Weekend Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmas50

ECCouncil 312-50 - Certified Ethical Hacker Exam

ECCouncil 312-50 Premium Access     Download Demo    
Page: 5 / 13
Total 614 questions

Which of the following network attacks takes advantage of weaknesses in the fragment reassembly functionality of the TCP/IP protocol stack?

A.

Teardrop

B.

SYN flood

C.

Smurf attack

D.

Ping of death

While testing the company's web applications, a tester attempts to insert the following test script into the search area on the company's web site:

Afterwards, when the tester presses the search button, a pop-up box appears on the screen with the text: "Testing Testing Testing". Which vulnerability has been detected in the web application?

A.

Buffer overflow

B.

Cross-site request forgery

C.

Distributed denial of service

D.

Cross-site scripting

When setting up a wireless network, an administrator enters a pre-shared key for security. Which of the following is true?

A.

The key entered is a symmetric key used to encrypt the wireless data.

B.

The key entered is a hash that is used to prove the integrity of the wireless data.

C.

The key entered is based on the Diffie-Hellman method.

D.

The key is an RSA key used to encrypt the wireless data.

An attacker has captured a target file that is encrypted with public key cryptography. Which of the attacks below is likely to be used to crack the target file?

A.

Timing attack

B.

Replay attack

C.

Memory trade-off attack

D.

Chosen plain-text attack

Which of the following can take an arbitrary length of input and produce a message digest output of 160 bit?

A.

SHA-1

B.

MD5

C.

HAVAL

D.

MD4

An attacker sniffs encrypted traffic from the network and is subsequently able to decrypt it. The attacker can now use which cryptanalytic technique to attempt to discover the encryption key?

A.

Birthday attack

B.

Plaintext attack

C.

Meet in the middle attack

D.

Chosen ciphertext attack

Which of the following is a preventive control?

A.

Smart card authentication

B.

Security policy

C.

Audit trail

D.

Continuity of operations plan

Which security control role does encryption meet?

A.

Preventative

B.

Detective

C.

Offensive

D.

Defensive

Which of the following is a detective control?

A.

Smart card authentication

B.

Security policy

C.

Audit trail

D.

Continuity of operations plan

What type of OS fingerprinting technique sends specially crafted packets to the remote OS and analyzes the received response?

A.

Passive

B.

Reflective

C.

Active

D.

Distributive