Ensurepass

QUESTION 261

A security engineer is attempting to map a company’s internal network. The engineer enters in the following NMAP command.

 

NMAP –n –sS –P0 –p 80 ***.***.**.**

 

What type of scan is this?

 

A.     Quick scan

B.     Intense scan

C.     Stealth scan

D.     Comprehensive scan

 

Correct Answer: C

 

 

QUESTION 262

Which of the following is a hashing algorithm?

 

A.     MD5

< span lang="EN-US" style="mso-fareast-font-family: calibri; mso-fareast-theme-font: minor-latin; mso-bidi-font-family: calibri; mso-bidi-theme-font: minor-latin">B.     PGP

C.     DES

D.     ROT13

 

Correct Answer: A

 

 

QUESTION 263

Which of the following identifies the three modes in which Snort can be configured to run?

 

A.     Sniffer, Packet Logger, and Network Intrusion Detection System.

B.     Sniffer, Network Intrusion Detection System, and Host Intrusion Detection System.

C.     Sniffer, Host Intrusion Prevention System, and Network Intrusion Prevention System.

D.     Sniffer, Packet Logger, and Host Intrusion Prevention System.

 

Correct Answer: A

 

QUESTION 264

Which of the following is a common Service Oriented Architecture (SOA) vulnerability?

 

A.     Cross-site scripting

B.     SQL injection

C.     VPath injection

D.     XML denial of service issues

 

Correct Answer: D

 

 

QUESTION 265

A company has five different subnets: 192.168.1.0, 192.168.2.0, 192.168.3.0, 192.168.4.0 and 192.168.5.0. How can NMAP be used to scan these adjacent Class C networks?

 

A.     NMAP -P 192.168.1-5.

B.     NMAP -P 192.168.0.0/16

C.     NMAP -P 192.168.1.0, 2.0, 3.0, 4.0, 5.0

D.     NMAP -P 192.168.1/17

 

Correct Answer: A

 

 

QUESTION 266

When utilizing technical assessment methods to assess the security posture of a network, which of the following techniques would be most effective in determining whether end-user security training would be beneficial?

 

A.     Vulnerability scanning

B.     Social engineering

C.     Application security testing

D.     Network sniffing

 

Correct Answer: B

 

 

QUESTION 267

What is the broadcast address for the subnet 190.86.168.0/22?

 

A.     190.86.168.255

B.     190.86.255.255

C.     190.86.171.255

D.     190.86.169.255

 

Correct Answer: C

 

 

QUESTION 268

Which of the following are valid types of rootkits? (Choose three.)

 

A.     Hypervisor level

B.     Network level

C.     Kernel level

D.     Application level

E.      Physical level

F.      Data access level

 

Correct Answer: ACD

 

 

QUESTION 269

John the Ripper is a technical assessment tool used to test the weakness of which of the following?

 

A.     Usernames

B.     File permissions

C.     Firewall rule sets

D.     Passwords

 

Correct Answer: D

 

 

QUESTION 270

A company has made the decision to host their own email and basic web services. The administrator needs to set up the external firewall to limit what protocols should be allowed to get to the public part of the company’s network. Which ports should the administrator open? (Choose three.)

 

A.     Port 22

B.     Port 23

C.     Port 25

D.     Port 53

E.      Port 80

F.      Port 139

G.     Port 445

 

Correct Answer: CDE

 

Free VCE & PDF File for ECCouncil 312-50 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

Comments are closed.