Summer Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ecus65

ECCouncil 312-50 - Certified Ethical Hacker Exam

ECCouncil 312-50 Premium Access     Download Demo    
Page: 12 / 13
Total 614 questions

Which of the following programming languages is most vulnerable to buffer overflow attacks?

A.

Perl

B.

C++

C.

Python

D.

Java

A developer for a company is tasked with creating a program that will allow customers to update their billing and shipping information. The billing address field used is limited to 50 characters. What pseudo code would the developer use to avoid a buffer overflow attack on the billing address field?

A.

if (billingAddress = 50) {update field} else exit

B.

if (billingAddress != 50) {update field} else exit

C.

if (billingAddress >= 50) {update field} else exit

D.

if (billingAddress <= 50) {update field} else exit

A person approaches a network administrator and wants advice on how to send encrypted email from home. The end user does not want to have to pay for any license fees or manage server services. Which of the following is the most secure encryption protocol that the network administrator should recommend?

A.

IP Security (IPSEC)

B.

Multipurpose Internet Mail Extensions (MIME)

C.

Pretty Good Privacy (PGP)

D.

Hyper Text Transfer Protocol with Secure Socket Layer (HTTPS)

Smart cards use which protocol to transfer the certificate in a secure manner?

A.

Extensible Authentication Protocol (EAP)

B.

Point to Point Protocol (PPP)

C.

Point to Point Tunneling Protocol (PPTP)

D.

Layer 2 Tunneling Protocol (L2TP)

What is the main disadvantage of the scripting languages as opposed to compiled programming languages?

A.

Scripting languages are hard to learn.

B.

Scripting languages are not object-oriented.

C.

Scripting languages cannot be used to create graphical user interfaces.

D.

Scripting languages are slower because they require an interpreter to run the code.

Which method can provide a better return on IT security investment and provide a thorough and comprehensive assessment of organizational security covering policy, procedure design, and implementation?

A.

Penetration testing

B.

Social engineering

C.

Vulnerability scanning

D.

Access control list reviews

How can a policy help improve an employee's security awareness?

A.

By implementing written security procedures, enabling employee security training, and promoting the benefits of security

B.

By using informal networks of communication, establishing secret passing procedures, and immediately terminating employees

C.

By sharing security secrets with employees, enabling employees to share secrets, and establishing a consultative help line

D.

By decreasing an employee's vacation time, addressing ad-hoc employment clauses, and ensuring that managers know employee strengths

Which of the following guidelines or standards is associated with the credit card industry?

A.

Control Objectives for Information and Related Technology (COBIT)

B.

Sarbanes-Oxley Act (SOX)

C.

Health Insurance Portability and Accountability Act (HIPAA)

D.

Payment Card Industry Data Security Standards (PCI DSS)

Which of the following ensures that updates to policies, procedures, and configurations are made in a controlled and documented fashion?

A.

Regulatory compliance

B.

Peer review

C.

Change management

D.

Penetration testing

Which type of security document is written with specific step-by-step details?

A.

Process

B.

Procedure

C.

Policy

D.

Paradigm