1. Home
  2. ECCouncil
  3. Certified Ethical Hacker
  4. 312-50
  5. Ethical Hacking and Countermeasures Questions and Answers

Pass the ECCouncil Certified Ethical Hacker 312-50 Questions and answers with CertsForce

 ECCouncil Exams      Go to Exam Detail      Get Premium Access
Viewing page 6 out of 12 pages
Viewing questions 51-60 out of questions
Questions # 51:

Which initial procedure should an ethical hacker perform after being brought into an organization?

Options:
A.

Begin security testing.

B.

Turn over deliverables.

C.

Sign a formal contract with non-disclosure.

D.

Assess what the organization is trying to protect.

Expert Solution
Questions # 52:

A certified ethical hacker (CEH) is approached by a friend who believes her husband is cheating. She offers to pay to break into her husband's email account in order to find proof so she can take him to court. What is the ethical response?

Options:
A.

Say no; the friend is not the owner of the account.

B.

Say yes; the friend needs help to gather evidence.

C.

Say yes; do the job for free.

D.

Say no; make sure that the friend knows the risk she’s asking the CEH to take.

Expert Solution
Questions # 53:

How do employers protect assets with security policies pertaining to employee surveillance activities?

Options:
A.

Employers promote monitoring activities of employees as long as the employees demonstrate trustworthiness.

B.

Employers use informal verbal communication channels to explain employee monitoring activities to employees.

C.

Employers use network surveillance to monitor employee email traffic, network access, and to record employee keystrokes.

D.

Employers provide employees written statements that clearly discuss the boundaries of monitoring activities and consequences.

Expert Solution
Questions # 54:

When does the Payment Card Industry Data Security Standard (PCI-DSS) require organizations to perform external and internal penetration testing?

Options:
A.

At least once a year and after any significant upgrade or modification

B.

At least once every three years or after any significant upgrade or modification

C.

At least twice a year or after any significant upgrade or modification

D.

At least once every two years and after any significant upgrade or modification

Expert Solution
Questions # 55:

Which method can provide a better return on IT security investment and provide a thorough and comprehensive assessment of organizational security covering policy, procedure design, and implementation?

Options:
A.

Penetration testing

B.

Social engineering

C.

Vulnerability scanning

D.

Access control list reviews

Expert Solution
Questions # 56:

Which type of security document is written with specific step-by-step details?

Options:
A.

Process

B.

Procedure

C.

Policy

D.

Paradigm

Expert Solution
Questions # 57:

Which of the following tools would be the best choice for achieving compliance with PCI Requirement 11?

Options:
A.

Truecrypt

B.

Sub7

C.

Nessus

D.

Clamwin

Expert Solution
Questions # 58:

International Organization for Standardization (ISO) standard 27002 provides guidance for compliance by outlining

Options:
A.

guidelines and practices for security controls.

B.

financial soundness and business viability metrics.

C.

standard best practice for configuration management.

D.

contract agreement writing standards.

Expert Solution
Questions # 59:

Which United States legislation mandates that the Chief Executive Officer (CEO) and the Chief Financial Officer (CFO) must sign statements verifying the completeness and accuracy of financial reports?

Options:
A.

Sarbanes-Oxley Act (SOX)

B.

Gramm-Leach-Bliley Act (GLBA)

C.

Fair and Accurate Credit Transactions Act (FACTA)

D.

Federal Information Security Management Act (FISMA)

Expert Solution
Questions # 60:

How can a policy help improve an employee's security awareness?

Options:
A.

By implementing written security procedures, enabling employee security training, and promoting the benefits of security

B.

By using informal networks of communication, establishing secret passing procedures, and immediately terminating employees

C.

By sharing security secrets with employees, enabling employees to share secrets, and establishing a consultative help line

D.

By decreasing an employee's vacation time, addressing ad-hoc employment clauses, and ensuring that managers know employee strengths

Expert Solution
Viewing page 6 out of 12 pages
Viewing questions 51-60 out of questions