Free Access EC-COUNCIL.312-50v10.v2022-04-11.q310 Practice Test (Page 59)

Question 286

An incident investigator asks to receive a copy of the event logs from all firewalls, proxy servers, and
Intrusion Detection Systems (IDS) on the network of an organization that has experienced a possible
breach of security. When the investigator attempts to correlate the information in all of the logs, the
sequence of many of the logged events do not match up.
What is the most likely cause?

A.The security breach was a false positive.

B.The network devices are not all synchronized.

C.Proper chain of custody was not observed while collecting the logs.

D.The attacker altered or erased events from the logs.

Question 287

Switches maintain a CAM Table that maps individual MAC addresses on the network to physical ports on the switch.

In MAC flooding attack, a switch is fed with many Ethernet frames, each containing different source MAC addresses, by the attacker. Switches have a limited memory for mapping various MAC addresses to physical ports. What happens when the CAM table becomes full?

A.The switch replaces outgoing frame switch factory default MAC address of FF:FF:FF:FF:FF:FF

B.Switch then acts as hub by broadcasting packets to all machines on the network

C.The CAM overflow table will cause the switch to crash causing Denial of Service

D.Every packet is dropped and the switch sends out SNMP alerts to the IDS port

Question 288

In both pharming and phishing attacks an attacker can create websites that look similar to legitimate sites with the intent of collecting personal identifiable information from its victims. What is the difference between pharming and phishing attacks?

A.In a pharming attack a victim is redirected to a fake website by modifying their host configuration file or by exploiting vulnerabilities in DNS. In a phishing attack an attacker provides the victim with a URL that is either misspelled or looks similar to the actual websites domain name.

B.In a phishing attack a victim is redirected to a fake website by modifying their host configuration file or by exploiting vulnerabilities in DNS. In a phishing attack an attacker provides the victim with a URL that is either misspelled or looks similar to the actual websites domain name.

C.Both pharming and phishing attacks are purely technical and are not considered forms of social engineering

D.Both pharming and phishing attacks are identical.

Question 289

You are monitoring the network of your organizations. You notice that:
Which of the following solution will you suggest?

A.Both B and C

B.Update the Latest Signatures on your IDS/IPS

C.Block the Blacklist IP's @ Firewall

D.Clean the Malware which are trying to Communicate with the External Blacklist IP's

Question 290

Which mode of IPSec should you use to assure security and confidentiality of data within the same LAN?

A.ESP transport mode

B.AH permiscuous

C.ESP confidential

D.AH Tunnel mode

Other Version: 886EC-COUNCIL.312-50v10.v2025-04-21.q262; 7671EC-COUNCIL.312-50v10.v2022-08-24.q432; 118EC-COUNCIL.Braindumpspass.312-50v10.v2022-02-07.by.rupert.139q.pdf

Latest Upload: 124IAPP.AIGP.v2025-12-25.q64; 118CISI.UAE-Financial-Rules-and-Regulations.v2025-12-25.q35; 138SAP.C-S4TM-2023.v2025-12-25.q82; 110EMC.D-VXR-DS-00.v2025-12-24.q43; 124Splunk.SPLK-5001.v2025-12-24.q37; 125Huawei.H19-308-ENU.v2025-12-24.q74; 109APMG-International.AgilePM-Foundation.v2025-12-24.q74; 139SAP.C-C4H62-2408.v2025-12-24.q81; 115ASHRAE.HFDP.v2025-12-24.q39; 116ISQI.CTFL-UT.v2025-12-23.q13

Question 286

Question 287

Question 288

Question 289

Question 290

Download PDF File