Summer Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ecus65

ECCouncil 312-50 - Certified Ethical Hacker Exam

ECCouncil 312-50 Premium Access     Download Demo    
Page: 6 / 13
Total 614 questions

The following is a sample of output from a penetration tester's machine targeting a machine with the IP address of 192.168.1.106:

What is most likely taking place?

A.

Ping sweep of the 192.168.1.106 network

B.

Remote service brute force attempt

C.

Port scan of 192.168.1.106

D.

Denial of service attack on 192.168.1.106

What information should an IT system analysis provide to the risk assessor?

A.

Management buy-in

B.

Threat statement

C.

Security architecture

D.

Impact analysis

John the Ripper is a technical assessment tool used to test the weakness of which of the following?

A.

Usernames

B.

File permissions

C.

Firewall rulesets

D.

Passwords

A company has publicly hosted web applications and an internal Intranet protected by a firewall. Which technique will help protect against enumeration?

A.

Reject all invalid email received via SMTP.

B.

Allow full DNS zone transfers.

C.

Remove A records for internal hosts.

D.

Enable null session pipes.

Passive reconnaissance involves collecting information through which of the following?

A.

Social engineering

B.

Network traffic sniffing

C.

Man in the middle attacks

D.

Publicly accessible sources

Which of the following techniques will identify if computer files have been changed?

A.

Network sniffing

B.

Permission sets

C.

Integrity checking hashes

D.

Firewall alerts

A penetration tester is conducting a port scan on a specific host. The tester found several ports opened that were confusing in concluding the Operating System (OS) version installed. Considering the NMAP result below, which of the following is likely to be installed on the target machine by the OS?

A.

The host is likely a Windows machine.

B.

The host is likely a Linux machine.

C.

The host is likely a router.

D.

The host is likely a printer.

A Security Engineer at a medium-sized accounting firm has been tasked with discovering how much information can be obtained from the firm's public facing web servers. The engineer decides to start by using netcat to port 80.

The engineer receives this output:

Which of the following is an example of what the engineer performed?

A.

Cross-site scripting

B.

Banner grabbing

C.

SQL injection

D.

Whois database query

Which of the following is a component of a risk assessment?

A.

Physical security

B.

Administrative safeguards

C.

DMZ

D.

Logical interface

Which of the following is considered an acceptable option when managing a risk?

A.

Reject the risk.

B.

Deny the risk.

C.

Mitigate the risk.

D.

Initiate the risk.