aiotestking uk

312-50 Exam Questions - Online Test


312-50 Premium VCE File

Learn More 100% Pass Guarantee - Dumps Verified - Instant Download
150 Lectures, 20 Hours

Q1. Which type of hacker represents the highest risk to your network? 

A. script kiddies 

B. grey hat hackers 

C. black hat hackers 

D. disgruntled employees 

Answer: D

Explanation: The disgruntled users have some permission on your database, versus a hacker who might not get into the database. Global Crossings is a good example of how a disgruntled employee -- who took the internal payroll database home on a hard drive -- caused big problems for the telecommunications company. The employee posted the names, Social Security numbers and birthdates of company employees on his Web site. He may have been one of the factors that helped put them out of business. 

Q2. An nmap command that includes the host specification of 202.176.56-57.* will scan _______ number of hosts. 

A. 2 

B. 256 

C. 512 

D. Over 10,000 

Answer: C

Explanation: The hosts with IP address 202.176.56.0-255 & 202.176.56.0-255 will be scanned (256+256=512) 

Q3. Which of the following is NOT part of CEH Scanning Methodology? 

A. Check for Live systems 

B. Check for Open Ports 

C. Banner Grabbing 

D. Prepare Proxies 

E. Social Engineering attacks 

F. Scan for Vulnerabilities 

G. Draw Network Diagrams 

Answer: E

Q4. Neil is a network administrator working in Istanbul. Neil wants to setup a protocol analyzer on his network that will receive a copy of every packet that passes through the main office switch. What type of port will Neil need to setup in order to accomplish this? 

A. Neil will have to configure a Bridged port that will copy all packets to the protocol analyzer. 

B. Neil will need to setup SPAN port that will copy all network traffic to the protocol analyzer. 

C. He will have to setup an Ether channel port to get a copy of all network traffic to the analyzer. 

D. He should setup a MODS port which will copy all network traffic. 

Answer: B

Q5. You are gathering competitive intelligence on an organization. You notice that they have jobs listed on a few Internet job-hunting sites. There are two jobs for network and system administrators. How can this help you in foot printing the organization? 

A. To learn about the IP range used by the target network 

B. To identify the number of employees working for the company 

C. To test the limits of the corporate security policy enforced in the company 

D. To learn about the operating systems, services and applications used on the network 

Answer: D

Q6. Jack Hacker wants to break into company’s computers and obtain their secret double fudge cookie recipe. Jacks calls Jane, an accountant at company pretending to be an administrator from company. Jack tells Jane that there has been a problem with some accounts and asks her to verify her password with him “just to double check our records”. Jane does not suspect anything amiss, and parts with her password. Jack can now access company’s computers with a valid user name and password, to steal the cookie recipe. 

What kind of attack is being illustrated here? (Choose the best answer) 

A. Reverse Psychology 

B. Reverse Engineering 

C. Social Engineering 

D. Spoofing Identity 

E. Faking Identity 

Answer: C

Explanation: This is a typical case of pretexting. Pretexting is the act of creating and using an invented scenario (the pretext) to persuade a target to release information or perform an action and is usually done over the telephone. 

Q7. Perimeter testing means determining exactly what your firewall blocks and what it allows. To conduct a good test, you can spoof source IP addresses and source ports. Which of the following command results in packets that will appear to originate from the system at 10.8.8.8? Such a packet is useful for determining whether the firewall is allowing random packets in or out of your network. 

A. hping3 -T 10.8.8.8 -S netbios -c 2 -p 80 

B. hping3 -Y 10.8.8.8 -S windows -c 2 -p 80 

C. hping3 -O 10.8.8.8 -S server -c 2 -p 80 

D. hping3 -a 10.8.8.8 -S springfield -c 2 -p 80 

Answer: D

Q8. eter, a Network Administrator, has come to you looking for advice on a tool that would help him perform SNMP enquires over the network. Which of these tools would do the SNMP enumeration he is looking for? 

Select the best answers. 

A. SNMPUtil 

B. SNScan 

C. SNMPScan 

D. Solarwinds IP Network Browser 

E. NMap 

Answer: ABD

Explanations: 

SNMPUtil is a SNMP enumeration utility that is a part of the Windows 2000 resource kit. With SNMPUtil, you can retrieve all sort of valuable information through SNMP. SNScan is a SNMP network scanner by Foundstone. It does SNMP scanning to find open SNMP ports. Solarwinds IP Network Browser is a SNMP enumeration tool with a graphical tree-view of the remote machine's SNMP data. 

Q9. What is the proper response for a X-MAS scan if the port is open? 

A. SYN 

B. ACK 

C. FIN 

D. PSH 

E. RST 

F. No response 

Answer:

Explanation: Closed ports respond to a X-MAS scan by ignoring the packet. 

Q10. You generate MD5 128-bit hash on all files and folders on your computer to keep a baseline check for security reasons? 

What is the length of the MD5 hash? 

A. 32 bit 

B. 64 byte 

C. 48 char 

D. 128 kb 

Answer: C