312-50 Exam Dumps - Certified Ethical Hacker Exam

Go to page:

<< First
Prev
1
2
3
4
5
6
7
8
9
Next
Last >>

Question # 41

Which of the following descriptions is true about a static NAT?

A static NAT uses a many-to-many mapping.

A static NAT uses a one-to-many mapping.

A static NAT uses a many-to-one mapping.

A static NAT uses a one-to-one mapping.

Full Access

Question # 42

Which of the following defines the role of a root Certificate Authority (CA) in a Public Key Infrastructure (PKI)?

The root CA is the recovery agent used to encrypt data when a user's certificate is lost.

The root CA stores the user's hash value for safekeeping.

The CA is the trusted root that issues certificates.

The root CA is used to encrypt email messages to prevent unintended disclosure of data.

Full Access

Question # 43

The intrusion detection system at a software development company suddenly generates multiple alerts regarding attacks against the company's external webserver, VPN concentrator, and DNS servers. What should the security team do to determine which alerts to check first?

Investigate based on the maintenance schedule of the affected systems.

Investigate based on the service level agreements of the systems.

Investigate based on the potential effect of the incident.

Investigate based on the order that the alerts arrived in.

Full Access

Question # 44

When setting up a wireless network, an administrator enters a pre-shared key for security. Which of the following is true?

The key entered is a symmetric key used to encrypt the wireless data.

The key entered is a hash that is used to prove the integrity of the wireless data.

The key entered is based on the Diffie-Hellman method.

The key is an RSA key used to encrypt the wireless data.

Full Access

Question # 45

What kind of risk will remain even if all theoretically possible safety measures would be applied?

Residual risk

Inherent risk

Impact risk

Deferred risk

Full Access

Question # 46

Which of the following is the BEST way to protect Personally Identifiable Information (PII) from being exploited due to vulnerabilities of varying web applications?

Use cryptographic storage to store all PII

Use full disk encryption on all hard drives to protect PII

Use encrypted communications protocols to transmit PII

Use a security token to log into all Web applications that use PII

Full Access

Question # 47

You work for Acme Corporation as Sales Manager. The company has tight network security restrictions. You are trying to steal data from the company's Sales database (Sales.xls) and transfer them to your home computer. Your company filters and monitors traffic that leaves from the internal network to the Internet. How will you achieve this without raising suspicion?

Encrypt the Sales.xls using PGP and e-mail it to your personal gmail account

Package the Sales.xls using Trojan wrappers and telnet them back your home computer

You can conceal the Sales.xls database in another file like photo.jpg or other files and send it out in an innocent looking email or file transfer using Steganography techniques

Change the extension of Sales.xls to sales.txt and upload them as attachment to your hotmail account

Full Access

Question # 48

A specific site received 91 ICMP_ECHO packets within 90 minutes from 47 different sites.

77 of the ICMP_ECHO packets had an ICMP ID:39612 and Seq:57072. 13 of the ICMP_ECHO packets had an ICMP ID:0 and Seq:0. What can you infer from this information?

The packets were sent by a worm spoofing the IP addresses of 47 infected sites

ICMP ID and Seq numbers were most likely set by a tool and not by the operating system

All 77 packets came from the same LAN segment and hence had the same ICMP ID and Seq number

13 packets were from an external network and probably behind a NAT, as they had an ICMP ID 0 and Seq 0

Full Access

Go to page: