Free Access ECCouncil.312-50v11.v2022-05-26.q293 Practice Test (Page 22)

Question 101

A security analyst is performing an audit on the network to determine if there are any deviations from the security policies in place. The analyst discovers that a user from the IT department had a dial-out modem installed.
Which security policy must the security analyst check to see if dial-out modems are allowed?

A.Permissive policy

B.Acceptable-use policy

C.Firewall-management policy

D.Remote-access policy

Question 102

Morris, a professional hacker, performed a vulnerability scan on a target organization by sniffing the traffic on the network lo identify the active systems, network services, applications, and vulnerabilities. He also obtained the list of the users who are currently accessing the network. What is the type of vulnerability assessment that Morris performed on the target organization?

A.internal assessment

B.Passive assessment

C.External assessment

D.Credentialed assessment

Correct Answer: D

Explanation
Detached weakness evaluation adopts an interesting strategy: In checking network traffic, it endeavors to order a hub's working framework, ports and benefits, and to find weaknesses a functioning scan like Nessus or Qualys probably won't discover on the grounds that ports are hindered or another host has come on the web.
The information may then give setting to security occasions, for example, relating with IDS alarms to lessen bogus positives.
Uninvolved investigation offers two key points of interest. The first is perceivability. There's regularly a wide hole between the thing you believe is running on your organization and what really is. Both organization and host scan report just what they see. Scan are obstructed by organization and host firewalls. In any event, when a host is live, the data accumulated is here and there restricted to flag checks and some noninvasive setup checks. In the event that your scan has the host certifications, it can question for more data, however bogus positives are an immense issue, you actually may not see everything. Further, rootkits that introduce themselves may run on a nonscanned port or, on account of UDP, may not react to an irregular test. On the off chance that a functioning weakness appraisal scan doesn't see it, it doesn't exist to the scan.
Host firewalls are regular even on worker PCs, so how would you identify a rebel worker or PC with a functioning output? An inactive sensor may see mavericks on the off chance that they're visiting on the organization; that is perceivability a scanner won't give you. A detached sensor likewise will recognize action to and from a port that isn't generally filtered, and may identify nonstandard port utilization, given the sensor can interpret and order the traffic. For instance, basic stream examination won't distinguish SSH or telnet on Port 80, however convention investigation may.
The subsequent significant favorable position of inactive investigation is that it's noninvasive- - it doesn't intrude on organization tasks. Dynamic weakness evaluation scanners are obtrusive and can disturb administrations, regardless of their designers' endeavors to limit the potential for blackouts. In any event, utilizing alleged safe sweeps, we've taken out switches, our NTP administration and a large group of other basic framework segments. Quite a long while prior, we even bobbed our center switch twice with a nmap port output.

Question 103

Study the snort rule given below:

From the options below, choose the exploit against which this rule applies.

A.WebDav

B.MyDoom

C.SQL Slammer

D.MS Blaster

Question 104

Attacker Simon targeted the communication network of an organization and disabled the security controls of NetNTLMvl by modifying the values of LMCompatibilityLevel, NTLMMinClientSec, and RestrictSendingNTLMTraffic. He then extracted all the non-network logon tokens from all the active processes to masquerade as a legitimate user to launch further attacks. What is the type of attack performed by Simon?

A.Dictionary attack

B.Rainbow table attack

C.Internal monologue attack

D.Combinator attack

Question 105

Bob, an attacker, has managed to access a target IoT device. He employed an online tool to gather information related to the model of the IoT device and the certifications granted to it.
Which of the following tools did Bob employ to gather the above information?

A.EarthExplorer

B.search.com

C.FCC ID search

D.Google image search

Other Version: 1474ECCouncil.312-50v11.v2023-12-08.q217; 2092ECCouncil.312-50v11.v2023-06-20.q282; 3305ECCouncil.312-50v11.v2022-08-04.q101; 34ECCouncil.Actualtestpdf.312-50v11.v2021-09-20.by.magee.214q.pdf

Latest Upload: 104OCEG.GRCP.v2025-09-11.q211; 103HP.HPE0-V27.v2025-09-11.q78; 118Oracle.1Z0-1057-23.v2025-09-10.q47; 150Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 131SAP.C-S4EWM-2023.v2025-09-08.q83; 164TheSecOpsGroup.CNSP.v2025-09-08.q20; 223CFAInstitute.ESG-Investing.v2025-09-08.q173; 158PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 147Salesforce.Data-Architect.v2025-09-05.q216; 142Adobe.AD0-E605.v2025-09-05.q50

Question 101

Question 102

Question 103

Question 104

Question 105

Download PDF File