Online Access Free ECCouncil.312-50v11.v2021-11-17.q136 Practice Test (Page 15)

312-50v11 Exam Question 66

An organization has automated the operation of critical infrastructure from a remote location. For this purpose, all the industrial control systems are connected to the Internet. To empower the manufacturing process, ensure the reliability of industrial networks, and reduce downtime and service disruption, the organization deckled to install an OT security tool that further protects against security incidents such as cyber espionage, zero-day attacks, and malware. Which of the following tools must the organization employ to protect its critical infrastructure?

A.Flowmon

B.Balenadoud

C.intenlFuzzer

D.Robotium

312-50v11 Exam Question 67

Which of the following statements is FALSE with respect to Intrusion Detection Systems?

A.Intrusion Detection Systems can easily distinguish a malicious payload in an encrypted traffic

B.Intrusion Detection Systems can examine the contents of the data n context of the network protocol

C.Intrusion Detection Systems require constant update of the signature library

D.Intrusion Detection Systems can be configured to distinguish specific content in network packets

312-50v11 Exam Question 68

During the enumeration phase. Lawrence performs banner grabbing to obtain information such as OS details and versions of services running. The service that he enumerated runs directly on TCP port 445.
Which of the following services is enumerated by Lawrence in this scenario?

A.Server Message Block (SMB)

B.Network File System (NFS)

C.Remote procedure call (RPC)

D.Telnet

Correct Answer: A

Explanation
Worker Message Block (SMB) is an organization document sharing and information texture convention. SMB is utilized by billions of gadgets in a different arrangement of working frameworks, including Windows, MacOS, iOS , Linux, and Android. Customers use SMB to get to information on workers. This permits sharing of records, unified information the board, and brought down capacity limit needs for cell phones. Workers additionally use SMB as a feature of the Software-characterized Data Center for outstanding burdens like grouping and replication.
Since SMB is a far off record framework, it requires security from assaults where a Windows PC may be fooled into reaching a pernicious worker running inside a confided in organization or to a far off worker outside the organization edge. Firewall best practices and arrangements can upgrade security keeping malevolent traffic from leaving the PC or its organization.
For Windows customers and workers that don't have SMB shares, you can obstruct all inbound SMB traffic utilizing the Windows Defender Firewall to keep far off associations from malignant or bargained gadgets. In the Windows Defender Firewall, this incorporates the accompanying inbound principles.

You should also create a new blocking rule to override any other inbound firewall rules. Use the following suggested settings for any Windows clients or servers that do not host SMB Shares:
* Name: Block all inbound SMB 445
* Description: Blocks all inbound SMB TCP 445 traffic. Not to be applied to domain controllers or computers that host SMB shares.
* Action: Block the connection
* Programs: All
* Remote Computers: Any
* Protocol Type: TCP
* Local Port: 445
* Remote Port: Any
* Profiles: All
* Scope (Local IP Address): Any
* Scope (Remote IP Address): Any
* Edge Traversal: Block edge traversal
You must not globally block inbound SMB traffic to domain controllers or file servers. However, you can restrict access to them from trusted IP ranges and devices to lower their attack surface. They should also be restricted to Domain or Private firewall profiles and not allow Guest/Public traffic.

312-50v11 Exam Question 69

When a normal TCP connection starts, a destination host receives a SYN (synchronize/start) packet from a source host and sends back a SYN/ACK (synchronize acknowledge). The destination host must then hear an ACK (acknowledge) of the SYN/ACK before the connection is established. This is referred to as the "TCP three-way handshake." While waiting for the ACK to the SYN ACK, a connection queue of finite size on the destination host keeps track of connections waiting to be completed. This queue typically empties quickly since the ACK is expected to arrive a few milliseconds after the SYN ACK.
How would an attacker exploit this design by launching TCP SYN attack?

A.Attacker generates TCP RST packets with random source addresses towards a victim host

B.Attacker floods TCP SYN packets with random source addresses towards a victim host

C.Attacker generates TCP ACK packets with random source addresses towards a victim host

D.Attacker generates TCP SYN packets with random destination addresses towards a victim host

312-50v11 Exam Question 70

Let's imagine three companies (A, B and C), all competing in a challenging global environment. Company A and B are working together in developing a product that will generate a major competitive advantage for them.
Company A has a secure DNS server while company B has a DNS server vulnerable to spoofing. With a spoofing attack on the DNS server of company B, company C gains access to outgoing e-mails from company B.
How do you prevent DNS spoofing?

A.Disable DNS Zone Transfer

B.Disable DNS timeouts

C.Install DNS Anti-spoofing

D.Install DNS logger and track vulnerable packets

Other Version: 1300ECCouncil.312-50v11.v2024-04-29.q284; 2559ECCouncil.312-50v11.v2022-10-19.q182; 124ECCouncil.Pass4surecert.312-50v11.v2022-04-01.by.julius.198q.pdf; 6340ECCouncil.312-50v11.v2022-03-17.q198; 43ECCouncil.Updatedumps.312-50v11.v2021-09-16.by.gene.138q.pdf

Latest Upload: 149VMware.3V0-21.25.v2026-06-20.q29; 142Microsoft.AB-731.v2026-06-19.q23; 279IIA.IIA-CIA-Part2.v2026-06-19.q308; 170DAMA.MD-1220.v2026-06-19.q66; 165ISTQB.CT-AI.v2026-06-18.q68; 299IIA.IIA-CIA-Part3.v2026-06-17.q220; 203WGU.Introduction-to-IT.v2026-06-17.q67; 269CompTIA.220-1202.v2026-06-16.q110; 157TheInstitutes.CPCU-500.v2026-06-16.q25; 254ACAMS.CAMS7-CN.v2026-06-16.q170

312-50v11 Exam Question 66

312-50v11 Exam Question 67

312-50v11 Exam Question 68

312-50v11 Exam Question 69

312-50v11 Exam Question 70

Download PDF File