312-50V10 Online Practice Questions and Answers

An unauthorized individual enters a building following an employee through the employee entrance after the lunch rush. What type of breach has the individual just performed?

A. Reverse Social Engineering

B. Tailgating

C. Piggybacking

D. Announced

Which of the following options represents a conceptual characteristic of an anomaly-based IDS over a signature-based IDS?

A. Produces less false positives

B. Can identify unknown attacks

C. Requires vendor updates for a new threat

D. Cannot deal with encrypted network traffic

Which of the below hashing functions are not recommended for use?

A. SHA-1.ECC

B. MD5, SHA-1

C. SHA-2. SHA-3

D. MD5. SHA-5

Code injection is a form of attack in which a malicious user:

A. Inserts text into a data field that gets interpreted as code

B. Gets the server to execute arbitrary code using a buffer overflow

C. Inserts additional code into the JavaScript running in the browser

D. Gains access to the codebase on the server and inserts new code

Which system consists of a publicly available set of databases that contain domain name registration contact information?

A. WHOIS

B. IANA

C. CAPTCHA

D. IETF

ICMP ping and ping sweeps are used to check for active systems and to check:

A. if ICMP ping traverses a firewall.

B. the route that the ICMP ping took.

C. the location of the switchport in relation to the ICMP ping.

D. the number of hops an ICMP ping takes to reach a destination.

An NMAP scan of a server shows port 69 is open. What risk could this pose?

A. Unauthenticated access

B. Weak SSL version

C. Cleartext login

D. Web portal data leak

Which of the following settings enables Nessus to detect when it is sending too many packets and the network pipe is approaching capacity?

A. Netstat WMI Scan

B. Silent Dependencies

C. Consider unscanned ports as closed

D. Reduce parallel connections on congestion

International Organization for Standardization (ISO) standard 27002 provides guidance for compliance by outlining

A. guidelines and practices for security controls.

B. financial soundness and business viability metrics.

C. standard best practice for configuration management.

D. contract agreement writing standards.

Which of the following descriptions is true about a static NAT?

A. A static NAT uses a many-to-many mapping.

B. A static NAT uses a one-to-many mapping.

C. A static NAT uses a many-to-one mapping.

D. A static NAT uses a one-to-one mapping.

Matthew received an email with an attachment named "YouWon$10Grand.zip." The zip file contains a file named "HowToClaimYourPrize.docx.exe." Out of excitement and curiosity, Matthew opened the said file. Without his knowledge, the file copies itself to Matthew's APPDATA\IocaI directory and begins to beacon to a Command-and-control server to download additional malicious binaries. What type of malware has Matthew encountered?

A. Key-logger

B. Trojan

C. Worm

D. Macro Virus

Fred is the network administrator for his company. Fred is testing an internal switch.

From an external IP address, Fred wants to try and trick this switch into thinking it already has established a session with his computer. How can Fred accomplish this?

A. Fred can accomplish this by sending an IP packet with the RST/SIN bit and the source address of his computer.

B. He can send an IP packet with the SYN bit and the source address of his computer.

C. Fred can send an IP packet with the ACK bit set to zero and the source address of the switch.

D. Fred can send an IP packet to the switch with the ACK bit and the source address of his machine.

Null sessions are un-authenticated connections (not using a username or password.) to an NT or 2000 system. Which TCP and UDP ports must you filter to check null sessions on your network?

A. 137 and 139

B. 137 and 443

C. 139 and 443

D. 139 and 445

Yancey is a network security administrator for a large electric company. This company provides power for over 100, 000 people in Las Vegas. Yancey has worked for his company for over 15 years and has become very successful. One day, Yancey comes in to work and finds out that the company will be downsizing and he will be out of a job in two weeks. Yancey is very angry and decides to place logic bombs, viruses, Trojans, and backdoors all over the network to take down the company once he has left. Yancey does not care if his actions land him in jail for 30 or more years, he just wants the company to pay for what they are doing to him.

What would Yancey be considered?

A. Yancey would be considered a Suicide Hacker

B. Since he does not care about going to jail, he would be considered a Black Hat

C. Because Yancey works for the company currently; he would be a White Hat

D. Yancey is a Hacktivist Hacker since he is standing up to a company that is downsizing

Which of the following statements is FALSE with respect to Intrusion Detection Systems?

A. Intrusion Detection Systems can be configured to distinguish specific content in network packets

B. Intrusion Detection Systems can easily distinguish a malicious payload in an encrypted traffic

C. Intrusion Detection Systems require constant update of the signature library

D. Intrusion Detection Systems can examine the contents of the data n context of the network protocol