Latest ECCouncil 312-50v8 Real Exam Download 331-340

QUESTION 331

When comparing the testing methodologies of Open Web Application Security Project (OWASP) and Open Source Security Testing Methodology Manual (OSSTMM) the main difference is

A. OWASP is for web applications and OSSTMM does not include web applications.

B. OSSTMM is gray box testing and.OWASP is black box testing.

C. OWASP addresses controls and.OSSTMM does not.

D. OSSTMM addresses controls and.OWASP does not.

Answer: D 

QUESTION 332

Which of the following is a protocol that is prone to a man-in-the-middle (MITM) attack and maps a 32-bit address to a 48-bit address?

A. ICPM

B. ARP

C. RARP

D. ICMP

Answer: B

QUESTION 333

Which NMAP.feature can a tester implement or adjust while scanning for open ports to avoid detection by the networkos IDS?

A. Timing options to slow the speed.that the port scan is conducted

B. Fingerprinting to identify which operating systems are running on the network

C. ICMP ping sweep to determine which hosts on the network are not available

D. Traceroute to control the path of the packets sent during the scan

Answer: A 

QUESTION 334

Windows file servers commonly hold sensitive files, databases, passwords and more.. Which of

the following choices would be a common vulnerability that usually exposes them?

A. Cross-site scripting

B. SQL injection

C. Missing patches

D. CRLF injection

Answer: C 

QUESTION 335

Which.type of access control is used on a router or firewall to limit network activity?

A. Mandatory

B. Discretionary

C. Rule-based

D. Role-based

Answer: C 

QUESTION 336

Which NMAP command combination would let a tester scan every TCP port from a class C network that is blocking ICMP with fingerprinting and service detection?

A. NMAP.-PN -A -O -sS 192.168.2.0/24

B. NMAP.-P0 -A -O -p1-65535 192.168.0/24

C. NMAP.-P0 -A -sT -p0-65535 192.168.0/16

D. NMAP.-PN -O -sS -p 1-1024 192.168.0/8

Answer: B 

QUESTION 337

Which.types of detection methods are employed by Network Intrusion Detection Systems (NIDS)?

(Choose two.)

A. Signature

B. Anomaly

C. Passive

D. Reactive

Answer: A,B 

QUESTION 338

The fundamental difference between symmetric and asymmetric key cryptographic systems is that symmetric key cryptography uses which of the following?

A. Multiple keys for non-repudiation of bulk data

B. Different keys on both ends of the transport medium

C. Bulk encryption for data transmission over fiber

D. The same key on each end of the transmission medium

Answer: D 

QUESTION 339

Which command lets a tester enumerate alive systems in a class C.network via ICMP using native Windows tools?

A. ping 192.168.2.

B. ping 192.168.2.255

C. for %V in (1 1 255) do PING 192.168.2.%V

D. for /L %V in (1 1 254) do PING -n 1 192.168.2.%V | FIND /I "Reply"

Answer: D 

QUESTION 340

How can telnet be used to fingerprint a web server?

A. telnet webserverAddress 80 HEAD / HTTP/1.0

B. telnet webserverAddress 80.PUT / HTTP/1.0

C. telnet webserverAddress 80 HEAD / HTTP/2.0

D. telnet webserverAddress 80.PUT / HTTP/2.0

Answer: A