aiotestking uk

312-50 Exam Questions - Online Test


312-50 Premium VCE File

Learn More 100% Pass Guarantee - Dumps Verified - Instant Download
150 Lectures, 20 Hours

Q1. Study the snort rule given below: 

From the options below, choose the exploit against which this rule applies. 

A. WebDav 

B. SQL Slammer 

C. MS Blaster 

D. MyDoom 

Answer: C

Explanation: MS Blaster scans the Internet for computers that are vulnerable to its attack. Once found, it tries to enter the system through the port 135 to create a buffer overflow. TCP ports 139 and 445 may also provide attack vectors. 

Q2. RC4 is known to be a good stream generator. RC4 is used within the WEP standard on wireless LAN. WEP is known to be insecure even if we are using a stream cipher that is known to be secured. 

What is the most likely cause behind this? 

A. There are some flaws in the implementation. 

B. There is no key management. 

C. The IV range is too small. 

D. All of the above. 

E. None of the above. 

Answer: D

Explanation: Because RC4 is a stream cipher, the same traffic key must never be used twice. The purpose of an IV, which is transmitted as plain text, is to prevent any repetition, but a 24-bit IV is not long enough to ensure this on a busy network. The way the IV was used also opened WEP to a related key attack. For a 24-bit IV, there is a 50% probability the same IV will repeat after 5000 packets. Many WEP systems require a key in hexadecimal format. Some users choose keys that spell words in the limited 0-9, A-F hex character set, for example C0DE C0DE C0DE C0DE. Such keys are often easily guessed. 

Q3. You are scanning into the target network for the first time. You find very few conventional ports open. When you attempt to perform traditional service identification by connecting to the open ports, it yields either unreliable or no results. You are unsure of what protocols are being used. You need to discover as many different protocols as possible. Which kind of scan would you use to do this? 

A. Nmap with the –sO (Raw IP packets) switch 

B. Nessus scan with TCP based pings 

C. Nmap scan with the –sP (Ping scan) switch 

D. Netcat scan with the –u –e switches 

Answer: A

Explanation: Running Nmap with the –sO switch will do a IP Protocol Scan. The IP protocol scan is a bit different than the other nmap scans. The IP protocol scan is searching for additional IP protocols in use by the remote station, such as ICMP, TCP, and UDP. If a router is scanned, additional IP protocols such as EGP or IGP may be identified. 

Q4. A Trojan horse is a destructive program that masquerades as a benign application. The software initially appears to perform a desirable function for the user prior to installation and/or execution, but in addition to the expected function steals information or harms the system. 

The challenge for an attacker is to send a convincing file attachment to the victim, which gets easily executed on the victim machine without raising any suspicion. Today's end users are quite knowledgeable about malwares and viruses. Instead of sending games and fun executables, Hackers today are quite successful in spreading the Trojans using Rogue security software. 

What is Rogue security software? 

A. A flash file extension to Firefox that gets automatically installed when a victim visits rogue software disabling websites 

B. A Fake AV program that claims to rid a computer of malware, but instead installs spyware or other malware onto the computer. This kind of software is known as rogue security software. 

C. A Fake AV program that claims to rid a computer of malware, but instead installs spyware or other malware onto the computer. This kind of software is known as rogue security software. 

D. A Fake AV program that claims to rid a computer of malware, but instead installs spyware or other malware onto the computer. This kind of software is known as rogue security software. 

E. Rogue security software is based on social engineering technique in which the attackers lures victim to visit spear phishing websites 

F. This software disables firewalls and establishes reverse connecting tunnel between the victim's machine and that of the attacker 

Answer: BCD

Q5. A Buffer Overflow attack involves: 

A. Using a trojan program to direct data traffic to the target host's memory stack 

B. Flooding the target network buffers with data traffic to reduce the bandwidth available to legitimate users 

C. Using a dictionary to crack password buffers by guessing user names and passwords 

D. Poorly written software that allows an attacker to execute arbitrary code on a target system 

Answer: D

Explanation: B is a denial of service. By flooding the data buffer in an application with trash you could get access to write in the code segment in the application and that way insert your own code. 

Q6. Bob has set up three web servers on Windows Server 2008 IIS 7.0. Bob has followed all the recommendations for securing the operating system and IIS. These servers are going to run numerous e-commerce websites that are projected to bring in thousands of dollars a day. Bob is still concerned about the security of these servers because of the potential for financial loss. Bob has asked his company's firewall administrator to set the firewall to inspect all incoming traffic on ports 80 and 443 to ensure that no malicious data is getting into the network. 

Why will this not be possible? 

A. Firewalls cannot inspect traffic coming through port 443 

B. Firewalls can only inspect outbound traffic 

C. Firewalls cannot inspect traffic at all, they can only block or allow certain ports 

D. Firewalls cannot inspect traffic coming through port 80 

Answer: C

Q7. Darren is the network administrator for Greyson & Associates, a large law firm in Houston. Darren is responsible for all network functions as well as any digital forensics work that is needed. Darren is examining the firewall logs one morning and notices some unusual activity. He traces the activity target to one of the firm's internal file servers and finds that many documents on that server were destroyed. After performing some calculations, Darren finds the damage to be around $75,000 worth of lost data. Darren decides that this incident should be handled and resolved within the same day of its discovery. 

What incident level would this situation be classified as? 

A. This situation would be classified as a mid-level incident 

B. Since there was over $50,000 worth of loss, this would be considered a high-level incident 

C. Because Darren has determined that this issue needs to be addressed in the same day it was discovered, this would be considered a low-level incident 

D. This specific incident would be labeled as an immediate-level incident 

Answer: D

Q8. You want to know whether a packet filter is in front of 192.168.1.10. Pings to 192.168.1.10 don't get answered. A basic nmap scan of 192.168.1.10 seems to hang without returning any information. What should you do next? 

A. Use NetScan Tools Pro to conduct the scan 

B. Run nmap XMAS scan against 192.168.1.10 

C. Run NULL TCP hping2 against 192.168.1.10 

D. The firewall is blocking all the scans to 192.168.1.10 

Answer: C

Q9. What is the proper response for a X-MAS scan if the port is closed? 

A. SYN 

B. ACK 

C. FIN 

D. PSH 

E. RST 

F. No response 

Answer:

Explanation: Closed ports respond to a X-MAS scan with a RST. 

Q10. How does traceroute map the route a packet travels from point A to point B? 

A. Uses a TCP timestamp packet that will elicit a time exceeded in transit message 

B. Manipulates the value of the time to live (TTL) within packet to elicit a time exceeded in transit message 

C. Uses a protocol that will be rejected by gateways on its way to the destination 

D. Manipulates the flags within packets to force gateways into generating error messages 

Answer: B