Eccouncil 312-49 practice test

Question 1

Bill is the accounting manager for Grummon and Sons LLC in Chicago. On a regular basis, he needs to
send PDF documents containing sensitive information through E-mail to his customers. Bill protects
the PDF documents with a password and sends them to their intended recipients. Why PDF
passwords do not offer maximum protection?
A. PDF passwords are converted to clear text when sent through E-mail
B. PDF passwords are not considered safe by Sarbanes-Oxley
C. When sent through E-mail, PDF passwords are stripped from the document completely
D. PDF passwords can easily be cracked by software brute force tools

Question 2

Harold is a web designer who has completed a website for ghttech.net. As part of the maintenance
agreement he signed with the client, Harold is performing research online and seeing how much
exposure the site has received so far. Harold navigates to google.com and types in the following
search. link:www.ghttech.net What will this search produce?

• A. All search engines that link to .net domains
• B. All sites that link to ghttech.net
• C. Sites that contain the code: link:www.ghttech.net
• D. All sites that ghttech.net links to

Question 3

Larry is an IT consultant who works for corporations and government agencies. Larry plans on
shutting down the city's network using BGP devices and zombies? What type of Penetration Testing is
Larry planning to carry out?

• A. Router Penetration Testing
• B. DoS Penetration Testing
• C. Internal Penetration Testing
• D. Firewall Penetration Testing

Question 4

Click on the Exhibit Button Paulette works for an IT security consulting company that is currently
performing an audit for the firm ACE Unlimited. Paulette's duties include logging on to all the
company's network equipment to ensure IOS versions are up-to-date and all the other security
settings are as stringent as possible. Paulette presents the following screenshot to her boss so he can
inform the client about necessary changes need to be made. From the screenshot, what changes
should the client company make?

• A. The banner should include the Cisco tech support contact information as well
• B. The banner should have more detail on the version numbers for the networkeQuipment
• C. The banner should not state "only authorized IT personnel may proceed"
• D. Remove any identifying numbers, names, or version information

Question 5

What is the following command trying to accomplish? C:\> nmap -sU -p445 192.168.0.0/24

• A. Verify that TCP port 445 is open for the 192.168.0.0 network
• B. Verify that UDP port 445 is open for the 192.168.0.0 network
• C. Verify that UDP port 445 is closed for the 192.168.0.0 network
• D. Verify that NETBIOS is running for the 192.168.0.0 network

Question 6

Kimberly is studying to be an IT security analyst at a vocational school in her town. The school offers
many different programming as well as networking languages. What networking protocol language
should she learn that routers utilize?

• A. BPG
• B. ATM
• C. OSPF
• D. UDP

Question 7

In Linux, what is the smallest possible shellcode?

• A. 8 bytes
• B. 24 bytes
• C. 800 bytes
• D. 80 bytes

Question 8

After undergoing an external IT audit, George realizes his network is vulnerable to DDoS attacks.
What countermeasures could he take to prevent DDoS attacks?

• A. Enable BGP
• B. Enable direct broadcasts
• C. Disable BGP
• D. Disable direct broadcasts

Question 9

You setup SNMP in multiple offices of your company. Your SNMP software manager is not receiving
data from other offices like it is for your main office. You suspect that firewall changes are to blame.
What ports should you open for SNMP to work through Firewalls (Select 2)

• A. 161
• B. 162
• C. 163
• D. 160

Question 10

How many bits is Source Port Number in TCP Header packet?

• A. 16
• B. 48
• C. 32
• D. 64

Question 11

Jim performed a vulnerability analysis on his network and found no potential problems. He runs
another utility that executes exploits against his system to verify the results of the vulnerability test.
The second utility executes five known exploits against his network in which the vulnerability analysis
said were not exploitable. What kind of results did Jim receive from his vulnerability analysis?

• A. False negatives
• B. True negatives
• C. True positives
• D. False positives

Question 12

What does ICMP Type 3/Code 13 mean?

• A. Administratively Blocked
• B. Host Unreachable
• C. Protocol Unreachable
• D. Port Unreachable

Question 13

Meyer Electronics Systems just recently had a number of laptops stolen out of their office. On these
laptops contained sensitive corporate information regarding patents and company strategies. A
month after the laptops were stolen, a competing company was found to have just developed
products that almost exactly duplicated products that Meyer produces. What could have prevented
this information from being stolen from the laptops?

• A. DFS Encryption
• B. EFS Encryption
• C. SDW Encryption
• D. IPS Encryption

Question 14

George is a senior security analyst working for a state agency in Florid
a. His state's congress just passed a bill mandating every state agency to undergo a security audit
annually. After learning what will be required, George needs to implement an IDS as soon as possible
before the first audit occurs. The state bill requires that an IDS with a "time-based induction
machine" be used. What IDS feature must George implement to meet this requirement?

• A. Pattern matching
• B. Statistical-based anomaly detection
• C. Real-time anomaly detection
• D. Signature-based anomaly detection

Question 15

Harold wants to set up a firewall on his network but is not sure which one would be the most
appropriate. He knows he needs to allow FTP traffic to one of the servers on his network, but he
wants to only allow FTP-PUT. Which firewall would be most appropriate for Harold? needs?

• A. Packet filtering firewall
• B. Circuit-level proxy firewall
• C. Application-level proxy firewall
• D. Data link layer firewall