Top EC-Council 312-50 keys Choices

Our IT experts dedicate for you to developing the EC-Council 312-50 on-line questions and answers. You can download the 312-50 dumps upon our website. We not just present your EC-Council Pdf exams but additionally the examination engine. Our own EC-Council EC-Council test powerplant is cutting-edge software thats built to generate you sense that you are in the real EC-Council 312-50 exam. This will be your enriching and also unforgettable experience within your life. You can make your EC-Council 312-50 preparation at your individual pace and also with your own personal style as a result of the flexibility involving our a pair of types of 312-50 questions. You can put your various options and facilities, which provided from the EC-Council 312-50 exam engines, into use. Although doing your EC-Council 312-50 practice exams on your 312-50 exam powerplant you will sense that your learning rate is enhanced.

2021 Mar 312-50 free practice exam

Q401. As a securing consultant, what are some of the things you would recommend to a company to ensure DNS security? 

Select the best answers. 

A. Use the same machines for DNS and other applications 

B. Harden DNS servers 

C. Use split-horizon operation for DNS servers 

D. Restrict Zone transfers 

E. Have subnet diversity between DNS servers 

Answer: BCDE


A is not a correct answer as it is never recommended to use a DNS server for any other application. Hardening of the DNS servers makes them less vulnerable to attack. It is recommended to split internal and external DNS servers (called split-horizon operation). Zone transfers should only be accepted from authorized DNS servers. By having DNS servers on different subnets, you may prevent both from going down, even if one of your networks goes down. 

Q402. What is a sheepdip? 

A. It is another name for Honeynet 

B. It is a machine used to coordinate honeynets 

C. It is the process of checking physical media for virus before they are used in a computer 

D. None of the above 

Answer: C

Explanation: Also known as a footbath, a sheepdip is the process of checking physical media, such as floppy disks or CD-ROMs, for viruses before they are used in a computer. Typically, a computer that sheepdips is used only for that process and nothing else and is isolated from the other computers, meaning it is not connected to the network. Most sheepdips use at least two different antivirus programs in order to increase effectiveness. 

Q403. Steven the hacker realizes the network administrator of Acme Corporation is using syskey in Windows 2008 Server to protect his resources in the organization. Syskey independently encrypts the hashes so that physical access to the server, tapes, or ERDs is only first step to cracking the passwords. Steven must break through the encryption used by syskey before he can attempt to use brute force dictionary attacks on the hashes. Steven runs a program called "SysCracker" targeting the Windows 2008 Server machine in attempting to crack the hash used by Syskey. He needs to configure the encryption level before he can launch the attack. How many bits does Syskey use for encryption? 

A. 40-bit encryption 

B. 128-bit encryption 

C. 256-bit encryption 

D. 64-bit encryption 

Answer: B

Q404. You are attempting to map out the firewall policy for an organization. You discover your target system is one hop beyond the firewall. Using hping2, you send SYN packets with the exact TTL of the target system starting at port 1 and going up to port 1024. What is this process known as? 

A. Footprinting 

B. Firewalking 

C. Enumeration 

D. Idle scanning 

Answer: B

Explanation: Firewalking uses a traceroute-like IP packet analysis to determine whether or not a particular packet can pass from the attacker’s host to a destination host through a packet-filtering device. This technique can be used to map ‘open’ or ‘pass through’ ports on a gateway. More over, it can determine whether packets with various control information can pass through a given gateway. 

Q405. Theresa is an IT security analyst working for the United Kingdom Internet Crimes Bureau in London. Theresa has been assigned to the software piracy division which focuses on taking down individual and organized groups that distribute copyrighted software illegally. Theresa and her division have been responsible for taking down over 2,000 FTP sites hosting copyrighted software. Theresa's supervisor now wants her to focus on finding and taking down websites that host illegal pirated software. What are these sights called that Theresa has been tasked with taking down? 

A. These sites that host illegal copyrighted software are called Warez sites 

B. These sites that Theresa has been tasked to take down are called uTorrent sites 

C. These websites are referred to as Dark Web sites 

D. Websites that host illegal pirated versions of software are called Back Door sites 

Answer: A

Explanation: The Warez scene, often referred to as The Scene (often capitalized) is a term of self-reference used by a community that specializes in the underground distribution of pirated content, typically software but increasingly including movies and music. 

Renovate 312-50 free exam questions:

Q406. June, a security analyst, understands that a polymorphic virus has the ability to mutate and can change its known viral signature and hide from signature-based antivirus programs. Can June use an antivirus program in this case and would it be effective against a polymorphic virus? 

A. No. June can't use an antivirus program since it compares the size of executable files to the database of known viral signatures and it is effective on a polymorphic virus 

B. Yes. June can use an antivirus program since it compares the parity bit of executable files to the database of known check sum counts and it is effective on a polymorphic virus 

C. Yes. June can use an antivirus program since it compares the signatures of executable files to the database of known viral signatures and it is very effective against a polymorphic virus 

D. No. June can't use an antivirus program since it compares the signatures of executable files to the database of known viral signatures and in the case the polymorphic viruses cannot be detected by a signature-based anti-virus program 

Answer: D

Explanation: Although there are functions like heuristic scanning and sandbox technology, the Antivirus program is still mainly depending of signature databases and can only find already known viruses. 

Q407. What port number is used by LDAP protocol? 

A. 110 

B. 389 

C. 445 

D. 464 


Explanation: Active Directory and Exchange use LDAP via TCP port 389 for clients. 

Q408. Josh is the network administrator for Consultants Galore, an IT consulting firm based in Kansas City. Josh is responsible for the company's entire network which consists of one Windows Server 2003 Active Directory domain. Almost all employees have Remote Desktop access to the servers so they can perform their work duties. Josh has created a security group in Active Directory called "RDP Deny" which contains all the user accounts that should not have Remote Desktop permission to any of the servers. What Group Policy change can Jayson make to ensure that all users in the "RDP Deny" group cannot access the company servers through Remote Desktop? 

A. Josh should add the "RDP Deny" group into the list of Restricted Groups to prevent the users from accessing servers remotely. 

B. By adding the "RDP Deny" group to the "Deny logon as a service" policy, the users in that security group will not be able to establish remote connections to any of the servers. 

C. He should add the "RDP Deny" group to the "Deny RDP connections to member servers" policy. 

D. Josh needs to add the "RDP Deny" group to the "Deny logon through Terminal Services" policy. * 

Answer: D

New questions 

604. Which of the following countermeasure can specifically protect against both the MAC Flood and MAC Spoofing attacks? 

A. Configure Port Security on the switch 

B. Configure Port Recon on the switch 

C. Configure Switch Mapping 

D. Configure Multiple Recognition on the switch 

Answer: A

Q409. An attacker has been successfully modifying the purchase price of items purchased at a web site. The security administrators verify the web server and Oracle database have not been compromised directly. They have also verified the IDS logs and found no attacks that could have caused this. What is the mostly likely way the attacker has been able to modify the price? 

A. By using SQL injection 

B. By using cross site scripting 

C. By changing hidden form values in a local copy of the web page 

D. There is no way the attacker could do this without directly compromising either the web server or the database 

Answer: C

Explanation: Changing hidden form values is possible when a web site is poorly built and is trusting the visitors computer to submit vital data, like the price of a product, to the database. 

Q410. Attacker forges a TCP/IP packet, which causes the victim to try opening a connection with itself. This causes the system to go into an infinite loop trying to resolve this unexpected connection. Eventually, the connection times out, but during this resolution, the machine appears to hang or become very slow. The attacker sends such packets on a regular basis to slow down the system. 

Unpatched Windows XP and Windows Server 2003 machines are vulnerable to these attacks. What type of Denial of Service attack is represented here? 

A. SMURF Attacks 

B. Targa attacks 

C. LAND attacks 

D. SYN Flood attacks 

Answer: C

Explanation: The attack involves sending a spoofed TCP SYN packet (connection initiation) with the target host's IP address and an open port as both source and destination.The reason a LAND attack works is because it causes the machine to reply to itself continuously. 

see more