Eccouncil 312-50 practice test

Question 1

What is the known plaintext attack used against DES which gives the result that encrypting plaintext
with one DES key followed by encrypting it with a second DES key is no more secure than using a
single key?
A. Man-in-the-middle attack
B. Meet-in-the-middle attack
C. Replay attack
D. Traffic analysis attack

Answer:

B
264/264

Question 2

Why is a penetration test considered to be more thorough than vulnerability scan?

• A. The tools used by penetration testers tend to have much more comprehensive vulnerability databases.
• B. A penetration test actively exploits vulnerabilities in the targeted infrastructure, while a vulnerability scan does not typically involve active exploitation.
• C. It is not a penetration test is often performed by an automated tool, while a vulnerability scan requires active engagement.
• D. Vulnerability scans only do host discovery and port scanning by default.

Answer:

B

Question 3

Suppose your company has just passed a security risk assessment exercise. The results display that
the risk of the breach in the main company application is 50%. Security staff has taken some
measures and implemented the necessary controls. After that another security risk assessment was
performed showing that risk has decreased to 10%. The risk threshold for the application is 20%.
Which of the following risk decisions will be the best for the project in terms of its successful
continuation with most business profit?
A. Avoid the risk
B. Accept the risk
C. Introduce more controls to bring risk to 0%
D. Mitigate the risk

Answer:

B
263/264
Questions & Answers PDF
P-

Question 4

Which of the following Linux commands will resolve a domain name into IP address?

• A. >host -t AXFR hackeddomain.com
• B. >host -t a hackeddomain.com
• C. >host -t soa hackeddomain.com
• D. >host -t ns hackeddomain.com

Answer:

B

Question 5

Hackers often raise the trust level of a phishing message by modeling the email to look similar to the
internal email used by the target company. This includes using logos, formatting, and names of the
target company. The phishing message will often use the name of the company CEO, president, or
managers. The time a hacker spends performing research to locate this information about a company
is known as?

• A. Enumeration
• B. Investigation
• C. Exploration
• D. Reconnaissance

Answer:

D

Question 6

Peter is surfing the internet looking for information about DX Company. Which hacking process is
Peter doing?

• A. Scanning
• B. System Hacking
• C. Footprinting
• D. Enumeration 262/264 Questions & Answers PDF P-

Answer:

C

Question 7

The tools which receive event logs from servers, network equipment, and applications, and perform
analysis and correlation on those logs, and can generate alarms for security relevant issues, are
known as what?

• A. network Sniffer
• B. Vulnerability Scanner
• C. Intrusion prevention Server
• D. Security incident and event Monitoring

Answer:

D

Question 8

You have successfully logged on a Linux system. You want to now cover your trade Your login attempt
may be logged on several files located in /var/log. Which file does NOT belongs to the list:

• A. user.log
• B. auth.fesg
• C. wtmp
• D. btmp

Answer:

C

Question 9

You are tasked to configure the DHCP server to lease the last 100 usable IP addresses in subnet to.
1.4.0/23. Which of the following IP addresses could be teased as a result of the new configuration?
261/264
Questions & Answers PDF
P-

• A. 210.1.55.200
• B. 10.1.4.254
• C. 10..1.5.200
• D. 10.1.4.156

Answer:

C

Question 10

You are analysing traffic on the network with Wireshark. You want to routinely run a cron job which
will run the capture against a specific set of IPs - 192.168.8.0/24. What command you would use?

• A. wireshark --fetch ''192.168.8*''
• B. wireshark --capture --local masked 192.168.8.0 ---range 24
• C. tshark -net 192.255.255.255 mask 192.168.8.0
• D. sudo tshark -f''net 192 .68.8.0/24''

Answer:

D