aiotestking uk

312-50 Exam Questions - Online Test


312-50 Premium VCE File

Learn More 100% Pass Guarantee - Dumps Verified - Instant Download
150 Lectures, 20 Hours

Q1. What is the proper response for a NULL scan if the port is closed? 

A. SYN 

B. ACK 

C. FIN 

D. PSH 

E. RST 

F. No response 

Answer:

Explanation: Closed ports respond to a NULL scan with a reset. 

Q2. This method is used to determine the Operating system and version running on a remote target system. What is it called? 

A. Service Degradation 

B. OS Fingerprinting 

C. Manual Target System 

D. Identification Scanning 

Answer: B

Q3. Bryce the bad boy is purposely sending fragmented ICMP packets to a remote target. The tool size of this ICMP packet once reconstructed is over 65,536 bytes. From the information given, what type of attack is Bryce attempting to perform? 

A. Smurf 

B. Fraggle 

C. SYN Flood 

D. Ping of Death 

Answer: D

Explanation: A ping of death (abbreviated "POD") is a type of attack on a computer that involves sending a malformed or otherwise malicious ping to a computer. A ping is normally 64 bytes in size (or 84 bytes when IP header is considered); many computer systems cannot handle a ping larger than the maximum IP packet size, which is 65,535 bytes. Sending a ping of this size can crash the target computer. Traditionally, this bug has been relatively easy to exploit. Generally, sending a 65,536 byte ping packet is illegal according to networking protocol, but a packet of such a size can be sent if it is fragmented; when the target computer reassembles the packet, a buffer overflow can occur, which often causes a system crash. 

Q4. A majority of attacks come from insiders, people who have direct access to a company's computer system as part of their job function or a business relationship. Who is considered an insider? 

A. The CEO of the company because he has access to all of the computer systems 

B. A government agency since they know the company computer system strengths and weaknesses 

C. Disgruntled employee, customers, suppliers, vendors, business partners, contractors, temps, and consultants 

D. A competitor to the company because they can directly benefit from the publicity generated by making such an attack 

Answer:

Explanation: An insider is anyone who already has an foot inside one way or another. 

Q5. What is the advantage in encrypting the communication between the agent and the monitor in an Intrusion Detection System? 

A. Encryption of agent communications will conceal the presence of the agents 

B. The monitor will know if counterfeit messages are being generated because they will not be encrypted 

C. Alerts are sent to the monitor when a potential intrusion is detected 

D. An intruder could intercept and delete data or alerts and the intrusion can go undetected 

Answer: B

Q6. Bob wants to prevent attackers from sniffing his passwords on the wired network. Which of the following lists the best options? 

A. RSA, LSA, POP 

B. SSID, WEP, Kerberos 

C. SMB, SMTP, Smart card 

D. Kerberos, Smart card, Stanford SRP 

Answer: D

Explanation: Kerberos, Smart cards and Stanford SRP are techniques where the password never leaves the computer. 

Q7. An attacker is attempting to telnet into a corporation’s system in the DMZ. The attacker doesn’t want to get caught and is spoofing his IP address. After numerous tries he remains unsuccessful in connecting to the system. The attacker rechecks that the target system is actually listening on Port 23 and he verifies it with both nmap and hping2. He is still unable to connect to the target system. 

What is the most probable reason? 

A. The firewall is blocking port 23 to that system. 

B. He cannot spoof his IP and successfully use TCP. 

C. He needs to use an automated tool to telnet in. 

D. He is attacking an operating system that does not reply to telnet even when open. 

Answer:

Explanation: Spoofing your IP will only work if you don’t need to get an answer from the target system. In this case the answer (login prompt) from the telnet session will be sent to the “real” location of the IP address that you are showing as the connection initiator. 

Q8. What is the proper response for a X-MAS scan if the port is closed? 

A. SYN 

B. ACK 

C. FIN 

D. PSH 

E. RST 

F. No response 

Answer:

Explanation: Closed ports respond to a X-MAS scan with a RST. 

Q9. In the context of Trojans, what is the definition of a Wrapper? 

A. An encryption tool to protect the Trojan. 

B. A tool used to bind the Trojan with legitimate file. 

C. A tool used to encapsulated packets within a new header and footer. 

D. A tool used to calculate bandwidth and CPU cycles wasted by the Trojan. 

Answer: B

Explanation: These wrappers allow an attacker to take any executable back-door program and combine it with any legitimate executable, creating a Trojan horse without writing a single line of new code. 

Q10. Access control is often implemented through the use of MAC address filtering on wireless Access Points. Why is this considered to be a very limited security measure? 

A. Vendors MAC address assignment is published on the Internet. 

B. The MAC address is not a real random number. 

C. The MAC address is broadcasted and can be captured by a sniffer. 

D. The MAC address is used properly only on Macintosh computers. 

Answer: C