aiotestking uk

312-50 Exam Questions - Online Test


312-50 Premium VCE File

Learn More 100% Pass Guarantee - Dumps Verified - Instant Download
150 Lectures, 20 Hours

Q1. Jason is the network administrator of Spears Technology. He has enabled SNORT IDS to detect attacks going through his network. He receives Snort SMS alerts on his iPhone whenever there is an attempted intrusion to his network. 

He receives the following SMS message during the weekend. 

An attacker Chew Siew sitting in Beijing, China had just launched a remote scan on Jason's network with the hping command. 

Which of the following hping2 command is responsible for the above snort alert? 

A. chenrocks:/home/siew # hping -S -R -P -A -F -U 192.168.2.56 -p 22 -c 5 -t 118 

B. chenrocks:/home/siew # hping -F -Q -J -A -C -W 192.168.2.56 -p 22 -c 5 -t 118 

C. chenrocks:/home/siew # hping -D -V -R -S -Z -Y 192.168.2.56 -p 22 -c 5 -t 118 

D. chenrocks:/home/siew # hping -G -T -H -S -L -W 192.168.2.56 -p 22 -c 5 -t 118 

Answer: A

Q2. Why would an attacker want to perform a scan on port 137? 

A. To discover proxy servers on a network 

B. To disrupt the NetBIOS SMB service on the target host 

C. To check for file and print sharing on Windows systems 

D. To discover information about a target host using NBTSTAT 

Answer: D

Explanation: Microsoft encapsulates netbios information within TCP/Ip using ports 135-139. It is trivial for an attacker to issue the following command: 

nbtstat -A (your Ip address) from their windows machine and collect information about your windows machine (if you are not blocking traffic to port 137 at your borders). 

Q3. On wireless networks, SSID is used to identify the network. Why are SSID not considered to be a good security mechanism to protect a wireless networks? 

A. The SSID is only 32 bits in length. 

B. The SSID is transmitted in clear text. 

C. The SSID is the same as the MAC address for all vendors. 

D. The SSID is to identify a station, not a network. 

Answer: B

Explanation: The SSID IS constructed to identify a network, it IS NOT the same as the MAC address and SSID’s consists of a maximum of 32 alphanumeric characters. 

Q4. What is the IV key size used in WPA2? 

A. 32 

B. 24 

C. 16 

D. 48 

E. 128 

Answer: D

Q5. What type of session hijacking attack is shown in the exhibit? 

A. Session Sniffing Attack 

B. Cross-site scripting Attack 

C. SQL Injection Attack 

D. Token sniffing Attack 

Answer: A

Q6. In which part of OSI layer, ARP Poisoning occurs? 

A. Transport Layer 

B. Datalink Layer 

C. Physical Layer 

D. Application layer 

Answer: B

Q7. Identify SQL injection attack from the HTTP requests shown below: 

A. http://www.victim.com/example?accountnumber=67891&creditamount=999999999 

B. http://www.xsecurity.com/cgiin/bad.cgi?foo=..%fc%80%80%80%80%af../bin/ls%20-al 

C. http://www.myserver.com/search.asp?lname=smith%27%3bupdate%20usertable%20set%20pass wd%3d%27hAx0r%27%3b--%00 

D. http://www.myserver.com/script.php?mydata=%3cscript%20src=%22http%3a%2f%2fwww.yourser ver.c0m%2fbadscript.js%22% 3e%3c%2fscript%3e 

Answer: C

Explantion: The correct answer contains the code to alter the usertable in order to change the password for user smith to hAx0r 

Q8. Which one of the following is defined as the process of distributing incorrect Internet Protocol (IP) addresses/names with the intent of diverting traffic? 

A. Network aliasing 

B. Domain Name Server (DNS) poisoning 

C. Reverse Address Resolution Protocol (ARP) 

D. Port scanning 

Answer: B

This reference is close to the one listed DNS poisoning is the correct answer. 

This is how DNS DOS attack can occur. If the actual DNS records are unattainable to the attacker for him to alter in this fashion, which they should be, the attacker can insert this data into the cache of there server instead of replacing the actual records, which is referred to as cache poisoning. 

Q9. Let's imagine three companies (A, B and C), all competing in a challenging global environment. Company A and B are working together in developing a product that will generate a major competitive advantage for them. Company A has a secure DNS server while company B has a DNS server vulnerable to spoofing. With a spoofing attack on the DNS server of company B, company C gains access to outgoing e-mails from company B. How do you prevent DNS spoofing? (Select the Best Answer.) 

A. Install DNS logger and track vulnerable packets 

B. Disable DNS timeouts 

C. Install DNS Anti-spoofing 

D. Disable DNS Zone Transfer 

Answer: C

Explanation: Explantion: Implement DNS Anit-Spoofing measures to prevent DNS Cache Pollution to occur. 

Q10. DRAG DROP 

Drag the application to match with its correct description. 

Exhibit: 

Answer: