Professional Documents
Culture Documents
https://www.2passeasy.com/dumps/312-50v11/
NEW QUESTION 1
Why containers are less secure that virtual machines?
Answer: A
NEW QUESTION 2
Study the following log extract and identify the attack.
A. Hexcode Attack
B. Cross Site Scripting
C. Multiple Domain Traversal Attack
D. Unicode Directory Traversal Attack
Answer: D
NEW QUESTION 3
What does the following command in netcat do? nc -l -u -p55555 < /etc/passwd
Answer: C
NEW QUESTION 4
Windows LAN Manager (LM) hashes are known to be weak.
Which of the following are known weaknesses of LM? (Choose three.)
Answer: ABD
NEW QUESTION 5
What is GINA?
Answer: D
NEW QUESTION 6
When you are getting information about a web server, it is very important to know the HTTP Methods (GET, POST, HEAD, PUT, DELETE, TRACE) that are
available because there are two critical methods (PUT and DELETE). PUT can upload a file to the server and DELETE can delete a file from the server. You can
detect all these methods (GET, POST, HEAD, DELETE, PUT, TRACE) using NMAP script engine. What Nmap script will help you with this task?
A. http-methods
B. http enum
C. http-headers
D. http-git
Answer: A
NEW QUESTION 7
Which of the following program infects the system boot sector and the executable files at the same time?
A. Polymorphic virus
B. Stealth virus
C. Multipartite Virus
D. Macro virus
Answer: C
NEW QUESTION 8
Which of the following Linux commands will resolve a domain name into IP address?
A. >host-t a hackeddomain.com
B. >host-t ns hackeddomain.com
C. >host -t soa hackeddomain.com
D. >host -t AXFR hackeddomain.com
Answer: A
NEW QUESTION 9
John is an incident handler at a financial institution. His steps in a recent incident are not up to the standards of the company. John frequently forgets some steps
and procedures while handling responses as they are very stressful to perform. Which of the following actions should John take to overcome this problem with the
least administrative effort?
Answer: C
NEW QUESTION 10
Which of the following is the least-likely physical characteristic to be used in biometric control that supports a large company?
A. Iris patterns
B. Voice
C. Height and Weight
D. Fingerprints
Answer: C
NEW QUESTION 10
When discussing passwords, what is considered a brute force attack?
A. You attempt every single possibility until you exhaust all possible combinations or discover the password
B. You threaten to use the rubber hose on someone unless they reveal their password
C. You load a dictionary of words into your cracking program
D. You create hashes of a large number of words and compare it with the encrypted passwords
E. You wait until the password expires
Answer: A
NEW QUESTION 14
Which of the following describes the characteristics of a Boot Sector Virus?
A. Modifies directory table entries so that directory entries point to the virus code instead of the actual program.
B. Moves the MBR to another location on the RAM and copies itself to the original location of the MBR.
C. Moves the MBR to another location on the hard disk and copies itself to the original location of the MBR.
D. Overwrites the original MBR and only executes the new virus code.
Answer: C
NEW QUESTION 16
Joseph was the Web site administrator for the Mason Insurance in New York, who's main Web site was located at www.masonins.com. Joseph uses his laptop
computer regularly to administer the Web site. One night, Joseph received an urgent phone call from his friend, Smith. According to Smith, the main Mason
Insurance web site had been vandalized! All of its normal content was removed and replaced with an attacker's message ''Hacker Message: You are dead!
Freaks!” From his office, which was directly connected to Mason Insurance's internal network, Joseph surfed to the Web site using his laptop. In his browser, the
Web site looked completely intact.
No changes were apparent. Joseph called a friend of his at his home to help troubleshoot the problem. The Web site appeared defaced when his friend visited
using his DSL connection. So, while Smith and his friend could see the defaced page, Joseph saw the intact Mason Insurance web site. To help make sense of
this problem, Joseph decided to access the Web site using hisdial-up ISP. He disconnected his laptop from the corporate internal network and used his modem to
dial up the same ISP used by Smith. After his modem connected, he quickly typed www.masonins.com in his browser to reveal the following web page:
After seeing the defaced Web site, he disconnected his dial-up line, reconnected to the internal network, and used Secure Shell (SSH) to log in directly to the Web
server. He ran Tripwire against the entire Web site, and determined that every system file and all the Web content on the server were intact. How did the attacker
accomplish this hack?
A. ARP spoofing
B. SQL injection
C. DNS poisoning
D. Routing table injection
Answer: C
NEW QUESTION 19
Which of the following algorithms can be used to guarantee the integrity of messages being sent, in transit, or stored?
A. symmetric algorithms
B. asymmetric algorithms
C. hashing algorithms
D. integrity algorithms
Answer: C
NEW QUESTION 21
In the field of cryptanalysis, what is meant by a “rubber-hose” attack?
Answer: C
NEW QUESTION 24
In an internal security audit, the white hat hacker gains control over a user account and attempts to acquire access to another account's confidential files and
information. How can he achieve this?
A. Privilege Escalation
B. Shoulder-Surfing
C. Hacking Active Directory
D. Port Scanning
Answer: A
NEW QUESTION 29
What do Trinoo, TFN2k, WinTrinoo, T-Sight, and Stracheldraht have in common?
Answer: C
NEW QUESTION 33
Which DNS resource record can indicate how long any "DNS poisoning" could last?
A. MX
B. SOA
C. NS
D. TIMEOUT
Answer: B
NEW QUESTION 36
Which of the following tools is used to detect wireless LANs using the 802.11a/b/g/n WLAN standards on a linux platform?
A. Kismet
B. Abel
C. Netstumbler
D. Nessus
Answer: A
NEW QUESTION 39
Log monitoring tools performing behavioral analysis have alerted several suspicious logins on a Linux server occurring during non-business hours. After further
examination of all login activities, it is noticed that none of the logins have occurred during typical work hours. A Linux administrator who is investigating this
problem realizes the system time on the Linux server is wrong by more than twelve hours. What protocol used on Linux servers to synchronize the time has
stopped working?
A. Time Keeper
B. NTP
C. PPP
D. OSPP
Answer: B
NEW QUESTION 40
Elliot is in the process of exploiting a web application that uses SQL as a back-end database. He’s determined that the application is vulnerable to SQL injection,
and has introduced conditional timing delays into injected queries to determine whether they are successful. What type of SQL injection is Elliot most likely
performing?
Answer: B
NEW QUESTION 43
When a normal TCP connection starts, a destination host receives a SYN (synchronize/start) packet from a source host and sends back a SYN/ACK (synchronize
acknowledge). The destination host must then hear an ACK (acknowledge) of the SYN/ACK before the connection is established. This is referred to as the "TCP
three-way handshake." While waiting for the ACK to the SYN ACK, a connection queue of finite size on the destination host keeps track of connections waiting to
be completed. This queue typically empties quickly since the ACK is expected to arrive a few milliseconds after the SYN ACK.
How would an attacker exploit this design by launching TCP SYN attack?
A. Attacker generates TCP SYN packets with random destination addresses towards a victim host
B. Attacker floods TCP SYN packets with random source addresses towards a victim host
C. Attacker generates TCP ACK packets with random source addresses towards a victim host
D. Attacker generates TCP RST packets with random source addresses towards a victim host
Answer: B
NEW QUESTION 45
In Trojan terminology, what is a covert channel?
A. A channel that transfers information within a computer system or network in a way that violates the security policy
B. A legitimate communication path within a computer system or network for transfer of data
C. It is a kernel operation that hides boot processes and services to mask detection
D. It is Reverse tunneling technique that uses HTTPS protocol instead of HTTP protocol to establish connections
Answer: A
NEW QUESTION 47
Due to a slowdown of normal network operations, the IT department decided to monitor internet traffic for all of the employees. From a legal standpoint, what
would be troublesome to take this kind of measure?
Answer: C
NEW QUESTION 51
Which of the following is a component of a risk assessment?
A. Administrative safeguards
B. Physical security
C. DMZ
D. Logical interface
Answer: A
NEW QUESTION 54
An attacker has installed a RAT on a host. The attacker wants to ensure that when a user attempts to go to "www.MyPersonalBank.com", the user is directed to a
phishing site.
Which file does the attacker need to modify?
A. Boot.ini
B. Sudoers
C. Networks
D. Hosts
Answer: D
NEW QUESTION 59
_____ is a tool that can hide processes from the process list, can hide files, registry entries, and intercept keystrokes.
A. Trojan
B. RootKit
C. DoS tool
D. Scanner
E. Backdoor
Answer: B
NEW QUESTION 63
One of your team members has asked you to analyze the following SOA record.
What is the TTL? Rutgers.edu.SOA NS1.Rutgers.edu ipad.college.edu (200302028 3600 3600 604800 2400.)
A. 200303028
B. 3600
C. 604800
D. 2400
E. 60
F. 4800
Answer: D
NEW QUESTION 68
You have successfully logged on a Linux system. You want to now cover your trade Your login attempt may be logged on several files located in /var/log. Which
file does NOT belongs to the list:
A. user.log
B. auth.fesg
C. wtmp
D. btmp
Answer: C
NEW QUESTION 72
What is the proper response for a NULL scan if the port is closed?
A. SYN
B. ACK
C. FIN
D. PSH
E. RST
F. No response
Answer: E
NEW QUESTION 76
Identify the UDP port that Network Time Protocol (NTP) uses as its primary means of communication?
A. 113
B. 69
C. 123
D. 161
Answer: C
NEW QUESTION 79
An attacker runs netcat tool to transfer a secret file between two hosts.
A. Machine A: netcat -l -p -s password 1234 < testfileMachine B: netcat <machine A IP> 1234
B. Machine A: netcat -l -e magickey -p 1234 < testfileMachine B: netcat <machine A IP> 1234
C. Machine A: netcat -l -p 1234 < testfile -pw passwordMachine B: netcat <machine A IP> 1234 -pw password
D. Use cryptcat instead of netcat
Answer: D
NEW QUESTION 84
You went to great lengths to install all the necessary technologies to prevent hacking attacks, such as expensive firewalls, antivirus software, anti-spam systems
and intrusion detection/prevention tools in your company's network. You have configured the most secure policies and tightened every device on your network.
You are confident that hackers will never be able to gain access to your network with complex security system in place.
Your peer, Peter Smith who works at the same department disagrees with you.
He says even the best network security technologies cannot prevent hackers gaining access to the network because of presence of "weakest link" in the security
chain.
What is Peter Smith talking about?
A. Untrained staff or ignorant computer users who inadvertently become the weakest link in your securitychain
B. "zero-day" exploits are the weakest link in the security chain since the IDS will not be able to detect these attacks
C. "Polymorphic viruses" are the weakest link in the security chain since the Anti-Virus scanners will not be able to detect these attacks
D. Continuous Spam e-mails cannot be blocked by your security system since spammers use different techniques to bypass the filters in your gateway
Answer: A
NEW QUESTION 86
During a recent security assessment, you discover the organization has one Domain Name Server (DNS) in a Demilitarized Zone (DMZ) and a second DNS server
on the internal network.
What is this type of DNS configuration commonly called?
A. DynDNS
B. DNS Scheme
C. DNSSEC
D. Split DNS
Answer: D
NEW QUESTION 88
User A is writing a sensitive email message to user B outside the local network. User A has chosen to use PKI to secure his message and ensure only user B can
read the sensitive email. At what layer of the OSI layer does the encryption and decryption of the message take place?
A. Application
B. Transport
C. Session
D. Presentation
Answer: D
NEW QUESTION 93
Tess King is using the nslookup command to craft queries to list all DNS information (such as Name Servers, host names, MX records, CNAME records, glue
records (delegation for child Domains), zone serial number, TimeToLive (TTL) records, etc) for a Domain.
What do you think Tess King is trying to accomplish? Select the best answer.
A. A zone harvesting
B. A zone transfer
C. A zone update
D. A zone estimate
Answer: B
NEW QUESTION 95
A penetration tester is conducting a port scan on a specific host. The tester found several ports opened that were confusing in concluding the Operating System
(OS) version installed. Considering that NMAP result below, which of the following is likely to be installed on the target machine by the OS? Starting NMAP 5.21 at
2011-03-15 11:06 NMAP scan report for 172.16.40.65 Host is up (1.00s latency). Not shown: 993 closed ports PORT STATE SERVICE 21/tcp open ftp 23/tcp
open telnet 80/tcp open http 139/tcp open netbios-ssn 515/tcp open 631/tcp open ipp 9100/tcp open MAC Address: 00:00:48:0D:EE:8
Answer: B
NEW QUESTION 97
Bob, a network administrator at BigUniversity, realized that some students are connecting their notebooks in the wired network to have Internet access. In the
university campus, there are many Ethernet ports available for professors and authorized visitors but not for students.
He identified this when the IDS alerted for malware activities in the network. What should Bob do to avoid this problem?
Answer: C
A. WHOIS
B. CAPTCHA
C. IANA
D. IETF
Answer: A
Answer: B
Answer: B
A. Confront the client in a respectful manner and ask her about the data.
B. Copy the data to removable media and keep it in case you need it.
C. Ignore the data and continue the assessment until completed as agreed.
D. Immediately stop work and contact the proper legal authorities.
Answer: D
Bob is going to perform an active session hijack against Brownies Inc. He has found a target that allows session oriented connections (Telnet) and performs the
sequence prediction on the target operating system. He manages to find an active session due to the high level of traffic on the network. What is Bob supposed to
do next?
Answer: C
Answer: C
A. tcpsplice
B. Burp
C. Hydra
D. Whisker
Answer: D
A. Bluedriving
B. Bluesmacking
C. Bluejacking
D. Bluesnarfing
Answer: A
A. SNMPUtil
B. SNScan
C. SNMPScan
D. Solarwinds IP Network Browser
E. NMap
Answer: ABD
Answer: D
A. Digest
B. Secret Key
C. Public Key
D. Hash Algorithm
Answer: C
Answer: C
Answer: C
A. Randomizing
B. Bounding
C. Mutating
D. Fuzzing
Answer: D
A. Hash value
B. Private key
C. Digital signature
D. Digital certificate
Answer: D
Answer: C
A. Intrusion Detection Systems can be configured to distinguish specific content in network packets
B. Intrusion Detection Systems can easily distinguish a malicious payload in an encrypted traffic
C. Intrusion Detection Systems require constant update of the signature library
D. Intrusion Detection Systems can examine the contents of the data n context of the network protocol
Answer: B
A. Netsh
B. Netstat
C. Net use connection
D. Net use
Answer: A
A. Interceptor
B. Man-in-the-middle
C. ARP Proxy
D. Poisoning Attack
Answer: B
From the above list identify the user account with System Administrator privileges.
A. John
B. Rebecca
C. Sheela
D. Shawn
E. Somia
F. Chang
G. Micah
Answer: F
A. Man-in-the-middle attack
B. Meet-in-the-middle attack
C. Replay attack
D. Traffic analysis attack
Answer: B
Answer: D
A. Online Attack
B. Dictionary Attack
C. Brute Force Attack
D. Hybrid Attack
Answer: D
A. Configure the Web Server to deny requests involving "hex encoded" characters
B. Create rules in IDS to alert on strange Unicode requests
C. Use SSL authentication on Web Servers
D. Enable Active Scripts Detection at the firewall and routers
Answer: B
A. tcp.port = = 21
B. tcp.port = 23
C. tcp.port = = 21 | | tcp.port = =22
D. tcp.port ! = 21
Answer: A
A. tcptrace
B. Nessus
C. OpenVAS
D. tcptraceroute
Answer: A
A. Results from matches on the site marketing.target.com that are in the domain target.com but do not include the word accounting.
B. Results matching all words in the query.
C. Results for matches on target.com and Marketing.target.com that include the word “accounting”
D. Results matching “accounting” in domain target.com but not on the site Marketing.target.com
Answer: D
Answer: A
Answer: E
A. Session hijacking
B. Firewalking
C. Man-in-the middle attack
D. Network sniffing
Answer: B
A. Full Blown
B. Thorough
C. Hybrid
D. BruteDics
Answer: C
A. Nikto
B. John the Ripper
C. Dsniff
D. Snort
Answer: A
Answer: BCDE
A. Scanning
B. Footprinting
C. Enumeration
D. System Hacking
Answer: B
A. DNSSEC
B. Resource records
C. Resource transfer
D. Zone transfer
Answer: A
A. Look for "zero-day" exploits at various underground hacker websites in Russia and China and buy the necessary exploits from these hackers and target the
bank's network
B. Try to hang around the local pubs or restaurants near the bank, get talking to a poorly-paid or disgruntled employee, and offer them money if they'll abuse their
access privileges by providing you with sensitive information
C. Launch DDOS attacks against Merclyn Barley Bank's routers and firewall systems using 100, 000 or more "zombies" and "bots"
D. Try to conduct Man-in-the-Middle (MiTM) attack and divert the network traffic going to the Merclyn Barley Bank's Webserver to that of your machine using DNS
Cache Poisoning techniques
Answer: B
A. Social Engineering
B. Eavesdropping
C. Scanning
D. Sniffing
Answer: A
A. 3
B. 5
C. 4
D. 2
Answer: A
A. Linux
B. Unix
C. OS X
D. Windows
Answer: D
Answer: B
A. Use a firewall between the public network and the payment card data.
B. Use encryption to protect all transmission of card holder data over any public network.
C. Rotate employees handling credit card transactions on a yearly basis to different departments.
D. Limit access to card holder data to as few individuals as possible.
Answer: C
Answer: B
A. Educate everyone with books, articles and training on risk analysis, vulnerabilities and safeguards.
B. Hire more computer security monitoring personnel to monitor computer systems and networks.
C. Make obtaining either a computer security certification or accreditation easier to achieve so more individuals feel that they are a part of something larger than
life.
D. Train more National Guard and reservist in the art of computer security to help out in times of emergency or crises.
Answer: A
Answer: A
Answer: D
Answer: A
A. Birthday
B. Brute force
C. Man-in-the-middle
D. Smurf
Answer: B
A. nessus
B. tcpdump
C. ethereal
D. jack the ripper
Answer: B
A. MAC Flooding
B. Smurf Attack
C. DNS spoofing
D. ARP Poisoning
Answer: C
A. Honeypots
B. Firewalls
C. Network-based intrusion detection system (NIDS)
D. Host-based intrusion detection system (HIDS)
Answer: C
A. HIPAA
B. EU Safe Harbor
C. PCI-DSS
D. NIST-800-53
Answer: D
A. ACK
B. SYN
C. RST
D. SYN-ACK
Answer: B
A. network Sniffer
B. Vulnerability Scanner
C. Intrusion prevention Server
D. Security incident and event Monitoring
Answer: D
Answer: D
Answer: B
A. True
B. False
Answer: B
A. Replay attacks
B. Scanning attacks
C. Session hijacking attacks
D. Password cracking attacks
Answer: A
A. Circuit
B. Stateful
C. Application
D. Packet Filtering
Answer: B
A. Behavioral based
B. Heuristics based
C. Honeypot based
D. Cloud based
Answer: D
Answer: B
A. A hacker prevents a legitimate user (or group of users) from accessing a service
B. A hacker uses every character, word, or letter he or she can think of to defeat authentication
C. A hacker tries to decipher a password by using a system, which subsequently crashes the network
D. A hacker attempts to imitate a legitimate user by confusing a computer or even another person
Answer: A
Visit Our Site to Purchase the Full Set of Actual 312-50v11 Exam Questions With Answers.
We Also Provide Practice Exam Software That Simulates Real Exam Environment And Has Many Self-Assessment Features. Order the
312-50v11 Product From:
https://www.2passeasy.com/dumps/312-50v11/
* 312-50v11 Most Realistic Questions that Guarantee you a Pass on Your FirstTry
* 312-50v11 Practice Test Questions in Multiple Choice Formats and Updatesfor 1 Year