Latest ECCouncil 312-50v8 Real Exam Download 391-400

Which results will be returned with the following Google search query? accounting
A. Results matching all words in the query
B. Results matching paccountingq in domain but.not on the site
C. Results from matches on the site that are in the domain but do not include the word accounting
D. Results for matches on and that include the word paccountingq
One advantage of an application-level firewall is the ability to
A. filter packets at the network level.
B. filter specific commands,such as http:post.
C. retain state information for each packet.
D. monitor tcp handshaking.
Which type of security document is written with specific step-by-step details?
A. Process
B. Procedure
C. Policy
D. Paradigm
A.certified ethical hacker (CEH).completed a penetration test of the main headquarters of.a company.almost two months ago, but has yet to get paid..The customer is suffering from financial problems, and the CEH is worried that the company will go out of business and end up not paying..What actions should.the CEH.take?
A. Threaten to publish the penetration test results if not paid.
B. Follow proper legal procedures against the company to request payment.
C. Tell other customers of the financial problems with payments from this company.
D. Exploit some of the vulnerabilities found on the company webserver to deface it.
If.a tester is attempting to ping a target that.exists but receives no response or a response that states the destination is unreachable, ICMP may be disabled and the network may be using TCP. Which other option could the tester use to get a response from a host using TCP?
A. Hping
B. Traceroute
C. TCP ping
D. Broadcast ping
How can rainbow tables be defeated?
A. Password salting
B. Use of.non-dictionary words
C. All uppercase character passwords
D. Lockout accounts under brute force password cracking attempts
Which of the following advantage of utilizing security testing conduct a security audit?
A. They provide a repeatable framework.
B. Anyone can run the command line scripts.
C. They are available at low cost.
D. They are subject to government regulation.
A developer for a tasked with creating a program that will allow customers to update their billing and shipping information. The billing address field used is limited to 50 characters..What pseudo code would the developer use to avoid a buffer overflow attack on the billing address field?
A. if (billingAddress = 50) {update field} else exit
B. if (billingAddress != 50) {update field} else exit
C. if (billingAddress >= 50) {update field} else exit
D. if (billingAddress <= 50) {update field} else exit
If the final set of security controls does not eliminate all risk in a system, what could be done next?
A. Continue to apply controls until there is zero risk.
B. Ignore any remaining risk.
C. If the residual risk is low enough,it can be accepted.
D. Remove current controls since they are not completely effective.
In keeping with the best practices of layered security, where are the best places to place intrusion detection/intrusion prevention systems? (Choose two.)
A. HID/HIP (Host-based Intrusion Detection/Host-based Intrusion Prevention)
B. NID/NIP (Node-based Intrusion Detection/Node-based Intrusion Prevention)
C. NID/NIP (Network-based Intrusion Detection/Network-based Intrusion Prevention)
D. CID/CIP (Computer-based Intrusion Detection/Computer-based Intrusion Prevention)
Answer: A,C 

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s