This page was exported from Braindump2go Free Exam Dumps with PDF and VCE Collection [ https://www.mcitpdump.com ] Export date:Fri Apr 19 6:56:05 2024 / +0000 GMT ___________________________________________________ Title: [New 312-50v10 Dumps]Exam Pass 100%!Braindump2go 312-50v10 PDF Dumps 150Q Instant Download[67-77] --------------------------------------------------- 2018/August Braindump2go EC-Council 312-50v10 Exam Dumps with PDF and VCE New Updated Today! Folliwing are some new 312-50v10 Real Exam Questions:1.|2018 Latest 312-50v10 Exam Dumps (PDF & VCE) 150Q&As Download:https://www.braindump2go.com/312-50v10.html2.|2018 Latest 312-50v10 Exam Questions & Answers Download:https://drive.google.com/drive/folders/1g15jl9W8jnovDp0b_CsOg86BZSP5ualP?usp=sharingQUESTION 67Bob finished a C programming course and created a small C application to monitor the network traffic and produce alerts when any origin sends "many" IP packets, based on the average number of packets sent by all origins and using some thresholds.In concept, the solution developed by Bob is actually:A. Just a network monitoring toolB. A signature-based IDSC. A hybrid IDSD. A behavior-based IDSAnswer: AQUESTION 68Which of the following is a low-tech way of gaining unauthorized access to systems?A. ScanningB. SniffingC. Social EngineeringD. EnumerationAnswer: CQUESTION 69When tuning security alerts, what is the best approach?A. Tune to avoid False positives and False NegativesB. Rise False positives Rise False NegativesC. Decrease the false positivesD. Decrease False negativesAnswer: AQUESTION 70In an internal security audit, the white hat hacker gains control over a user account and attempts to acquire access to another account's confidential files and information. How can he achieve this?A. Privilege EscalationB. Shoulder-SurfingC. Hacking Active DirectoryD. Port ScanningAnswer: AQUESTION 71Which regulation defines security and privacy controls for Federal information systems and organizations?A. HIPAAB. EU Safe HarborC. PCI-DSSD. NIST-800-53Answer: DQUESTION 72Your company performs penetration tests and security assessments for small and medium-sized business in the local area. During a routine security assessment, you discover information that suggests your client is involved with human trafficking.What should you do?A. Confront the client in a respectful manner and ask her about the data.B. Copy the data to removable media and keep it in case you need it.C. Ignore the data and continue the assessment until completed as agreed.D. Immediately stop work and contact the proper legal authorities.Answer: DQUESTION 73You are a security officer of a company. You had an alert from IDS that indicates that one PC on your Intranet is connected to a blacklisted IP address (C2 Server) on the Internet. The IP address was blacklisted just before the alert. You are staring an investigation to roughly analyze the severity of the situation. Which of the following is appropriate to analyze?A. Event logs on the PCB. Internet Firewall/Proxy logC. IDS logD. Event logs on domain controllerAnswer: BQUESTION 74Identify the UDP port that Network Time Protocol (NTP) uses as its primary means of communication?A. 123B. 161C. 69D. 113Answer: AQUESTION 75It has been reported to you that someone has caused an information spillage on their computer. You go to the computer, disconnect it from the network, remove the keyboard and mouse, and power it down. What step in incident handling did you just complete?A. DiscoveryB. RecoveryC. ContainmentD. EradicationAnswer: CQUESTION 76Which of the following cryptography attack is an understatement for the extraction of cryptographic secrets (e.g. the password to an encrypted file) from a person by a coercion or torture?A. Chosen-Cipher text AttackB. Ciphertext-only AttackC. Timing AttackD. Rubber Hose AttackAnswer: DQUESTION 77In cryptanalysis and computer security, 'pass the hash' is a hacking technique that allows an attacker to authenticate to a remote server/service by using the underlying NTLM and/or LanMan hash of a user's password, instead of requiring the associated plaintext password as is normally the case. Metasploit Framework has a module for this technique: psexec. The psexec module is often used by penetration testers to obtain access to a given system whose credentials are known. It was written by sysinternals and has been integrated within the framework. The penetration testers successfully gain access to a system through some exploit, use meterpreter to grab the passwords or other methods like fgdump, pwdump, or cachedump and then utilize rainbowtables to crack those hash values.Which of the following is true hash type and sort order that is used in the psexec module's 'smbpass' option?A. LM:NTB. NTLM:LMC. NT:LMD. LM:NTLMAnswer: A!!!RECOMMEND!!!1.|2018 Latest 312-50v10 Exam Dumps (PDF & VCE) 150Q&As Download:https://www.braindump2go.com/312-50v10.html2.|2018 Latest 312-50v10 Study Guide Video: YouTube Video: YouTube.com/watch?v=8vRAuID1hSw --------------------------------------------------- Images: --------------------------------------------------- --------------------------------------------------- Post date: 2018-08-22 08:17:44 Post date GMT: 2018-08-22 08:17:44 Post modified date: 2018-08-22 08:17:44 Post modified date GMT: 2018-08-22 08:17:44 ____________________________________________________________________________________________ Export of Post and Page as text file has been powered by [ Universal Post Manager ] plugin from www.gconverters.com