aiotestking uk

312-50 Exam Questions - Online Test


312-50 Premium VCE File

Learn More 100% Pass Guarantee - Dumps Verified - Instant Download
150 Lectures, 20 Hours

Q1. John is using a special tool on his Linux platform that has a signature database and is therefore able to detect hundred of vulnerabilities in UNIX, Windows, and commonly-used web CGI scripts. Additionally, the database detects DDoS zombies and Trojans. What would be the name of this multifunctional tool? 

A. nmap 

B. hping 

C. nessus 

D. make 

Answer: C

Explanation: Nessus is the world's most popular vulnerability scanner, estimated to be used by over 75,000 organizations world-wide. Nmap is mostly used for scanning, not for detecting vulnerabilities. Hping is a free packet generator and analyzer for the TCP/IP protocol and make is used to automatically build large applications on the *nix plattform. 

Q2. What is Cygwin? 

A. Cygwin is a free C++ compiler that runs on Windows 

B. Cygwin is a free Unix subsystem that runs on top of Windows 

C. Cygwin is a free Windows subsystem that runs on top of Linux 

D. Cygwin is a X Windows GUI subsytem that runs on top of Linux GNOME environment 

Answer:

Explanation: Cygwin is a Linux-like environment for Windows. It consists of two parts: 

A DLL (cygwin1.dll) which acts as a Linux API emulation layer providing substantial Linux API functionality. 

A collection of tools which provide Linux look and feel. 

The Cygwin DLL works with all non-beta, non "release candidate", ix86 32 bit versions of Windows since Windows 95, with the exception of Windows CE. 

Q3. Which definition below best describes a covert channel? 

A. Making use of a Protocol in a way it was not intended to be used 

B. It is the multiplexing taking place on communication link 

C. It is one of the weak channels used by WEP that makes it insecure 

D. A Server Program using a port that is not well known 

Answer: A

Explanation: A covert channel is a hidden communication channel not intended for information transfer at all. Redundancy can often be used to communicate in a covert way. There are several ways that hidden communication can be set up. 

Q4. Lori has just been tasked by her supervisor conduct vulnerability scan on the corporate network. She has been instructed to perform a very thorough test of the network to ensure that there are no security holes on any of the machines. Lori’s company does not own any commercial scanning products, so she decides to download a free one off the Internet. Lori has never done a vulnerability scan before, so she is unsure of some of the settings available in the software she downloaded. One of the option is to choose which ports that can be scanned. Lori wants to do exactly what her boos has told her, but she does not know ports should be scanned. 

If Lori is supposed to scan all known TCP ports, how many ports should she select in the software? 

A. 65536 

B. 1024 

C. 1025 

D. Lori should not scan TCP ports, only UDP ports 

Answer: A

Explanation: In both TCP and UDP, each packet header will specify a source port and a destination port, each of which is a 16-bit unsigned integer (i.e. ranging from 0 to 65535). 

Q5. Which definition among those given below best describes a covert channel? 

A. A server program using a port that is not well known. 

B. Making use of a protocol in a way it is not intended to be used. 

C. It is the multiplexing taking place on a communication link. 

D. It is one of the weak channels used by WEP which makes it insecure. 

Answer:

Explanation: A covert channel is described as: "any communication channel that can be exploited by a process to transfer information in a manner that violates the systems security policy." 

Essentially, it is a method of communication that is not part of an actual computer system design, but can be used to transfer information to users or system processes that normally would not be allowed access to the information. 

Q6. What did the following commands determine? 

C : user2sid \earth guest S-1-5-21-343818398-789336058-1343024091-501 

C:sid2user 5 21 343818398 789336058 1343024091 500 Name is Joe Domain is EARTH 

A. That the Joe account has a SID of 500 

B. These commands demonstrate that the guest account has NOT been disabled 

C. These commands demonstrate that the guest account has been disabled 

D. That the true administrator is Joe 

E. Issued alone, these commands prove nothing 

Answer: D

Explanation: One important goal of enumeration is to determine who the true administrator is. In the example above, the true administrator is Joe. 

Q7. What hacking attack is challenge/response authentication used to prevent? 

A. Replay attacks 

B. Scanning attacks 

C. Session hijacking attacks 

D. Password cracking attacks 

Answer: A

Explanation: A replay attack is a form of network attack in which a valid data transmission is maliciously or fraudulently repeated or delayed. This is carried out either by the originator or by an adversary who intercepts the data and retransmits it. With a challenge/response authentication you ensure that captured packets can’t be retransmitted without a new authentication. 

Q8. William has received a Tetris game from someone in his computer programming class through email. William does not really know the person who sent the game very well, but decides to install the game anyway because he really likes Tetris. 

After William installs the game, he plays it for a couple of hours. The next day, William plays the Tetris game again and notices that his machines have begun to slow down. He brings up his Task Manager and sees the following programs running (see Screenshot): 

What has William just installed? 

A. Remote Access Trojan (RAT) 

B. Zombie Zapper (ZoZ) 

C. Bot IRC Tunnel (BIT) 

D. Root Digger (RD) 

Answer: A

Explanation: RATs are malicious programs that run invisibly on host PCs and permit an intruder remote access and control. On a basic level, many RATs mimic the functionality of legitimate remote control programs such as Symantec's pcAnywhere but are designed specifically for stealth installation and operation. Intruders usually hide these Trojan horses in games and other small programs that unsuspecting users then execute on their PCs. Typically, exploited users either download and execute the malicious programs or are tricked into clicking rogue email attachments. 

Q9. In which step Steganography fits in CEH System Hacking Cycle (SHC) 

A. Step 2: Crack the password 

B. Step 1: Enumerate users 

C. Step 3: Escalate privileges 

D. Step 4: Execute applications 

E. Step 5: Hide files 

F. Step 6: Cover your tracks 

Answer: ACDEF

Q10. Which of the following statements about a zone transfer correct?(Choose three. 

A. A zone transfer is accomplished with the DNS 

B. A zone transfer is accomplished with the nslookup service 

C. A zone transfer passes all zone information that a DNS server maintains 

D. A zone transfer passes all zone information that a nslookup server maintains 

E. A zone transfer can be prevented by blocking all inbound TCP port 53 connections 

F. Zone transfers cannot occur on the Internet 

Answer: ACE

Explanation: Securing DNS servers should be a priority of the organization. Hackers obtaining DNS information can discover a wealth of information about an organization. This information can be used to further exploit the network.