[2017 Newest] 100% Valid Lead2pass EC-Council 312-50v9 New Questions Free Version (121-140)

Lead2pass 2017 September New EC-Council 312-50v9 Exam Dumps!

100% Free Download! 100% Pass Guaranteed!

Pass 312-50v9 exam with the latest Lead2pass 312-50v9 dumps: Lead2pass 312-50v9 exam questions and answers in PDF are prepared by our experts. Moreover, they are based on the recommended syllabus that covering all the 312-50v9 exam objectives.

Following questions and answers are all new published by EC-Council Official Exam Center: https://www.lead2pass.com/312-50v9.html

QUESTION 121
Which of the following does proper basic configuration of snort as a network intrusion detection system require?

A.    Limit the packets captured to the snort configuration file.
B.    Capture every packet on the network segment.
C.    Limit the packets captured to a single segment.
D.    Limit the packets captured to the /var/log/snort directory.

Answer: A

QUESTION 122
How is sniffing broadly categorized?

A.    Active and passive
B.    Broadcast and unicast
C.    Unmanaged and managed
D.    Filtered and unfiltered

Answer: A

QUESTION 123
What are the three types of authentication?

A.    Something you: know, remember, prove
B.    Something you: have, know, are
C.    Something you: show, prove, are
D.    Something you: show, have, prove

Answer: B

QUESTION 124
The use of technologies like IPSec can help guarantee the following: authenticity, integrity, confidentiality and

A.    non-repudiation.
B.    operability.
C.    security.
D.    usability.

Answer: A

QUESTION 125
What is the main disadvantage of the scripting languages as opposed to compiled programming languages?

A.    Scripting languages are hard to learn.
B.    Scripting languages are not object-oriented.
C.    Scripting languages cannot be used to create graphical user interfaces.
D.    Scripting languages are slower because they require an interpreter to run the code.

Answer: D

QUESTION 126
A botnet can be managed through which of the following?

A.    IRC
B.    E-Mail
C.    Linkedin and Facebook
D.    A vulnerable FTP server

Answer: A

QUESTION 127
Fingerprinting VPN firewalls is possible with which of the following tools?

A.    Angry IP
B.    Nikto
C.    Ike-scan
D.    Arp-scan

Answer: C

QUESTION 128
What is a successful method for protecting a router from potential smurf attacks?

A.    Placing the router in broadcast mode
B.    Enabling port forwarding on the router
C.    Installing the router outside of the network’s firewall
D.    Disabling the router from accepting broadcast ping messages

Answer: D

QUESTION 129
Which of the following is optimized for confidential communications, such as bidirectional voice and video?

A.    RC4
B.    RC5
C.    MD4
D.    MD5

Answer: A

QUESTION 130
Advanced encryption standard is an algorithm used for which of the following?

A.    Data integrity
B.    Key discovery
C.    Bulk data encryption
D.    Key recovery

Answer: C

QUESTION 131
The fundamental difference between symmetric and asymmetric key cryptographic systems is that symmetric key cryptography uses which of the following?

A.    Multiple keys for non-repudiation of bulk data
B.    Different keys on both ends of the transport medium
C.    Bulk encryption for data transmission over fiber
D.    The same key on each end of the transmission medium

Answer: D

QUESTION 132
An attacker sniffs encrypted traffic from the network and is subsequently able to decrypt it. The attacker can now use which cryptanalytic technique to attempt to discover the encryption key?

A.    Birthday attack
B.    Plaintext attack
C.    Meet in the middle attack
D.    Chosen ciphertext attack

Answer: D

QUESTION 133
What is the primary drawback to using advanced encryption standard (AES) algorithm with a 256 bit key to share sensitive data?

A.    Due to the key size, the time it will take to encrypt and decrypt the message hinders efficient communication.
B.    To get messaging programs to function with this algorithm requires complex configurations.
C.    It has been proven to be a weak cipher; therefore, should not be trusted to protect sensitive data.
D.    It is a symmetric key algorithm, meaning each recipient must receive the key through a different channel than the message.

Answer: D

QUESTION 134
A Certificate Authority (CA) generates a key pair that will be used for encryption and decryption of email. The integrity of the encrypted email is dependent on the security of which of the following?

A.    Public key
B.    Private key
C.    Modulus length
D.    Email server certificate

Answer: B

QUESTION 135
When setting up a wireless network, an administrator enters a pre-shared key for security. Which of the following is true?

A.    The key entered is a symmetric key used to encrypt the wireless data.
B.    The key entered is a hash that is used to prove the integrity of the wireless data.
C.    The key entered is based on the Diffie-Hellman method.
D.    The key is an RSA key used to encrypt the wireless data.

Answer: A

QUESTION 136
An attacker has captured a target file that is encrypted with public key cryptography. Which of the attacks below is likely to be used to crack the target file?

A.    Timing attack
B.    Replay attack
C.    Memory trade-off attack
D.    Chosen plain-text attack

Answer: D

QUESTION 137
Which of the following processes of PKI (Public Key Infrastructure) ensures that a trust relationship exists and that a certificate is still valid for specific operations?

A.    Certificate issuance
B.    Certificate validation
C.    Certificate cryptography
D.    Certificate revocation

Answer: B

QUESTION 138
Which of the following describes a component of Public Key Infrastructure (PKI) where a copy of a private key is stored to provide third-party access and to facilitate recovery operations?

A.    Key registry
B.    Recovery agent
C.    Directory
D.    Key escrow

Answer: D

QUESTION 139
To reduce the attack surface of a system, administrators should perform which of the following processes to remove unnecessary software, services, and insecure configuration settings?

A.    Harvesting
B.    Windowing
C.    Hardening
D.    Stealthing

Answer: C

QUESTION 140
Which of the following is a common Service Oriented Architecture (SOA) vulnerability?

A.    Cross-site scripting
B.    SQL injection
C.    VPath injection
D.    XML denial of service issues

Answer: D

More free Lead2pass 312-50v9 exam new questions on Google Drive: https://drive.google.com/open?id=0B3Syig5i8gpDTVZJRHRvblhycms

Comparing with others’, you will find our 312-50v9 exam questions are more helpful and precise since all the 312-50v9 exam content is regularly updated and has been checked for accuracy by our team of EC-Council expert professionals.

2017 EC-Council 312-50v9 (All 589 Q&As) exam dumps (PDF&VCE) from Lead2pass:

https://www.lead2pass.com/312-50v9.html [100% Exam Pass Guaranteed]

You may also like