Eccouncil 312-50 Exam Questions

Questions for the 312-50 were updated on : Jun 07 ,2024

Page 1 out of 50. Viewing questions 1-15 out of 742

Question 1

Email is transmitted across the Internet using the Simple Mail Transport Protocol. SMTP does not
encrypt email, leaving the information in the message vulnerable to being read by an unauthorized
person. SMTP can upgrade a connection between two mail servers to use TLS. Email transmitted by
SMTP over TLS is encrypted. What is the name of the command used by SMTP to transmit email over
TLS?

  • A. OPPORTUNISTICTLS STARTTLS
  • B. FORCETLS
  • C. UPGRADETLS
Answer:

B

User Votes:
A
50%
B
50%
C
50%
Discussions
vote your answer:
A
B
C
0 / 1000

Question 2

Developers at your company are creating a web application which will be available for use by anyone
on the Internet, The developers have taken the approach of implementing a Three-Tier Architecture
for the web application. The developers are now asking you which network should the Presentation
Tier (front- end web server) be placed in?

  • A. isolated vlan network
  • B. Mesh network
  • C. DMZ network
  • D. Internal network
Answer:

A

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 3

Your business has decided to add credit card numbers to the data it backs up to tape. Which of the
following represents the best practice your business should observe?

  • A. Hire a security consultant to provide direction.
  • B. Do not back up cither the credit card numbers or then hashes.
  • C. Back up the hashes of the credit card numbers not the actual credit card numbers.
  • D. Encrypt backup tapes that are sent off-site.
Answer:

A

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 4

What is the main security service a cryptographic hash provides?

  • A. Integrity and ease of computation
  • B. Message authentication and collision resistance
  • C. Integrity and collision resistance
  • D. Integrity and computational in-feasibility
Answer:

D

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 5

A pen tester is configuring a Windows laptop for a test. In setting up Wireshark, what river and
library
are required to allow the NIC to work in promiscuous mode?

  • A. Libpcap
  • B. Awinpcap
  • C. Winprom
  • D. Winpcap
Answer:

D

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 6

What is one of the advantages of using both symmetric and asymmetric cryptography in SSL/TLS?

  • A. Symmetric algorithms such as AES provide a failsafe when asymmetric methods fail.
  • B. Asymmetric cryptography is computationally expensive in comparison. However, it is well-suited to securely negotiate keys for use with symmetric cryptography.
  • C. Symmetric encryption allows the server to securely transmit the session keys out-of-band.
  • D. Supporting both types of algorithms allows less-powerful devices such as mobile phones to use symmetric encryption instead.
Answer:

D

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 7

When a security analyst prepares for the formal security assessment - what of the following should
be done in order to determine inconsistencies in the secure assets database and verify that system is
compliant to the minimum security baseline?

  • A. Data items and vulnerability scanning
  • B. Interviewing employees and network engineers
  • C. Reviewing the firewalls configuration
  • D. Source code review
Answer:

A

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 8

Why containers are less secure that virtual machines?

  • A. Host OS on containers has a larger surface attack.
  • B. Containers may full fill disk space of the host.
  • C. A compromise container may cause a CPU starvation of the host.
  • D. Containers are attached to the same virtual network.
Answer:

A

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 9

These hackers have limited or no training and know how to use only basic techniques or tools.
What kind of hackers are we talking about?

  • A. Black-Hat Hackers A
  • B. Script Kiddies
  • C. White-Hat Hackers
  • D. Gray-Hat Hacker
Answer:

C

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 10

Bob, your senior colleague, has sent you a mail regarding a deal with one of the clients. You are
requested to accept the offer and you oblige. After 2 days. Bob denies that he had ever sent a mail.
What do you want to ""know"" to prove yourself that it was Bob who had send a mail?

  • A. Authentication
  • B. Confidentiality
  • C. Integrity
  • D. Non-Repudiation
Answer:

D

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 11

In the field of cryptanalysis, what is meant by a “rubber-hose" attack?

  • A. Attempting to decrypt cipher text by making logical assumptions about the contents of the original plain text.
  • B. Extraction of cryptographic secrets through coercion or torture.
  • C. Forcing the targeted key stream through a hardware-accelerated device such as an ASIC.
  • D. A backdoor placed into a cryptographic algorithm by its creator.
Answer:

B

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 12

What type of analysis is performed when an attacker has partial knowledge of inner-workings of the
application?

  • A. Black-box
  • B. Announced
  • C. White-box
  • D. Grey-box
Answer:

D

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 13

Which of the following steps for risk assessment methodology refers to vulnerability identification?

  • A. Determines if any flaws exist in systems, policies, or procedures
  • B. Assigns values to risk probabilities; Impact values.
  • C. Determines risk probability that vulnerability will be exploited (High. Medium, Low)
  • D. Identifies sources of harm to an IT system. (Natural, Human. Environmental)
Answer:

C

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 14

Log monitoring tools performing behavioral analysis have alerted several suspicious logins on a Linux
server occurring during non-business hours. After further examination of all login activities, it is
noticed that none of the logins have occurred during typical work hours. A Linux administrator who is
investigating this problem realizes the system time on the Linux server is wrong by more than twelve
hours. What protocol used on Linux servers to synchronize the time has stopped working?

  • A. Time Keeper
  • B. NTP
  • C. PPP
  • D. OSPP
Answer:

B

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 15

What is the minimum number of network connections in a multi homed firewall?

  • A. 3
  • B. 5
  • C. 4
  • D. 2
Answer:

A

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000
To page 2