aiotestking uk

312-50 Exam Questions - Online Test


312-50 Premium VCE File

Learn More 100% Pass Guarantee - Dumps Verified - Instant Download
150 Lectures, 20 Hours

Q1. Jake is a network administrator who needs to get reports from all the computer and network devices on his network. Jake wants to use SNMP but is afraid that won't be secure since passwords and messages are in clear text. How can Jake gather network information in a secure manner? 

A. He can use SNMPv3 

B. Jake can use SNMPrev5 

C. He can use SecWMI 

D. Jake can use SecSNMP 

Answer: A

Q2. Rebecca is a security analyst and knows of a local root exploit that has the ability to enable local users to use available exploits to gain root privileges. This vulnerability exploits a condition in the Linux kernel within the execve() system call. There is no known workaround that exists for this vulnerability. What is the correct action to be taken by Rebecca in this situation as a recommendation to management? 

A. Rebecca should make a recommendation to disable the () system call 

B. Rebecca should make a recommendation to upgrade the Linux kernel promptly 

C. Rebecca should make a recommendation to set all child-process to sleep within the execve() 

D. Rebecca should make a recommendation to hire more system administrators to monitor all child processes to ensure that each child process can't elevate privilege 

Answer: B

Q3. This type of Port Scanning technique splits TCP header into several packets so that the packet filters are not able to detect what the packets intends to do. 

A. UDP Scanning 

B. IP Fragment Scanning 

C. Inverse TCP flag scanning 

D. ACK flag scanning 

Answer: B

Q4. Jacob is looking through a traffic log that was captured using Wireshark. Jacob has come across what appears to be SYN requests to an internal computer from a spoofed IP address. What is Jacob seeing here? 

A. Jacob is seeing a Smurf attack. 

B. Jacob is seeing a SYN flood. 

C. He is seeing a SYN/ACK attack. 

D. He has found evidence of an ACK flood. 

Answer: B

Q5. You want to hide a secret.txt document inside c:\windows\system32\tcpip.dll kernel library using ADS streams. How will you accomplish this? 

A. copy secret.txt c:\windows\system32\tcpip.dll kernel>secret.txt 

B. copy secret.txt c:\windows\system32\tcpip.dll:secret.txt 

C. copy secret.txt c:\windows\system32\tcpip.dll |secret.txt 

D. copy secret.txt >< c:\windows\system32\tcpip.dll kernel secret.txt 

Answer: B

Q6. Which is the Novell Netware Packet signature level used to sign all packets ? 

A. 0 

B. 1 

C. 2 

D. 3 

Answer: D

Explanation: Level 0 is no signature, Level 3 is communication using signature only. 

Q7. What type of port scan is shown below? 

A. Idle Scan 

B. Windows Scan 

C. XMAS Scan 

D. SYN Stealth Scan 

Answer: C

Explanation: An Xmas port scan is variant of TCP port scan. This type of scan tries to obtain information about the state of a target port by sending a packet which has multiple TCP flags set to 1 - "lit as an Xmas tree". The flags set for Xmas scan are FIN, URG and PSH. The purpose is to confuse and bypass simple firewalls. Some stateless firewalls only check against security policy those packets which have the SYN flag set (that is, packets that initiate connection according to the standards). Since Xmas scan packets are different, they can pass through these simple systems and reach the target host. 

Q8. Sandra is the security administrator of ABC.com. One day she notices that the ABC.com Oracle database server has been compromised and customer information along with financial data has been stolen. The financial loss will be estimated in millions of dollars if the database gets into the hands of competitors. Sandra wants to report this crime to the law enforcement agencies immediately. 

Which organization coordinates computer crime investigations throughout the United States? 

A. NDCA 

B. NICP 

C. CIRP 

D. NPC 

E. CIA 

Answer: D

Q9. Exhibit 

You receive an e-mail with the message displayed in the exhibit. 

From this e-mail you suspect that this message was sent by some hacker since you have using their e-mail services for the last 2 years and they never sent out an e-mail as this. You also observe the URL in the message and confirm your suspicion about 340590649. You immediately enter the following at the Windows 2000 command prompt. 

ping 340590649 

You get a response with a valid IP address. What is the obstructed IP address in the e-mail URL? 

A. 192.34.5.9 

B. 10.0.3.4 

C. 203.2.4.5 

D. 199.23.43.4 

Answer: C

Explanation: Convert the number in binary, then start from last 8 bits and convert them to decimal to get the last octet (in this case .5)