312-50 Practice Tests (February 2016)

[Free] Download New Updated (February 2016) ECCouncil 312-50 Practice Tests 641-650

By on February 13, 2016
EnsurepassQUESTION 641 While examining audit logs, you discover that people are able to telnet into the SMTP server on port 25. You would like to block this, though you do not see any evidence of an attack or other wrong doing. However, you are concerned about affecting the normal functionality of the email server. From the following options choose how best you can achieve this objective?   A.     Block port 25 at the firewall. B.     Shut off the SMTP Read more [...]

Continue Reading

312-50 Practice Tests (February 2016)

[Free] Download New Updated (February 2016) ECCouncil 312-50 Practice Tests 631-640

By on
EnsurepassQUESTION 631 Which of the following LM hashes represent a password of less than 8 characters? (Select 2)   A.     BA810DBA98995F1817306D272A9441BB B.     44EFCE164AB921CQAAD3B435B51404EE C.     0182BD0BD4444BF836077A718CCDF409 D.     CEC52EB9C8E3455DC2265B23734E0DAC E.      B757BF5C0D87772FAAD3B435B51404EE F.      E52CAC67419A9A224A3B108F3FA6CB6D   Read more [...]

Continue Reading

312-50 Practice Tests (February 2016)

[Free] Download New Updated (February 2016) ECCouncil 312-50 Practice Tests 611-620

By on
EnsurepassQUESTION 611 Eve is spending her day scanning the library computers. She notices that Alice is using a computer whose port 445 is active and listening. Eve uses the ENUM tool to enumerate Alice machine. From the command prompt, she types the following command.   For /f "tokens=1 %%a in (hackfile.txt) do net use * \\10.1.2.3\c$ /user:"Administrator" %%a   What is Eve trying to do?   A.     Eve is trying to connect as an user with Administrator privileges. Read more [...]

Continue Reading

312-50 Practice Tests (February 2016)

[Free] Download New Updated (February 2016) ECCouncil 312-50 Practice Tests 621-630

By on
EnsurepassQUESTION 621 Peter, a Network Administrator, has come to you looking for advice on a tool that would help him perform SNMP enquires over the network. Which of these tools would do the SNMP enumeration he is looking for? Select the best answers.   A.     SNMPUtil B.     SNScan C.     SNMPScan D.     Solarwinds IP Network Browser E.      NMap   Correct Answer: ABD     Read more [...]

Continue Reading

312-50 Practice Tests (February 2016)

[Free] Download New Updated (February 2016) ECCouncil 312-50 Practice Tests 601-610

By on
EnsurepassQUESTION 601 Bruce King is using the nslookup command to craft queries to list all DNS information (such as Name Servers, host names, MX records, CNAME records, glue records (delegation for child Domains), zone serial number, TimeToLive (TTL) records, etc) for a Domain. What do you think Bruce King is trying to accomplish? Select the best answer.   A.     A zone harvesting B.     A zone transfer C.     A zone update D.     Read more [...]

Continue Reading

312-50 Practice Tests (February 2016)

[Free] Download New Updated (February 2016) ECCouncil 312-50 Practice Tests 591-600

By on
EnsurepassQUESTION 591 One of your team members has asked you to analyze the following SOA record. What is the TTL?   Rutgers.edu.SOA NS1.Rutgers.edu ipad.college.edu (200302028 3600 3600 604800 2400.)   A.     200303028 B.     3600 C.     604800 D.     2400 E.      60 F.      4800   Correct Answer: D     QUESTION 592 One of your team members has Read more [...]

Continue Reading

312-50 Practice Tests (February 2016)

[Free] Download New Updated (February 2016) ECCouncil 312-50 Practice Tests 571-580

By on
EnsurepassQUESTION 571 Name two software tools used for OS guessing? (Choose two.)   A.     Nmap B.     Snadboy C.     Queso D.     UserInfo E.      NetBus   Correct Answer: AC     QUESTION 572 Sandra is the security administrator of XYZ.com. One day she notices that the XYZ.com Oracle database server has been compromised and customer information along with financial data has Read more [...]

Continue Reading

312-50 Practice Tests (February 2016)

[Free] Download New Updated (February 2016) ECCouncil 312-50 Practice Tests 581-590

By on
EnsurepassQUESTION 581 Which of the following command line switch would you use for OS detection in Nmap?   A.     -D B.     -O C.     -P D.     -X   Correct Answer: B     QUESTION 582 You have initiated an active operating system fingerprinting attempt with nmap against a target system:     What operating system is the target host running based on the open ports shown above?   A.     Read more [...]

Continue Reading

312-50 Practice Tests (February 2016)

[Free] Download New Updated (February 2016) ECCouncil 312-50 Practice Tests 551-560

By on
EnsurepassQUESTION 551 What ICMP message types are used by the ping command?   A.     Timestamp request (13) and timestamp reply (14). B.     Echo request (8) and Echo reply (0). C.     Echo request (0) and Echo reply (1). D.     Ping request (1) and Ping reply (2).   Correct Answer: B     QUESTION 552 Which of the following systems would not respond correctly to an nmap XMAS scan?   A.     Read more [...]

Continue Reading

312-50 Practice Tests (February 2016)

[Free] Download New Updated (February 2016) ECCouncil 312-50 Practice Tests 561-570

By on
EnsurepassQUESTION 561 What flags are set in a X-MAS scan? (Choose all that apply.)   A.     SYN B.     ACK C.     FIN D.     PSH E.      RST F.      URG   Correct Answer: CDF     QUESTION 562 Which of the following is an automated vulnerability assessment tool?   A.     Whack a Mole B.     Nmap C.     Read more [...]

Continue Reading

312-50 Practice Tests (February 2016)

[Free] Download New Updated (February 2016) ECCouncil 312-50 Practice Tests 531-540

By on
EnsurepassQUESTION 531 Your lab partner is trying to find out more information about a competitors web site. The site has a .com extension. She has decided to use some online whois tools and look in one of the regional Internet registrys. Which one would you suggest she looks in first?   A.     LACNIC B.     ARIN C.     APNIC D.     RIPE E.      AfriNIC   Correct Answer: B     Read more [...]

Continue Reading

312-50 Practice Tests (February 2016)

[Free] Download New Updated (February 2016) ECCouncil 312-50 Practice Tests 541-550

By on
EnsurepassQUESTION 541 War dialing is a very old attack and depicted in movies that were made years ago. Why would a modem security tester consider using such an old technique?   A.     It is cool, and if it works in the movies it must work in real life. B.     It allows circumvention of protection mechanisms by being on the internal network. C.     It allows circumvention of the company PBX. D.     A good security Read more [...]

Continue Reading

312-50 Practice Tests (February 2016)

[Free] Download New Updated (February 2016) ECCouncil 312-50 Practice Tests 511-520

By on
EnsurepassQUESTION 511 Which Windows system tool checks integrity of critical files that has been digitally signed by Microsoft?   A.     signverif.exe B.     sigverif.exe C.     msverif.exe D.     verifier.exe   Correct Answer: B     QUESTION 512 Botnets are networks of compromised computers that are controlled remotely and surreptitiously by one or more cyber criminals. How do cyber criminals infect Read more [...]

Continue Reading

312-50 Practice Tests (February 2016)

[Free] Download New Updated (February 2016) ECCouncil 312-50 Practice Tests 521-530

By on
EnsurepassQUESTION 521 Which one of the following is defined as the process of distributing incorrect Internet Protocol (IP) addresses/names with the intent of diverting traffic?   A.     Network aliasing B.     Domain Name Server (DNS) poisoning C.     Reverse Address Resolution Protocol (ARP) D.     Port scanning   Correct Answer: B   QUESTION 522 A XYZ security System Administrator is reviewing the network Read more [...]

Continue Reading

312-50 Practice Tests (February 2016)

[Free] Download New Updated (February 2016) ECCouncil 312-50 Practice Tests 501-510

By on
EnsurepassQUESTION 501 The use of alert thresholding in an IDS can reduce the volume of repeated alerts, but introduces which of the following vulnerabilities?   A.     An attacker, working slowly enough, can evade detection by the IDS. B.     Network packets are dropped if the volume exceeds the threshold. C.     Thresholding interferes with the IDS’ ability to reassemble fragmented packets. D.     The IDS will Read more [...]

Continue Reading

312-50 Practice Tests (February 2016)

[Free] Download New Updated (February 2016) ECCouncil 312-50 Practice Tests 481-490

By on
EnsurepassQUESTION 481 Which of the following is a hardware requirement that either an IDS/IPS system or a proxy server must have in order to properly function?   A.     Fast processor to help with network traffic analysis. B.     They must be dual-homed. C.     Similar RAM requirements. D.     Fast network interface cards.   Correct Answer: B     QUESTION 482 If an e-commerce site was put into a live Read more [...]

Continue Reading

312-50 Practice Tests (February 2016)

[Free] Download New Updated (February 2016) ECCouncil 312-50 Practice Tests 491-500

By on
EnsurepassQUESTION 491 A certified ethical hacker (CEH) is approached by a friend who believes her husband is cheating. She offers to pay to break into her husband's email account in order to find proof so she can take him to court. What is the ethical response?   A.     Say no; the friend is not the owner of the account. B.     Say yes; the friend needs help to gather evidence. C.     Say yes; do the job for free. D.     Read more [...]

Continue Reading

312-50 Practice Tests (February 2016)

[Free] Download New Updated (February 2016) ECCouncil 312-50 Practice Tests 471-480

By on
EnsurepassQUESTION 471 A hacker searches in Google for filetype:pcf to find Cisco VPN config files. Those files may contain connectivity passwords that can be decoded with which of the following?   A.     Cupp B.     Nessus C.     Cain and Abel D.     John The Ripper Pro   Correct Answer: C     QUESTION 472 Which technical characteristic do Ethereal/Wireshark, TCPDump, and Snort have in common?   Read more [...]

Continue Reading

312-50 Practice Tests (February 2016)

[Free] Download New Updated (February 2016) ECCouncil 312-50 Practice Tests 441-450

By on
EnsurepassQUESTION 441 A penetration tester is hired to do a risk assessment of a company's DMZ. The rules of engagement states that the penetration test be done from an external IP address with no prior knowledge of the internal IT systems. What kind of test is being performed?   A.     white box B.     grey box C.     red box D.     black box   Correct Answer: D     QUESTION 442 How can a policy Read more [...]

Continue Reading

312-50 Practice Tests (February 2016)

[Free] Download New Updated (February 2016) ECCouncil 312-50 Practice Tests 451-460

By on
EnsurepassQUESTION 451 What information should an IT system analysis provide to the risk assessor?   A.     Management buy-in B.     Threat statement C.     Security architecture D.     Impact analysis   Correct Answer: C     QUESTION 452 Which security strategy requires using several, varying methods to protect IT systems against attacks?   A.     Defense in depth B.     Read more [...]

Continue Reading

312-50 Practice Tests (February 2016)

[Free] Download New Updated (February 2016) ECCouncil 312-50 Practice Tests 461-470

By on
EnsurepassQUESTION 461 When setting up a wireless network, an administrator enters a pre-shared key for security. Which of the following is true?   A.     The key entered is a symmetric key used to encrypt the wireless data. B.     The key entered is a hash that is used to prove the integrity of the wireless data. C.     The key entered is based on the Diffie-Hellman method. D.     The key is an RSA key used to encrypt Read more [...]

Continue Reading

312-50 Practice Tests (February 2016)

[Free] Download New Updated (February 2016) ECCouncil 312-50 Practice Tests 431-440

By on
EnsurepassQUESTION 431 What is the main advantage that a network-based IDS/IPS system has over a host-based solution?   A.     They do not use host system resources. B.     They are placed at the boundary, allowing them to inspect all traffic. C.     They are easier to install and configure. D.     They will not interfere with user interfaces.   Correct Answer: A     QUESTION 432 An NMAP scan of a Read more [...]

Continue Reading

312-50 Practice Tests (February 2016)

[Free] Download New Updated (February 2016) ECCouncil 312-50 Practice Tests 411-420

By on
EnsurepassQUESTION 411 Which of the following open source tools would be the best choice to scan a network for potential targets?   A.     NMAP B.     NIKTO C.     CAIN D.     John the Ripper   Correct Answer: A   QUESTION 412 Which of the following levels of algorithms does Public Key Infrastructure (PKI) use?   A.     RSA 1024 bit strength B.     AES 1024 bit Read more [...]

Continue Reading

312-50 Practice Tests (February 2016)

[Free] Download New Updated (February 2016) ECCouncil 312-50 Practice Tests 421-430

By on
EnsurepassQUESTION 421 Which of the following tools would be the best choice for achieving compliance with PCI Requirement 11?   A.     Truecrypt B.     Sub7 C.     Nessus D.     Clamwin   Correct Answer: C     QUESTION 422 The precaution of prohibiting employees from bringing personal computing devices into a facility is what type of security control?   A.     Physical B.     Read more [...]

Continue Reading

312-50 Practice Tests (February 2016)

[Free] Download New Updated (February 2016) ECCouncil 312-50 Practice Tests 391-400

By on
EnsurepassQUESTION 391 One advantage of an application-level firewall is the ability to   A.     filter packets at the network level B.     filter specific commands, such as http:post C.     retain state information for each packet D.     monitor tcp handshaking   Correct Answer: B     QUESTION 392 Which type of security document is written with specific step-by-step details?   A.     Read more [...]

Continue Reading

312-50 Practice Tests (February 2016)

[Free] Download New Updated (February 2016) ECCouncil 312-50 Practice Tests 401-410

By on
EnsurepassQUESTION 401 Which of the following algorithms provides better protection against brute force attacks by using a 160-bit message digest?   A.     MD5 B.     SHA-1 C.     RC4 D.     MD4 Correct Answer: B     QUESTION 402 Company A and Company B have just merged and each has its own Public Key Infrastructure (PKI). What must the Certificate Authorities (CAs) establish so that the private PKIs for Read more [...]

Continue Reading

312-50 Practice Tests (February 2016)

[Free] Download New Updated (February 2016) ECCouncil 312-50 Practice Tests 371-380

By on
EnsurepassQUESTION 371 A hacker is attempting to use nslookup to query Domain Name Service (DNS). The hacker uses the nslookup interactive mode for the search. Which command should the hacker type into the command shell to request the appropriate records?   A.     Locate type=ns B.     Request type=ns C.     Set type=ns D.     Transfer type=ns   Correct Answer: C     QUESTION 372 After gaining access Read more [...]

Continue Reading

312-50 Practice Tests (February 2016)

[Free] Download New Updated (February 2016) ECCouncil 312-50 Practice Tests 381-390

By on
EnsurepassQUESTION 381 While testing the company's web applications, a tester attempts to insert the following test script into the search area on the company's web site.   <script>alert(" Testing Testing Testing ")</script>   Afterwards, when the tester presses the search button, a pop-up box appears on the screen with the text: "Testing Testing Testing". Which vulnerability has been detected in the web application?   A.     Buffer overflow B.     Read more [...]

Continue Reading

312-50 Practice Tests (February 2016)

[Free] Download New Updated (February 2016) ECCouncil 312-50 Practice Tests 341-350

By on
EnsurepassQUESTION 341 Which of the following is an example of an asymmetric encryption implementation?   A.     SHA1 B.     PGP C.     3DES D.     MD5   Correct Answer: B     QUESTION 342 What is the purpose of conducting security assessments on network resources?   A.     Documentation B.     Validation C.     Implementation D.     Read more [...]

Continue Reading

312-50 Practice Tests (February 2016)

[Free] Download New Updated (February 2016) ECCouncil 312-50 Practice Tests 351-360

By on
EnsurepassQUESTION 351 Which of the following is a detective control?   A.     Smart card authentication B.     Security policy C.     Audit trail D.     Continuity of operations plan   Correct Answer: C     QUESTION 352 A penetration tester is attempting to scan an internal corporate network from the internet without alerting the border sensor. Which is the most efficient technique should the tester Read more [...]

Continue Reading