aiotestking uk

312-50 Exam Questions - Online Test


312-50 Premium VCE File

Learn More 100% Pass Guarantee - Dumps Verified - Instant Download
150 Lectures, 20 Hours

Q1. What ICMP message types are used by the ping command? 

A. Timestamp request (13) and timestamp reply (14) 

B. Echo request (8) and Echo reply (0) 

C. Echo request (0) and Echo reply (1) 

D. Ping request (1) and Ping reply (2) 

Answer: B

Explanation: ICMP Type 0 = Echo Reply, ICMP Type 8 = Echo 

Q2. Which of the following is NOT a reason 802.11 WEP encryption is vulnerable? 

A. There is no mutual authentication between wireless clients and access points 

B. Automated tools like AirSnort are available to discover WEP keys 

C. The standard does not provide for centralized key management 

D. The 24 bit Initialization Vector (IV) field is too small 

Answer: C

Explanation: The lack of centralized key management in itself is not a reason that the WEP encryption is vulnerable, it is the people setting the user shared key that makes it unsecure. 

Q3. If you send a SYN to an open port, what is the correct response?(Choose all correct answers. 

A. SYN 

B. ACK 

C. FIN 

D. PSH 

Answer: AB

Explanation: The proper response is a SYN / ACK. This technique is also known as half-open scanning. 

Q4. Sabotage, Advertising and Covering are the three stages of _____ 

A. Social engineering 

B. Reverse Social Engineering 

C. Reverse Software Engineering 

D. Rapid Development Engineering 

Answer: B

Explanation: Typical social interaction dictates that if someone gives us something then it is only right for us to return the favour. This is known as reverse social engineering, when an attacker sets up a situation where the victim encounters a problem, they ask the attacker for help and once the problem is solved the victim then feels obliged to give the information requested by the attacker. 

Q5. What is the expected result of the following exploit? 

A. Opens up a telnet listener that requires no username or password. 

B. Create a FTP server with write permissions enabled. 

C. Creates a share called “sasfile” on the target system. 

D. Creates an account with a user name of Anonymous and a password of noone@nowhere.com. 

Answer: A

Explanation: The script being depicted is in perl (both msadc.pl and the script their using as a wrapper) -- $port, $your, $user, $pass, $host are variables that hold the port # of a DNS server, an IP, username, and FTP password. $host is set to argument variable 0 (which means the string typed directly after the command). Essentially what happens is it connects to an FTP server and downloads nc.exe (the TCP/IP swiss-army knife -- netcat) and uses nc to open a TCP port spawning cmd.exe (cmd.exe is the Win32 DOS shell on NT/2000/2003/XP), cmd.exe when spawned requires NO username or password and has the permissions of the username it is being executed as (probably guest in this instance, although it could be administrator). The #'s in the script means the text following is a comment, notice the last line in particular, if the # was removed the script would spawn a connection to itself, the host system it was running on. 

Q6. ou have hidden a Trojan file virus.exe inside another file readme.txt using NTFS streaming. 

Which command would you execute to extract the Trojan to a standalone file? 

A. c:\> type readme.txt:virus.exe > virus.exe 

B. c:\> more readme.txt | virus.exe > virus.exe 

C. c:\> cat readme.txt:virus.exe > virus.exe 

D. c:\> list redme.txt$virus.exe > virus.exe 

Answer: C

Explanation: cat will concatenate, or write, the alternate data stream to its own file named virus.exe 

Q7. LM authentication is not as strong as Windows NT authentication so you may want to disable its use, because an attacker eavesdropping on network traffic will attack the weaker protocol. A successful attack can compromise the user's password. How do you disable LM authentication in Windows XP? 

A. Stop the LM service in Windows XP 

B. Disable LSASS service in Windows XP 

C. Disable LM authentication in the registry 

D. Download and install LMSHUT.EXE tool from Microsoft website 

Answer: C

Explanation: http://support.microsoft.com/kb/299656 

Q8. The GET method should never be used when sensitive data such as credit is being sent to a CGI program. This is because any GET command will appear in the URL and will be logged by any servers. For example, let’s say that you’ve entered your credit card information into a form that uses the GET method. The URL may appear like this: 

https://www.xsecurity-bank.com/creditcard.asp?cardnumber=454543433532234 

The GET method appends the credit card number to the URL. This means that anyone with access to a server log will be able to obtain this information. 

How would you protect from this type of attack? 

A. Replace the GET with POST method when sending data 

B. Never include sensitive information in a script 

C. Use HTTOS SSLV3 to send the data instead of plain HTTPS 

D. Encrypt the data before you send using GET method 

Answer: A

Explanation: If the method is "get", the user agent takes the value of action, appends a ? to it, then appends the form data set, encoded using the application/x-www-form-urlencoded content type. The user agent then traverses the link to this URI. If the method is "post" --, the user agent conducts an HTTP post transaction using the value of the action attribute and a message created according to the content type specified by the enctype attribute. 

Q9. Windump is a Windows port of the famous TCPDump packet sniffer available on a variety of platforms. In order to use this tool on the Windows Platform you must install a packet capture library. What is the name of this library? 

A. PCAP 

B. NTPCAP 

C. LibPCAP 

D. WinPCAP 

Answer: D

Explanation: WinPcap is the industry-standard tool for link-layer network access in Windows environments: it allows applications to capture and transmit network packets bypassing the protocol stack, and has additional useful features, including kernel-level packet filtering, a network statistics engine and support for remote packet capture. 

Q10. What type of encryption does WPA2 use? 

A. DES 64 bit 

B. AES-CCMP 128 bit 

C. MD5 48 bit 

D. SHA 160 bit 

Answer: B