Our This experts dedicate to developing the EC-Council 312-50 on-line questions and answers. You can download the 312-50 dumps upon our web site. We not merely present the actual EC-Council Pdf exams but furthermore the test engine. Our own EC-Council EC-Council test motor is cutting-edge software which can be built to generate you experience that you tend to be in the real EC-Council 312-50 exam. This will be your enriching and unforgettable experience in your life. You can make your own EC-Council 312-50 preparation at your personal pace and with your own style as a consequence of the flexibility regarding our 2 types of 312-50 questions. You can put the actual various options and facilities, which usually provided from the EC-Council 312-50 exam engines, into use. Whilst doing your own EC-Council 312-50 practice exams on your 312-50 exam motor you will experience that your learning rate is enhanced.
2021 Mar 312-50 free practice test
Q81. Which of the following type of scanning utilizes automated process of proactively identifying vulnerabilities of the computing systems present on a network?
A. Port Scanning
B. Single Scanning
C. External Scanning
D. Vulnerability Scanning
Answer: D
Q82. Samuel is the network administrator of DataX communications Inc. He is trying to configure his firewall to block password brute force attempts on his network. He enables blocking the intruder’s IP address for a period of 24 hours time after more than three unsuccessful attempts. He is confident that this rule will secure his network hackers on the Internet.
But he still receives hundreds of thousands brute-force attempts generated from various IP addresses around the world. After some investigation he realizes that the intruders are using a proxy somewhere else on the Internet which has been scripted to enable the random usage of various proxies on each request so as not to get caught by the firewall use.
Later he adds another rule to his firewall and enables small sleep on the password attempt so that if the password is incorrect, it would take 45 seconds to return to the user to begin another attempt. Since an intruder may use multiple machines to brute force the password, he also throttles the number of connections that will be prepared to accept from a particular IP address. This action will slow the intruder’s attempts.
Samuel wants to completely block hackers brute force attempts on his network.
What are the alternatives to defending against possible brute-force password attacks on his site?
A. Enforce a password policy and use account lockouts after three wrong logon attempts even through this might lock out legit users
B. Enable the IDS to monitor the intrusion attempts and alert you by e-mail about the IP address of the intruder so that you can block them at the firewall manually
C. Enforce complex password policy on your network so that passwords are more difficult to brute force
D. You can’t completely block the intruders attempt if they constantly switch proxies
Answer: D
Explanation: Without knowing from where the next attack will come there is no way of proactively block the attack. This is becoming a increasing problem with the growth of large bot nets using ordinary workstations and home computers in large numbers.
Q83. Which of the following built-in C/C++ functions you should avoid to prevent your program from buffer overflow attacks?
A. strcpy()
B. strcat()
C. streadd()
D. strscock()
Answer: ABC
Explanation: When hunting buffer overflows, the first thing to look for is functions which write into arrays without any way to know the amount of space available. If you get to define the function, you can pass a length parameter in, or ensure that every array you ever pass to it is at least as big as the hard-coded maximum amount it will write. If you're using a function someone else (like, say, the compiler vendor) has provided then avoiding functions like gets(), which take some amount of data over which you have no control and stuff it into arrays they can never know the size of, is a good start. Make sure that functions like the str...() family which expect NUL-terminated strings actually get them - store a '