Ensurepass

QUESTION 291

Which tool would be used to collect wireless packet data?

 

A.     NetStumbler

B.     John the Ripper

C.     Nessus

D.     Netcat

 

Correct Answer: A

 

QUESTION 292

Which of the following processes evaluates the adherence of an organization to its stated security policy?

 

A.     Vulnerability assessment

B.     Penetration testing

C.     Risk assessment

D.     Security auditing

 

Correct Answer: D

 

 

QUESTION 293

Which of the following statements are true regarding N-tier architecture? (Choose two.)

 

A.     Each layer must be able to exist on a physically independent system.

B.     The N-tier architecture must have at least one logical layer.

C.     Each layer should exchange information only with the layers above and below it.

D.     When a layer is changed or updated, the other layers must also be recompiled or modified.

 

Correct Answer: AC

 

 

QUESTION 294

Some passwords are stored using specialized encryption algorithms known as hashes. Why is this an appropriate method?

 

A.     It is impossible to crack hashed user passwords unless the key used to encrypt them is obtained.

B.     If a user forgets the password, it can be easily retrieved using the hash key stored by administrators.

C.     Hashing is faster compared to more traditional encryption algorithms.

D.     Passwords stored using hashes are non-reversible, making finding the password much more difficult.

 

Correct Answer: D

 

 

QUESTION 295

What is the main disadvantage of the scripting languages as opposed to compiled programming languages?

 

A.     Scripting languages are hard to learn.

B.     Scripting languages are not object-oriented.

C.     Scripting languages cannot be used to create graphical user interfaces.

D.     Scripting languages are slower because they require an interpreter to run the code.

 

Correct Answer: D

 

 

QUESTION 296

Which of the following are password cracking tools? (Choose three.)

 

A.     BTCrack

B.     John the Ripper

C.     KerbCrack

D.     Nikto

E.      Cain and Abel

F.      Havij

 

Correct Answer: BCE

 

 

QUESTION 297

Which of the following techniques can be used to mitigate the risk of an on-site attacker from connecting to an unused network port and gaining full access to the network? (Choose three.)

 

A.     Port Security

B.     IPSec Encryption

C.     Network Admission Control (NAC)

D.     802.1q Port Based Authentication

E.      802.1x Port Based Authentication

F.      Intrusion Detection System (IDS)

 

Correct Answer: ACE

 

 

QUESTION 298

When does the Payment Card Industry Data Security Standard (PCI-DSS) require organizations to perform external and internal penetration test
ing?

 

A.     At least once a year and after any significant upgrade or modification.

B.     At least once every three years or after any significant upgrade or modification.

C.     At least twice a year or after any significant upgrade or modification.

D.     At least once every two years and after any significant upgrade or modification.

 

Correct Answer: A

 

QUESTION 299

Which type of antenna is used in wireless communication?

 

A.     Omnidirectional

B.     Parabolic

C.     Uni-directional

D.     Bi-directional

 

Correct Answer: A

 

 

QUESTION 300

Employees in a company are no longer able to access Internet web sites on their computers. The network administrator is able to successfully ping IP address of web servers on the Internet and is able to open web sites by using an IP address in place of the URL. The administrator runs the nslookup command for www.eccouncil.org and receives an error message stating there is no response from the server. What should the administrator do next?

 

A.     Configure the firewall to allow traffic on TCP ports 53 and UDP port 53.

B.     Configure the firewall to allow traffic on TCP ports 80 and UDP port 443.

C.     Configure the firewall to allow traffic on TCP port 53.

D.     Configure the firewall to allow traffic on TCP port 8080.

 

Correct Answer: A

 

Free VCE & PDF File for ECCouncil 312-50 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

Comments are closed.