Latest ECCouncil 312-50v8 Real Exam Download 391-400

QUESTION 391
Which results will be returned with the following Google search query? site:target.com -site:Marketing.target.com accounting
A. Results matching all words in the query
B. Results matching paccountingq in domain target.com but.not on the site Marketing.target.com
C. Results from matches on the site marketing.target.com that are in the domain target.com but do not include the word accounting
D. Results for matches on target.com and Marketing.target.com that include the word paccountingq
Answer: 
QUESTION 392
One advantage of an application-level firewall is the ability to
A. filter packets at the network level.
B. filter specific commands,such as http:post.
C. retain state information for each packet.
D. monitor tcp handshaking.
Answer: 
QUESTION 393
Which type of security document is written with specific step-by-step details?
A. Process
B. Procedure
C. Policy
D. Paradigm
Answer: 
QUESTION 394
A.certified ethical hacker (CEH).completed a penetration test of the main headquarters of.a company.almost two months ago, but has yet to get paid..The customer is suffering from financial problems, and the CEH is worried that the company will go out of business and end up not paying..What actions should.the CEH.take?
A. Threaten to publish the penetration test results if not paid.
B. Follow proper legal procedures against the company to request payment.
C. Tell other customers of the financial problems with payments from this company.
D. Exploit some of the vulnerabilities found on the company webserver to deface it.
Answer: 
QUESTION 395
If.a tester is attempting to ping a target that.exists but receives no response or a response that states the destination is unreachable, ICMP may be disabled and the network may be using TCP. Which other option could the tester use to get a response from a host using TCP?
A. Hping
B. Traceroute
C. TCP ping
D. Broadcast ping
Answer: 
QUESTION 396
How can rainbow tables be defeated?
A. Password salting
B. Use of.non-dictionary words
C. All uppercase character passwords
D. Lockout accounts under brute force password cracking attempts
Answer: 
QUESTION 397
Which of the following is.an advantage of utilizing security testing methodologies.to conduct a security audit?
A. They provide a repeatable framework.
B. Anyone can run the command line scripts.
C. They are available at low cost.
D. They are subject to government regulation.
Answer: 
QUESTION 398
A developer for a company.is tasked with creating a program that will allow customers to update their billing and shipping information. The billing address field used is limited to 50 characters..What pseudo code would the developer use to avoid a buffer overflow attack on the billing address field?
A. if (billingAddress = 50) {update field} else exit
B. if (billingAddress != 50) {update field} else exit
C. if (billingAddress >= 50) {update field} else exit
D. if (billingAddress <= 50) {update field} else exit
Answer: 
QUESTION 399
If the final set of security controls does not eliminate all risk in a system, what could be done next?
A. Continue to apply controls until there is zero risk.
B. Ignore any remaining risk.
C. If the residual risk is low enough,it can be accepted.
D. Remove current controls since they are not completely effective.
Answer: 
QUESTION 400
In keeping with the best practices of layered security, where are the best places to place intrusion detection/intrusion prevention systems? (Choose two.)
A. HID/HIP (Host-based Intrusion Detection/Host-based Intrusion Prevention)
B. NID/NIP (Node-based Intrusion Detection/Node-based Intrusion Prevention)
C. NID/NIP (Network-based Intrusion Detection/Network-based Intrusion Prevention)
D. CID/CIP (Computer-based Intrusion Detection/Computer-based Intrusion Prevention)
Answer: A,C 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s