312-50v10 | Precise EC-Council 312-50v10 exam dumps

Question No: 7

A virus that attempts to install itself inside the file it is infecting is called?

A. Tunneling virus

B. Cavity virus

C. Polymorphic virus

D. Stealth virus

Answer: B

Question No: 8

Why should the security analyst disable/remove unnecessary ISAPI filters?

A. To defend against social engineering attacks

B. To defend against webserver attacks

C. To defend against jailbreaking

D. To defend against wireless attacks

Answer: B

Question No: 9

What is the least important information when you analyze a public IP address in a security alert?

A. ARP

B. Whois

C. DNS

D. Geolocation

Answer: A

Question No: 10

In cryptanalysis and computer security, 'pass the hash' is a hacking technique that allows an attacker to authenticate to a remote server/service by using the underlying NTLM and/or LanMan hash of a user's password, instead of requiring the associated plaintext password as is normally the case.

Metasploit Framework has a module for this technique: psexec. The psexec module is often used by penetration testers to obtain access to a given system whose credentials are known. It was written by

sysinternals and has been integrated within the framework. The penetration testers successfully gain access to a system through some exploit, use meterpreter to grab the passwords or other methods like fgdump, pwdump, or cachedump and then utilize rainbowtables to crack those hash values.

Which of the following is true hash type and sort order that is used in the psexec module's 'smbpass' option?

A. LM:NT

B. NTLM:LM

C. NT:LM

D. LM:NTLM

Answer: A

Question No: 11

Code injection is a form of attack in which a malicious user:

A. Inserts text into a data field that gets interpreted as code

B. Gets the server to execute arbitrary code using a buffer overflow

C. Inserts additional code into the JavaScript running in the browser

D. Gains access to the codebase on the server and inserts new code

Answer: A

Question No: 12

Steve, a scientist who works in a governmental security agency, developed a technological solution to identify people based on walking patterns and implemented this approach to a physical control access.

A camera captures people walking and identifies the individuals using Steveu2021s approach.

After that, people must approximate their RFID badges. Both the identifications are required to open the door. In this case, we can say:

A. Although the approach has two phases, it actually implements just one authentication factor

B. The solution implements the two authentication factors: physical object and physical characteristic

C. The solution will have a high level of false positives

D. Biological motion cannot be used to identify people

Answer: B

Question No: 13

What type of vulnerability/attack is it when the malicious person forces the useru2021s browser to send an authenticated request to a server?

A. Cross-site request forgery

B. Cross-site scripting

C. Session hijacking

D. Server side request forgery

Answer: A

Question No: 14

Alice encrypts her data using her public key PK and stores the encrypted data in the cloud. Which of the following attack scenarios will compromise the privacy of her data?

A. None of these scenarios compromise the privacy of Aliceu2021s data

B. Agent Andrew subpoenas Alice, forcing her to reveal her private key. However, the cloud server successfully resists Andrewu2021s attempt to access the stored data

C. Hacker Harry breaks into the cloud server and steals the encrypted data

D. Alice also stores her private key in the cloud, and Harry breaks into the cloud server as before

Answer: D

Question No: 15

DNS cache snooping is a process of determining if the specified resource address is present in the DNS cache records. It may be useful during the examination of the network to determine what software update resources are used, thus discovering what software is installed.

What command is used to determine if the entry is present in DNS cache?

A. nslookup -fullrecursive update.antivirus.com

B. dnsnooping u2013rt update.antivirus.com

C. nslookup -norecursive update.antivirus.com

D. dns --snoop update.antivirus.com

Answer: C

Question No: 16

What would you enter, if you wanted to perform a stealth scan using Nmap?

A. nmap -sU

B. nmap -sS

C. nmap -sM

D. nmap -sT

Answer: B