ECcouncil 312 50v11
Q: 1
Chandler works as a pen-tester in an IT-firm in New York. As a part of detecting viruses in the
systems, he uses a detection method where the anti-virus executes the malicious codes on a virtual
machine to simulate CPU and memory activities. Which type of virus detection method did Chandler
use in this context?
Options
Q: 2
While examining audit logs, you discover that people are able to telnet into the SMTP server on port
25. You would like to block this, though you do not see any evidence of an attack or other wrong
doing. However, you are concerned about affecting the normal functionality of the email server.
From the following options choose how best you can achieve this objective?
Options
Q: 3
Bob, a network administrator at BigUniversity, realized that some students are connecting their
notebooks in the wired network to have Internet access. In the university campus, there are many
Ethernet ports available for professors and authorized visitors but not for students.
He identified this when the IDS alerted for malware activities in the network. What should Bob do to
avoid this problem?
Options
Q: 4
Internet Protocol Security IPsec is actually a suite pf protocols. Each protocol within the suite
provides different functionality. Collective IPsec does everything except.
Options
Q: 5
What is the purpose of a demilitarized zone on a network?
Options
Q: 6
Susan has attached to her company's network. She has managed to synchronize her boss's sessions
with that of the file server. She then intercepted his traffic destined for the server, changed it the way
she wanted to and then placed it on the server in his home directory.
What kind of attack is Susan carrying on?
Options
Q: 7
Identify the web application attack where the attackers exploit vulnerabilities in dynamically
generated web pages to inject client-side script into web pages viewed by other users.
Options
Q: 8
Eric has discovered a fantastic package of tools named Dsniff on the Internet. He has learnt to use
these tools in his lab and is now ready for real world exploitation. He was able to effectively intercept
communications between the two entities and establish credentials with both sides of the
connections. The two remote ends of the communication never notice that Eric is relaying the
information between the two. What would you call this attack?
Options
Q: 9
What is the way to decide how a packet will move from an untrusted outside host to a protected
inside that is behind a firewall, which permits the hacker to determine which ports are open and if
the packets can pass through the packet-filtering of the firewall?
Options
Q: 10
Shellshock allowed an unauthorized user to gain access to a server. It affected many Internet-facing
services, which OS did it not directly affect?
Options
Question 1 of 10
