Ensurepass

QUESTION 431

What is the main advantage that a network-based IDS/IPS system has over a host-based solution?

 

A.     They do not use host system resources.

B.     They are placed at the boundary, allowing them to inspect all traffic.

C.     They are easier to install and configure.

D.     They will not interfere with user interfaces.

 

Correct Answer: A

 

 

QUESTION 432

An NMAP scan of a server shows port 25 is open. What risk could this pose?

 

A.     Open printer sharing

B.     Web portal data leak

C.     Clear text authentication

D.     Active mail relay

 

Correct Answer: D

 

 

QUESTION 433

Which of the following are variants of mandatory access control mechanisms? (Choose two.)

 

A.     Two factor authentication

B.     Acceptable use policy

C.     Username / password

D.     User education program

E.      Sign in register

 

Correct Answer: AC

 

 

QUESTION 434

An attacker uses a communication channel within an operating system that is neither designed nor intended to transfer information. What is the name of the communications channel?

 

A.     Classified

B.     Overt

C.     Encrypted

D.     Covert

 

Correct Answer: D

 

 

QUESTION 435

An attacker uses a communication channel within an operating system that is neither designed nor intended to transfer information. What is the name of the communications channel?

 

A.     Classified

B.     Overt

C.     Encrypted

D.     Covert

 

Correct Answer: D

 

 

QUESTION 436

What is the primary drawback to using advanced encryption standard (AES) algorithm with a 256 bit key to share sensitive data?

 

A.     Due to the key size, the time it will take to encrypt and decrypt the message hinders efficient communication.

B.     To get messaging programs to function with this algorithm requires complex configurations.

C.     It has been proven to be a weak cipher; therefore, should not be trusted to protect sensitive data.

D.     It is a symmetric key algorithm, meaning each recipient must receive the key through a different channel than the message.

 

Correct Answer: D

QUESTION 437

Pentest results indicate that voice over IP traffic is traversing a network. Which of the following tools will decode a packet capture and extract the voice conversations?

 

A.     Cain

B.     John the Ripper

C.     Nikto

D.     Hping

 

Correct Answer: A

 

 

QUESTION 438

Information gathered from social networking websites such as Facebook, Twitter and LinkedIn can be used to launch which of the following types of attacks? (Choose two.)

 

A.     Smurf attack

B.     Social engineering attack

C.     SQL injection attack

D.     Phishing attack

E.      Fraggle attack

F.      Distributed denial of service attack

 

Correct Answer: BD

 

 

QUESTION 439

Which of the following examples best represents a logical or technical control?

 

A.     Security tokens

B.     Heating and air conditioning

C.     Smoke and fire alarms

D.     Corporate security policy

 

Correct Answer: A

 

 

QUESTION 440

Which of the following resources does NMAP need to be used as a basic vulnerability scanner covering several vectors like SMB, HTTP and FTP?

 

A.     Metasploit scripting engine

B.     Nessus scripting engine

C.     NMAP scripting engine

D.     SAINT scripting engine

 

Correct Answer: C

 

Free VCE & PDF File for ECCouncil 312-50 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

Comments are closed.