Free preview mode
Enjoy the free questions and consider upgrading to gain full access!
312-50v10
Free trial
Verified
Question 26
If there is an Intrusion Detection System (IDS) in intranet, which port scanning technique cannot be used?
- A: Spoof Scan
- B: TCP SYN
- C: TCP Connect scan
- D: Idle scan
Question 27
There are several ways to gain insight on how a cryptosystem works with the goal of reverse engineering the process. A term describes when two pieces of data result in the value is?
- A: Polymorphism
- B: Escrow
- C: Collusion
- D: Collision
Question 28
A Security Engineer at a medium-sized accounting firm has been tasked with discovering how much information can be obtained from the firm's public facing web servers. The engineer decides to start by using netcat to port 80.
The engineer receives this output:
HTTP/1.1 200 OK -
Server: Microsoft-IIS/6 -
Expires: Tue, 17 Jan 2011 01:41:33 GMT
Date: Mon, 16 Jan 2011 01:41:33 GMT
Content-Type: text/html -
Accept-Ranges: bytes -
Last-Modified: Wed, 28 Dec 2010 15:32:21 GMT
ETag: "b0aac0542e25c31:89d"
Content-Length: 7369 -
Which of the following is an example of what the engineer performed?
- A: Cross-site scripting
- B: Banner grabbing
- C: SQL injection
- D: Who is database query
Question 29
A large company intends to use Blackberry for corporate mobile phones and a security analyst is assigned to evaluate the possible threats. The analyst will use the Blackjacking attack method to demonstrate how an attacker could circumvent perimeter defenses and gain access to the Prometric Online Testing "" Reports https://ibt1.prometric.com/users/custom/report_queue/rq_str... corporate network. What tool should the analyst use to perform a Blackjacking attack?
- A: Paros Proxy
- B: BBProxy
- C: Blooover
- D: BBCrack
Question 30
The configuration allows a wired or wireless network interface controller to pass all traffic it receives to the Central Processing Unit (CPU), rather than passing only the frames that the controller is intended to receive.
Which of the following is being described?
- A: Multi-cast mode
- B: Promiscuous mode
- C: WEM
- D: Port forwarding
Question 31
A network administrator discovers several unknown files in the root directory of his Linux FTP server. One of the files is a tarball, two are shell script files, and the third is a binary file is named "nc." The FTP server's access logs show that the anonymous user account logged in to the server, uploaded the files, and extracted the contents of the tarball and ran the script using a function provided by the FTP server's software. The "ps" command shows that the "nc" file is running as process, and the netstat command shows the "nc" process is listening on a network port.
What kind of vulnerability must be present to make this remote attack possible?
- A: File system permissions
- B: Privilege escalation
- C: Directory traversal
- D: Brute force login
Question 32
You have successfully gained access to a Linux server and would like to ensure that the succeeding outgoing traffic from this server will not be caught by
Network-Based Intrusion Detection Systems (NIDS).
What is the best way to evade the NIDS?
- A: Out of band signaling
- B: Protocol Isolation
- C: Encryption
- D: Alternate Data Streams
Question 33
Cryptography is the practice and study of techniques for secure communication in the presence of third parties (called adversaries). More generally, it is about constructing and analyzing protocols that overcome the influence of adversaries and that are related to various aspects in information security such as data confidentially, data integrity, authentication, and non-repudiation. Modern cryptography intersects the disciplines of mathematics, computer science, and electrical engineering. Applications of cryptography include ATM cards, computer passwords, and electronic commerce.
Basic example to understand how cryptography works is given below:
Which of the following choices true about cryptography?
- A: Algorithm is not the secret; key is the secret.
- B: Public-key cryptography, also known as asymmetric cryptography, public key is for decrypt, private key is for encrypt.
- C: Secure Sockets Layer (SSL) use the asymmetric encryption both (public/private key pair) to deliver the shared session key and to achieve a communication way.
- D: Symmetric-key algorithms are a class of algorithms for cryptography that use the different cryptographic keys for both encryption of plaintext and decryption of ciphertext.
Question 34
What is the difference between the AES and RSA algorithms?
- A: Both are symmetric algorithms, but AES uses 256-bit keys
- B: AES is asymmetric, which is used to create a public/private key pair; RSA is symmetric, which is used to encrypt data
- C: Both are asymmetric algorithms, but RSA uses 1024-bit keys
- D: RSA is asymmetric, which is used to create a public/private key pair; AES is symmetric, which is used to encrypt data
Question 35
In 2007, this wireless security algorithm was rendered useless by capturing packets and discovering the passkey in a matter of seconds. This security flaw led to a network invasion of TJ Maxx and data theft through a technique known as wardriving.
Which Algorithm is this referring to?
- A: Wired Equivalent Privacy (WEP)
- B: Wi-Fi Protected Access (WPA)
- C: Wi-Fi Protected Access 2 (WPA2)
- D: Temporal Key Integrity Protocol (TKIP)
Question 36
An incident investigator asks to receive a copy of the event logs from all firewalls, proxy servers, and Intrusion Detection Systems (IDS) on the network of an organization that has experienced a possible breach of security. When the investigator attempts to correlate the information in all of the logs, the sequence of many of the logged events do not match up.
What is the most likely cause?
- A: The network devices are not all synchronized.
- B: Proper chain of custody was not observed while collecting the logs.
- C: The attacker altered or erased events from the logs.
- D: The security breach was a false positive.
Question 37
An attacker is using nmap to do a ping sweep and a port scanning in a subnet of 254 addresses.
In which order should he perform these steps?
- A: The sequence does not matter. Both steps have to be performed against all hosts.
- B: First the port scan to identify interesting services and then the ping sweep to find hosts responding to icmp echo requests.
- C: First the ping sweep to identify live hosts and then the port scan on the live hosts. This way he saves time.
- D: The port scan alone is adequate. This way he saves time.
Question 38
Look at the following output. What did the hacker accomplish?
- A: The hacker used who is to gather publicly available records for the domain.
- B: The hacker used the "fierce" tool to brute force the list of available domains.
- C: The hacker listed DNS records on his own domain.
- D: The hacker successfully transferred the zone and enumerated the hosts.
Question 39
What is the purpose of a demilitarized zone on a network?
- A: To scan all traffic coming through the DMZ to the internal network
- B: To only provide direct access to the nodes within the DMZ and protect the network behind it
- C: To provide a place to put the honeypot
- D: To contain the network devices you wish to protect
Question 40
Which of the following Nmap commands will produce the following output?
- A: nmap ""sT ""sX ""Pn ""p 1-65535 192.168.1.1
- B: nmap ""sN ""Ps ""T4 192.168.1.1
- C: nmap ""sS ""sU ""Pn ""p 1-65535 192.168.1.1
- D: nmap ""sS ""Pn 192.168.1.1
Question 41
Which of the following programs is usually targeted at Microsoft Office products?
- A: Polymorphic virus
- B: Multipart virus
- C: Macro virus
- D: Stealth virus
That’s the end of your free questions
You’ve reached the preview limit for 312-50v10Consider upgrading to gain full access!
Free preview mode
Enjoy the free questions and consider upgrading to gain full access!