January 7, 2021 by admin [2021.1] ECCouncil 312-50V10 practice test Welcome to your [2021.1] ECCouncil 312-50V10 practice test QUESTION 1Which of the following is an example of two-factor authentication?A. PIN Number and Birth DateB. Username and PasswordC. Digital Certificate and Hardware TokenD. Fingerprint and Smartcard ID QUESTION 2Which protocol and the port number might be needed in order to send log messages to a log analysis tool that residesbehind a firewall?A. UDP 123B. UDP 541C. UDP 514D. UDP 415 QUESTION 3The precaution of prohibiting employees from bringing personal computing devices into a facility is what type of securitycontrol?A. PhysicalB. ProceduralC. TechnicalD. Compliance QUESTION 4WPA2 uses AES for wireless data encryption at which of the following encryption levels?A. 64 bit and CCMPB. 128 bit and CRCC. 128 bit and CCMPD. 128 bit and TKIP QUESTION 5Fred is the network administrator for his company. Fred is testing an internal switch.From an external IP address, Fred wants to try and trick this switch into thinking it already has established a sessionwith his computer. How can Fred accomplish this?A. Fred can accomplish this by sending an IP packet with the RST/SIN bit and the source address of his computer.B. He can send an IP packet with the SYN bit and the source address of his computer.C. Fred can send an IP packet with the ACK bit set to zero and the source address of the switch.D. Fred can send an IP packet to the switch with the ACK bit and the source address of his machine. QUESTION 6Your team has won a contract to infiltrate an organization. The company wants to have the attack be as realistic aspossible; therefore, they did not provide any information besides the company name. What should be the first step insecurity testing the client?A. ReconnaissanceB. EnumerationC. ScanningD. Escalation QUESTION 7Your next-door neighbor, that you do not get along with, is having issues with their network, so he yells to his spouse thenetwork\\’s SSID and password and you hear them both clearly. What do you do with this information?A. Nothing, but suggest to him to change the network\\’s SSID and password.B. Sell his SSID and password to friends that come to your house, so it doesn\\’t slows down your network.C. Log onto his network, after all, it\\’s his fault that you can get in.D. Only use his network when you have large downloads so you don\\’t tax your own network. QUESTION 8One of your team members has asked you to analyze the following SOA record. What is the version?Rutgers.edu.SOA NS1.Rutgers.edu ipad.college.edu (200302028 3600 3600 604800 2400.) (Choose four.) A. 200303028 B. 3600 C. 604800 D. 2400 E. 60 F. 4800 QUESTION 9In many states sending spam is illegal. Thus, the spammers have techniques to try and ensure that no one knows theysent the spam out to thousands of users at a time. Which of the following best describes what spammers use to hide theorigin of these types of e-mails?A. A blacklist of companies that have their mail server relays configured to allow traffic only to their specific domain name.B. Mail relaying, which is a technique of bouncing e-mail from internal to external mails servers continuously.C. A blacklist of companies that have their mail server relays configured to be wide open.D. Tools that will reconfigure a mail server\\’s relay component to send the e-mail back to the spammers occasionally. QUESTION 10Which of the following is the greatest threat posed by backups?A. A backup is the source of Malware or illicit information.B. A backup is unavailable during disaster recovery.C. A backup is incomplete because no verification was performed.D. An un-encrypted backup can be misplaced or stolen. QUESTION 11An attacker gains access to a Web server\\’s database and displays the contents of the table that holds all of the names,passwords, and other user information. The attacker did this by entering information into the Web site\\’s user login pagethat the software\\’s designers did not expect to be entered. This is an example of what kind of software designproblem?A. Insufficient input validationB. Insufficient exception handlingC. Insufficient database hardeningD. Insufficient security management QUESTION 12You are using NMAP to resolve domain names into IP addresses for a ping sweep later. Which of the following commands look for IP addresses?A. >host -t a hackeddomain.comB. >host -t soa hackeddomain.comC. >host -t ns hackeddomain.comD. >host -t AXFR hackeddomain.com QUESTION 13Which of the following is a hashing algorithm?A. MD5B. PGPC. DESD. ROT13 Time is Up!
