CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. 312-50v13

Free 312-50v13 Exam Braindumps (page: 29)

Page 28 of 79
PDF with 309 Questions

Attacker Lauren has gained the credentials of an organization’s internal server system, and she was often logging in during irregular times to monitor the network activities. The organization was skeptical about the login times and appointed security professional Robert to determine the issue. Robert analyzed the compromised device to find incident details such as the type of attack, its severity, target, impact, method of propagation, and vulnerabilities exploited.

What is the incident handling and response (IH&R) phase, in which Robert has determined these issues?

  1. Incident triage
  2. Preparation
  3. Incident recording and assignment
  4. Eradication

Answer(s): A



At what stage of the cyber kill chain theory model does data exfiltration occur?

  1. Weaponization
  2. Actions on objectives
  3. Command and control
  4. Installation

Answer(s): B



Johnson, an attacker, performed online research for the contact details of reputed cybersecurity firms. He found the contact number of sibertech.org and dialed the number, claiming himself to represent a technical support team from a vendor. He warned that a specific server is about to be compromised and requested sibertech.org to follow the provided instructions. Consequently, he prompted the victim to execute unusual commands and install malicious files, which were then used to collect and pass critical information to Johnson’s machine.

What is the social engineering technique Steve employed in the above scenario?

  1. Diversion theft
  2. Quid pro quo
  3. Elicitation
  4. Phishing

Answer(s): C



An organization decided to harden its security against web-application and web-server attacks. John, a security personnel in the organization, employed a security scanner to automate web-application security testing and to guard the organization's web infrastructure against web-application threats. Using that tool, he also wants to detect XSS, directory transversal problems, fault injection, SQL injection, attempts to execute commands, and several other attacks.

Which of the following security scanners will help John perform the above task?

  1. AlienVault® OSSIMTM
  2. Syhunt Hybrid
  3. Saleae Logic Analyzer
  4. Cisco ASA

Answer(s): B






Post your Comments and Discuss EC-Council 312-50v13 exam with other Community members:

312-50v13 Exam Discussions & Posts