• Home
  • Articles
  • [2021] 312-49 PDF Questions - Perfect Prospect To Go With TestkingPass Practice Exam [Q46-Q61]

[2021] 312-49 PDF Questions - Perfect Prospect To Go With TestkingPass Practice Exam [Q46-Q61]

Share

[2021] 312-49 PDF Questions - Perfect Prospect To Go With TestkingPass Practice Exam

EC-COUNCIL 312-49 Pdf Questions - Outstanding Practice To your Exam

NEW QUESTION 46
You are assisting in the investigation of a possible Web Server hack. The company who called you stated that customers reported to them that whenever they entered the web address of the company in their browser, what they received was a pornographic web site.
The company checked the web server and nothing appears wrong. When you type in the
IP address of the web site in your browser everything appears normal. What is the name of the attack that affects the DNS cache of the name resolution servers, resulting in those servers directing users to the wrong web site?

  • A. DNS Poisoning
  • B. ARP Poisoning
  • C. IP Spoofing
  • D. HTTP redirect attack

Answer: A

 

NEW QUESTION 47
Harold is a security analyst who has just run the rdisk /s command to grab the backup SAM files on a computer. Where should Harold navigate on the computer to find the file?

  • A. %systemroot%\repair
  • B. %systemroot%\system32\drivers\etc
  • C. %systemroot%\LSA
  • D. %systemroot%\system32\LSA

Answer: A

 

NEW QUESTION 48
You are conducting an investigation of fraudulent claims in an insurance company that involves complex text searches through large numbers of documents. Which of the following tools would allow you to quickly and efficiently search for a string within a file on the bitmap image of the target computer?

  • A. vim
  • B. grep
  • C. dir
  • D. Stringsearch

Answer: B

 

NEW QUESTION 49
An "idle" system is also referred to as what?

  • A. PC not connected to the Internet
  • B. Bot
  • C. Zombie
  • D. PC not being used

Answer: C

 

NEW QUESTION 50
George is the network administrator of a large Internet company on the west coast. Per corporate policy, none of the employees in the company are allowed to use FTP or SFTP programs without obtaining approval from the IT department. Few managers are using SFTP program on their computers. Before talking to his boss, George wants to have some proof of their activity. George wants to use Ethereal to monitor network traffic, but only SFTP traffic to and from his network.
What filter should George use in Ethereal?

  • A. net port 22
  • B. udp port 22 and host 172.16.28.1/24
  • C. src port 22 and dst port 22
  • D. src port 23 and dst port 23

Answer: C

 

NEW QUESTION 51
What is the target host IP in the following command?

  • A. 172.16.28.95
  • B. Firewalk does not scan target hosts
  • C. This command is using FIN packets, which cannot scan target hosts
  • D. 10.10.150.1

Answer: A

 

NEW QUESTION 52
How many times can data be written to a DVD+R disk?

  • A. Twice
  • B. Zero
  • C. Infinite
  • D. Once

Answer: D

 

NEW QUESTION 53
Jason has set up a honeypot environment by creating a DMZ that has no physical or logical access to his production network. In this honeypot, he has placed a server running Windows Active Directory. He has also placed a Web server in the DMZ that services a number of web pages that offer visitors a chance to download sensitive information by clicking on a button. A week later, Jason finds in his network logs how an intruder accessed the honeypot and downloaded sensitive information. Jason uses the logs to try and prosecute the intruder for stealing sensitive corporate information. Why will this not be viable?

  • A. Intruding into a honeypot is not illegal
  • B. Intruding into a DMZ is not illegal
  • C. Entrapment
  • D. Enticement

Answer: C

 

NEW QUESTION 54
What stage of the incident handling process involves reporting events?

  • A. Containment
  • B. Identification
  • C. Follow-up
  • D. Recovery

Answer: B

 

NEW QUESTION 55
Data is striped at a byte level across multiple drives, and parity information is distributed among all member drives.

What RAID level is represented here?

  • A. RAID Level 3
  • B. RAID Level 5
  • C. RAID Level 0
  • D. RAID Level 1

Answer: B

 

NEW QUESTION 56
You are assisting a Department of Defense contract company to become compliant with the stringent security policies set by the DoD. One such strict rule is that firewalls must only allow incoming connections that were first initiated by internal computers. What type of firewall must you implement to abide by this policy?

  • A. Packet filtering firewall
  • B. Application-level proxy firewall
  • C. Circuit-level proxy firewall
  • D. Stateful firewall

Answer: D

 

NEW QUESTION 57
Under which Federal Statutes does FBI investigate for computer crimes involving e-mail scams and mail fraud?

  • A. 18 U.S.C. 1362 Government communication systems
  • B. 18 U.S.C. 1361 Injury to Government Property
  • C. 18 U.S.C. 1343 Fraud by wire, radio or television
  • D. 18 U.S.C. 1831 Economic Espionage Act
  • E. 18 U.S.C. 1832 Trade Secrets Act
  • F. 18 U.S.C. 1030 Fraud and related activity in connection with computers
  • G. 18 U.S.C. 1029 Possession of Access Devices

Answer: F

 

NEW QUESTION 58
What is considered a grant of a property right given to an individual who discovers or invents a new machine, process, useful composition of matter or manufacture?

  • A. Design patent
  • B. Trademark
  • C. Copyright
  • D. Utility patent

Answer: D

 

NEW QUESTION 59
The newer Macintosh Operating System (MacOS X) is based on:

  • A. Microsoft Windows
  • B. BSD Unix
  • C. OS/2
  • D. Linux

Answer: B

 

NEW QUESTION 60
What will the following Linux command accomplish?
dd if=/dev/mem of=/home/sam/mem.bin bs=1024

  • A. Copy the contents of the system folder to a file
  • B. Copy the running memory to a file
  • C. Copy the memory dump file to an image file
  • D. Copy the master boot record to a file

Answer: B

 

NEW QUESTION 61
......

Online Questions - Outstanding Practice To your 312-49 Exam: https://www.testkingpass.com/312-49-testking-dumps.html

Related Articles

more
EC-COUNCIL 312-49 Certification Practice Exam