312-50v10 | how many questions of 312-50v10 dumps?


P.S. Guaranteed 312-50v10 testing bible are available on Google Drive, GET MORE: https://drive.google.com/open?id=11X2yJs-IuI1bJbZ1vrpnms7JbUdqhTcR


New EC-Council 312-50v10 Exam Dumps Collection (Question 1 - Question 10)

Q1. What term describes the amount of risk that remains after the vulnerabilities are classified and the countermeasures have been deployed?

A. Deferred risk

B. Impact risk

C. Inherent risk

D. Residual risk

Answer: D

Q2. What type of analysis is performed when an attacker has partial knowledge of inner-workings of the application?

A. Black-box

B. Announced

C. White-box

D. Grey-box

Answer: D

Q3. Bob, your senior colleague, has sent you a mail regarding aa deal with one of the clients. You are requested to accept the offer and you oblige.

After 2 days, Bob denies that he had ever sent a mail.

What do you want to u201cknowu201d to prove yourself that it was Bob who had send a mail?

A. Confidentiality

B. Integrity

C. Non-Repudiation

D. Authentication

Answer: C

Q4. Security Policy is a definition of what it means to be secure for a system, organization or other entity. For Information Technologies, there are sub-policies like Computer Security Policy, Information Protection Policy, Information Security Policy, network Security Policy, Physical Security Policy, Remote Access Policy, and User Account Policy.

What is the main theme of the sub-policies for Information Technologies?

A. Availability, Non-repudiation, Confidentiality

B. Authenticity, Integrity, Non-repudiation

C. Confidentiality, Integrity, Availability

D. Authenticity, Confidentiality, Integrity

Answer: C

Q5. Sam is working as s pen-tester in an organization in Houston. He performs penetration testing on IDS in order to find the different ways an attacker uses to evade the IDS. Sam sends a large amount of packets to the target IDS that generates alerts, which enable Sam to hide the real traffic. What type of method is Sam using to evade IDS?

A. Denial-of-Service

B. False Positive Generation

C. Insertion Attack

D. Obfuscating

Answer: B

Q6. On performing a risk assessment, you need to determine the potential impacts when some of the critical business process of the company interrupt its service. What is the name of the process by which you can determine those critical business?

A. Risk Mitigation

B. Emergency Plan Response (EPR)

C. Disaster Recovery Planning (DRP)

D. Business Impact Analysis (BIA)

Answer: D

Q7. It has been reported to you that someone has caused an information spillage on their computer. You go to the computer, disconnect it from the network, remove the keyboard and mouse, and power it down. What step in incident handling did you just complete?

A. Discovery

B. Recovery

C. Containment

D. Eradication

Answer: C

Q8. Which of the following is the BEST way to defend against network sniffing?

A. Restrict Physical Access to Server Rooms hosting Critical Servers

B. Use Static IP Address

C. Using encryption protocols to secure network communications

D. Register all machines MAC Address in a Centralized Database

Answer: C

Q9. Which of the following will perform an Xmas scan using NMAP?

A. nmap -sA 192.168.1.254

B. nmap -sP 192.168.1.254

C. nmap -sX 192.168.1.254

D. nmap -sV 192.168.1.254

Answer: C

Q10. An attacker has installed a RAT on a host. The attacker wants to ensure that when a user attempts to go to "www.MyPersonalBank.com", that the user is directed to a phishing site.

Which file does the attacker need to modify?

A. Boot.ini

B. Sudoers

C. Networks

D. Hosts

Answer: D

Recommend!! Get the Guaranteed 312-50v10 dumps in VCE and PDF From Certifytools, Welcome to download: https://www.certifytools.com/312-50v10-exam.html (New Q&As Version)