A penetration tester is hired to do a risk assessment of a company’s DMZ. The rules of engagement states that the penetration test be done from an external IP address with no prior knowledge of the internal IT systems. What kind of test is being performed?


A.     white box

B.     grey box

C.     red box

D.     black box


Correct Answer: D




How can a policy help improve an employee’s security awareness?


A.     By implementing written security procedures, enabling employee security training, and promoting the benefits of security.

B.     By using informal networks of communication, establishing secret passing procedures, and immediately terminating employees.

C.     By sharing security secrets with employees, enabling employees to share secrets, and establishing a consultative help line.

D.     By decreasing an employee’s vacation time, addressing ad-hoc employment clauses, and ensuring that managers know employee strengths.


Correct Answer: A




Which statement is TRUE regarding network firewalls preventing Web Application attacks?


A.     Network firewalls can prevent attacks because they can detect malicious HTTP traffic.

B.     Network firewalls cannot prevent attacks because ports 80 and 443 must be opened.

C.     Network firewalls can prevent attacks if they are properly configured.

D.     Network firewalls cannot prevent attacks because they are too complex to configure.


Correct Answer: B




An organization hires a tester to do a wireless penetration test. Previous reports indicate that the last test did not contain management or control packets in the submitted traces. Which of the following is the most likely reason for lack of management or control packets?


A.     The wireless card was not turned on.

B.     The wrong network card drivers were in use by Wireshark.

C.     On Linux and Mac OS X, only 802.11 headers are received in promiscuous mode.

D.     Certain operating systems and adapters do not collect the management or control packets.


Correct Answer: D




Which of the following techniques will identify if computer files have been changed?


A.     Network sniffing

B.     Permission sets

C.     Integrity checking hashes

D.     Firewall alerts


Correct Answer: C




Which of the following does proper basic configuration of snort as a network intrusion detection system require?


A.     Limit the packets captured to the snort configuration file.

B.     Capture every packet on the network segment.

C.     Limit the packets captured to a single segment.

D.     Limit the packets captured to the /var/log/snort directory.


Correct Answer: A




When analyzing the IDS logs, the system administrator notices connections from outside of the LAN have been sending packets where the Source IP address and Destination IP address are the same. There have been no alerts sent via email or logged in the IDS. Which type of an alert is this?


A.     False positive

B.     False negative

C.     True positive

D.     True negative


Correct Answer: B




Which of the following descriptions is true about a static NAT?


A.     A static NAT uses a many-to-many mapping.

B.     A static NAT uses a one-to-many mapping.

C.     A static NAT uses a many-to-one mapping.

D.     A static NAT uses a one-to-one mapping.


Correct Answer: D




Which United States legislation mandates that the Chief Executive Officer (CEO) and the Chief Financial Officer (CFO) must sign statements verifying the completeness and accuracy of financial reports?


A.     Sarbanes-Oxley Act (SOX)

B.     Gramm-Leach-Bliley Act (GLBA)

C.     Fair and Accurate Credit Transactions Act (FACTA)

D.     Federal Information Security Management Act (FISMA)


Correct Answer: A




Which of the following is a component of a risk assessment?


A.     Physical security

B.     Administrative safeguards

C.     DMZ

D.     Logical interface


Correct Answer: B


Free VCE & PDF File for ECCouncil 312-50 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

Comments are closed.