Having a EC-Council EC-Council certification is actually necessary for those who need to look for a new job inside IT field. Its a new demanding job for you to prepare the actual EC-Council 312-50v8 certification exam. Youd better attend a new EC-Council 312-50v8 online training course. However, with so many resources offering 312-50v8 research materials, it can be difficult to select the actual the best EC-Council EC-Council for you. Pass4sure is a premier resource for your EC-Council 312-50v8 exam.
2021 Sep 312-50v8 exam question
Q191. In the following example, which of these is the "exploit"?
Today, Microsoft Corporation released a security notice. It detailed how a person could bring down the Windows 2003 Server operating system, by sending malformed packets to it. They detailed how this malicious process had been automated using basic scripting. Even worse, the new automated method for bringing down the server has already been used to perform denial of service attacks on many large commercial websites.
Select the best answer.
A. Microsoft Corporation is the exploit.
B. The security "hole" in the product is the exploit.
C. Windows 2003 Server
D. The exploit is the hacker that would use this vulnerability.
E. The documented method of how to use the vulnerability to gain unprivileged access.
Answer: E
Q192. You are the security administrator for a large network. You want to prevent attackers from running any sort of traceroute into your DMZ and discovering the internal structure of publicly accessible areas of the network. How can you achieve this?
A. There is no way to completely block tracerouting into this area
B. Block UDP at the firewall
C. Block TCP at the firewall
D. Block ICMP at the firewall
Answer: A
Q193. A very useful resource for passively gathering information about a target company is:
A. Host scanning
B. Whois search
C. Traceroute
D. Ping sweep
Answer: B
Q194. Bryan notices the error on the web page and asks Liza to enter liza' or '1'='1 in the email field. They are greeted with a message "Your login information has been mailed to johndoe@gmail.com". What do you think has occurred?
A. The web application picked up a record at random
B. The web application returned the first record it found
C. The server error has caused the application to malfunction
D. The web application emailed the administrator about the error
Answer: B
Q195. A penetration tester was hired to perform a penetration test.for a.bank..The tester began searching for IP ranges owned by the bank, performing lookups on the bank's DNS servers, reading news articles online about the bank, watching what times the bank employees come into work and leave from work, searching the bank's job postings (paying special attention to IT related jobs), and visiting the local dumpster for the bank's corporate office. What phase of the penetration test is the tester currently in?
A. Information reporting
B. Vulnerability assessment
C. Active information gathering
D. Passive information gathering
Answer: D
Up to date 312-50v8 question:
Q196. In an attempt to secure his wireless network, Bob implements a VPN to cover the wireless communications. Immediately after the implementation, users begin complaining about how slow the wireless network is. After benchmarking the network’s speed. Bob discovers that throughput has dropped by almost half even though the number of users has remained the same.
Why does this happen in the VPN over wireless implementation?
A. The stronger encryption used by the VPN slows down the network.
B. Using a VPN with wireless doubles the overhead on an access point for all direct client to access point communications.
C. VPNs use larger packets then wireless networks normally do.
D. Using a VPN on wireless automatically enables WEP,which causes additional overhead.
Answer: B
Q197. You have just received an assignment for an assessment at a company site. Company's management is concerned about external threat and wants to take appropriate steps to insure security is in place. Anyway the management is also worried about possible threats coming from inside the site, specifically from employees belonging to different Departments. What kind of assessment will you be performing ?
A. Black box testing
B. Black hat testing
C. Gray box testing
D. Gray hat testing
E. White box testing
F. White hat testing
Answer: C
Q198. Your XYZ trainee Sandra asks you which are the four existing Regional Internet Registry (RIR's)?
A. APNIC,PICNIC,ARIN,LACNIC
B. RIPE NCC,LACNIC,ARIN,APNIC
C. RIPE NCC,NANIC,ARIN,APNIC
D. RIPE NCC,ARIN,APNIC,LATNIC
Answer: B
Q199. Which of the following is an automated vulnerability assessment tool?
A. Whack a Mole
B. Nmap
C. Nessus
D. Kismet
E. Jill32
Answer: C
Q200. When writing shellcodes, you must avoid ____________ because these will end the string.
A. Root bytes
B. Null bytes
C. Char bytes
D. Unicode bytes
Answer: B