasionally.

QUESTION 10

Which of the following is the greatest threat posed by backups?

A. A backup is the source of Malware or illicit information.

B. A backup is unavailable during disaster recovery.

C. A backup is incomplete because no verification was performed.

D. An un-encrypted backup can be misplaced or stolen.

QUESTION 11

An attacker gains access to a Web server\\’s database and displays the contents of the table that holds all of the names,
passwords, and other user information. The attacker did this by entering information into the Web site\\’s user login page
that the software\\’s designers did not expect to be entered. This is an example of what kind of software design
problem?

A. Insufficient input validation

B. Insufficient exception handling

C. Insufficient database hardening

D. Insufficient security management

QUESTION 12

You are using NMAP to resolve domain names into IP addresses for a ping sweep later. Which of the following commands look for IP addresses?

A. >host -t a hackeddomain.com

B. >host -t soa hackeddomain.com

C. >host -t ns hackeddomain.com

D. >host -t AXFR hackeddomain.com

QUESTION 13

Which of the following is a hashing algorithm?

A. MD5

B. PGP

C. DES

D. ROT13