New Year Special Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

  1. Home
  2. ECCouncil
  3. Certified Ethical Hacker
  4. 312-50 - Certified Ethical Hacker Exam

312-50 Exam Dumps - Certified Ethical Hacker Exam

Go to page:
Question # 49

Which type of security feature stops vehicles from crashing through the doors of a building?

A.

Turnstile

B.

Bollards

C.

Mantrap

D.

Receptionist

Full Access
Question # 50

Which of the following is a protocol specifically designed for transporting event messages?

A.

SYSLOG

B.

SMS

C.

SNMP

D.

ICMP

Full Access
Question # 51

Perspective clients want to see sample reports from previous penetration tests.

What should you do next?

A.

Decline but, provide references.

B.

Share full reports, not redacted.

C.

Share full reports with redactions.

D.

Share reports, after NDA is signed.

Full Access
Question # 52

Which United States legislation mandates that the Chief Executive Officer (CEO) and the Chief Financial Officer (CFO) must sign statements verifying the completeness and accuracy of financial reports?

A.

Sarbanes-Oxley Act (SOX)

B.

Gramm-Leach-Bliley Act (GLBA)

C.

Fair and Accurate Credit Transactions Act (FACTA)

D.

Federal Information Security Management Act (FISMA)

Full Access
Question # 53

Which method can provide a better return on IT security investment and provide a thorough and comprehensive assessment of organizational security covering policy, procedure design, and implementation?

A.

Penetration testing

B.

Social engineering

C.

Vulnerability scanning

D.

Access control list reviews

Full Access
Question # 54

How do employers protect assets with security policies pertaining to employee surveillance activities?

A.

Employers promote monitoring activities of employees as long as the employees demonstrate trustworthiness.

B.

Employers use informal verbal communication channels to explain employee monitoring activities to employees.

C.

Employers use network surveillance to monitor employee email traffic, network access, and to record employee keystrokes.

D.

Employers provide employees written statements that clearly discuss the boundaries of monitoring activities and consequences.

Full Access
Question # 55

Which of the following conditions must be given to allow a tester to exploit a Cross-Site Request Forgery (CSRF) vulnerable web application?

A.

The victim user must open the malicious link with an Internet Explorer prior to version 8.

B.

The session cookies generated by the application do not have the HttpOnly flag set.

C.

The victim user must open the malicious link with a Firefox prior to version 3.

D.

The web application should not use random tokens.

Full Access
Question # 56

What is the name of the international standard that establishes a baseline level of confidence in the security functionality of IT products by providing a set of requirements for evaluation?

A.

Blue Book

B.

ISO 26029

C.

Common Criteria

D.

The Wassenaar Agreement

Full Access
Go to page:

Hot Exams

ADM-201 Dumps
Platform-App-Builder Dumps
AZ-500 Dumps
350-701 Dumps
SY0-601 Dumps
NCSE-Core Dumps
PDP9 Dumps
DP-203 Dumps
AZ-700 Dumps
NSE7_EFW-7.0 Dumps
Integration-Architect Dumps
CS0-003 Dumps