The Improve Guide To 312-50v12 Exam Question

NEW QUESTION 1

Taylor, a security professional, uses a tool to monitor her company's website, analyze the website's traffic, and track the geographical location of the users visiting the company's website. Which of the following tools did Taylor employ in the above scenario?

• A. WebSite Watcher
• B. web-Stat
• C. Webroot
• D. WAFW00F

Answer: B

Explanation:
Increase your web site’s performance and grow! Add Web-Stat to your site (it’s free!) and watch individuals act together with your pages in real time.
Learn how individuals realize your web site. Get details concerning every visitor’s path through your web site and track pages that flip browsers into consumers.
One-click install. observe locations, in operation systems, browsers and screen sizes and obtain alerts for new guests and conversions

NEW QUESTION 2

Which utility will tell you in real time which ports are listening or in another state?

• A. Netstat
• B. TCPView
• C. Nmap
• D. Loki

Answer: B

NEW QUESTION 3

Harris is attempting to identify the OS running on his target machine. He inspected the initial TTL in the IP header and the related TCP window size and obtained the following results:
TTL: 64 Window Size: 5840
What is the OS running on the target machine?

• A. Solaris OS
• B. Windows OS
• C. Mac OS
• D. Linux OS

Answer: D

NEW QUESTION 4

What port number is used by LDAP protocol?

• A. 110
• B. 389
• C. 464
• D. 445

Answer: B

NEW QUESTION 5

Richard, an attacker, aimed to hack loT devices connected to a target network. In this process. Richard recorded the frequency required to share information between connected devices. After obtaining the frequency, he captured the original data when commands were initiated by the connected devices. Once the original data were collected, he used free tools such as URH to segregate the command sequence. Subsequently, he started injecting the segregated command sequence on the same frequency into the loT network, which repeats the captured signals of the devices. What Is the type of attack performed by Richard In the above scenario?

• A. Side-channel attack
• B. Replay attack
• C. CrypTanalysis attack
• D. Reconnaissance attack

Answer: B

Explanation:
Replay Attack could be a variety of security attack to the info sent over a network.In this attack, the hacker o a person with unauthorized access, captures the traffic and sends communication to its original destination, acting because the original sender. The receiver feels that it’s Associate in Nursing genuine message however it’s really the message sent by the aggressor. the most feature of the Replay Attack is that the consumer would receive the message double, thence the name, Replay Attack.
Prevention from Replay Attack : 1. Timestamp technique –Prevention from such attackers is feasible, if timestamp is employed at the side of the info. Supposedly, the timestamp on an information is over a precise limit, it may be discarded, and sender may be asked to send the info once more.2. Session key technique
–Another way of hindrance, is by victimisation session key. This key may be used one time (by sender and receiver) per dealing, and can’t be reused.

NEW QUESTION 6

In this attack, a victim receives an e-mail claiming from PayPal stating that their account has been disabled and confirmation is required before activation. The attackers then scam to collect not one but two credit card numbers, ATM PIN number and other personal details. Ignorant users usually fall prey to this scam.
Which of the following statement is incorrect related to this attack?

• A. Do not reply to email messages or popup ads asking for personal or financial information
• B. Do not trust telephone numbers in e-mails or popup ads
• C. Review credit card and bank account statements regularly
• D. Antivirus, anti-spyware, and firewall software can very easily detect these type of attacks
• E. Do not send credit card numbers, and personal or financial information via e-mail

Answer: D

NEW QUESTION 7

Which of the following tactics uses malicious code to redirect users' web traffic?

• A. Spimming
• B. Pharming
• C. Phishing
• D. Spear-phishing

Answer: B

NEW QUESTION 8

Peter, a system administrator working at a reputed IT firm, decided to work from his home and login remotely. Later, he anticipated that the remote connection could be exposed to session hijacking. To curb this possibility, he implemented a technique that creates a safe and encrypted tunnel over a public network to securely send and receive sensitive information and prevent hackers from decrypting the data flow between the endpoints. What is the technique followed by Peter to send files securely through a remote connection?

• A. DMZ
• B. SMB signing
• C. VPN
• D. Switch network

Answer: C

NEW QUESTION 9

which type of virus can change its own code and then cipher itself multiple times as it replicates?

• A. Stealth virus
• B. Tunneling virus
• C. Cavity virus
• D. Encryption virus

Answer: A

Explanation:
A stealth virus may be a sort of virus malware that contains sophisticated means of avoiding detection by antivirus software. After it manages to urge into the now-infected machine a stealth viruses hides itself by continually renaming and moving itself round the disc.Like other viruses, a stealth virus can take hold of the many parts of one’s PC. When taking control of the PC and performing tasks, antivirus programs can detect it, but a stealth virus sees that coming and can rename then copy itself to a special drive or area on the disc, before the antivirus software. Once moved and renamed a stealth virus will usually replace the detected ‘infected’ file with a clean file that doesn’t trigger anti-virus detection. It’s a never-ending game of cat and mouse.The intelligent architecture of this sort of virus about guarantees it’s impossible to completely rid oneself of it once infected. One would need to completely wipe the pc and rebuild it from scratch to completely eradicate the presence of a stealth virus. Using regularly-updated antivirus software can reduce risk, but, as we all know, antivirus software is additionally caught in an endless cycle of finding new threats and protecting against them.
https://www.techslang.com/definition/what-is-a-stealth-virus/

NEW QUESTION 10

Which of the following scanning method splits the TCP header into several packets and makes it difficult for packet filters to detect the purpose of the packet?

• A. ACK flag probe scanning
• B. ICMP Echo scanning
• C. SYN/FIN scanning using IP fragments
• D. IPID scanning

Answer: C

Explanation:
SYN/FIN scanning using IP fragments is a process of scanning that was developed to avoid false positives generated by other scans because of a packet filtering device on the target system. The TCP header splits into several packets to evade the packet filter. For any transmission, every TCP header must have the source and destination port for the initial packet (8-octet, 64-bit). The initialized flags in the next packet allow the remote host to reassemble the packets upon receipt via an Internet protocol module that detects the fragmented data packets using field-equivalent values of the source, destination, protocol, and identification.

NEW QUESTION 11

Nathan is testing some of his network devices. Nathan is using Macof to try and flood the ARP cache of these switches.
If these switches' ARP cache is successfully flooded, what will be the result?

• A. The switches will drop into hub mode if the ARP cache is successfully flooded.
• B. If the ARP cache is flooded, the switches will drop into pix mode making it less susceptible to attacks.
• C. Depending on the switch manufacturer, the device will either delete every entry in its ARP cache or reroute packets to the nearest switch.
• D. The switches will route all traffic to the broadcast address created collisions.

Answer: A

NEW QUESTION 12

An attacker can employ many methods to perform social engineering against unsuspecting employees, including scareware.
What is the best example of a scareware attack?

• A. A pop-up appears to a user stating, "You have won a free cruise! Click here to claim your prize!"
• B. A banner appears to a user stating, "Your account has been locke
• C. Click here to reset your password and unlock your account."
• D. A banner appears to a user stating, "Your Amazon order has been delaye
• E. Click here to find out your new delivery date."
• F. A pop-up appears to a user stating, "Your computer may have been infected with spywar
• G. Click here to install an anti-spyware tool to resolve this issue."

Answer: D

NEW QUESTION 13

which of the following protocols can be used to secure an LDAP service against anonymous queries?

• A. SSO
• B. RADIUS
• C. WPA
• D. NTLM

Answer: D

Explanation:
In a Windows network, nongovernmental organization (New Technology) local area network Manager (NTLM) could be a suite of Microsoft security protocols supposed to produce authentication, integrity, and confidentiality to users.NTLM is that the successor to the authentication protocol in Microsoft local area network Manager (LANMAN), Associate in Nursing older Microsoft product. The NTLM protocol suite is enforced in an exceedingly Security Support supplier, which mixes the local area network Manager authentication protocol, NTLMv1, NTLMv2 and NTLM2 Session protocols in an exceedingly single package. whether or not these protocols area unit used or will be used on a system is ruled by cluster Policy settings, that totally different|completely different} versions of Windows have different default settings. NTLM passwords area unit thought-about weak as a result of they will be brute-forced very simply with fashionable hardware.
NTLM could be a challenge-response authentication protocol that uses 3 messages to authenticate a consumer in an exceedingly affiliation orientating setting (connectionless is similar), and a fourth extra message if integrity is desired.
First, the consumer establishes a network path to the server and sends a NEGOTIATE_MESSAGE advertising its capabilities.
Next, the server responds with CHALLENGE_MESSAGE that is employed to determine the identity of the consumer.
Finally, the consumer responds to the challenge with Associate in Nursing AUTHENTICATE_MESSAGE.
The NTLM protocol uses one or each of 2 hashed word values, each of that are keep on the server (or domain controller), and that through a scarcity of seasoning area unit word equivalent, that means that if you grab the hash price from the server, you’ll evidence while not knowing the particular word. the 2 area unit the lm Hash (a DES-based operate applied to the primary fourteen chars of the word born-again to the standard eight bit laptop charset for the language), and also the nt Hash (MD4 of the insufficient endian UTF-16 Unicode password). each hash values area unit sixteen bytes (128 bits) every.
The NTLM protocol additionally uses one among 2 a method functions, looking on the NTLM version. National Trust LanMan and NTLM version one use the DES primarily based LanMan a method operate (LMOWF), whereas National TrustLMv2 uses the NT MD4 primarily based a method operate (NTOWF).

NEW QUESTION 14

Alice needs to send a confidential document to her coworker. Bryan. Their company has public key infrastructure set up. Therefore. Alice both encrypts the message and digitally signs it. Alice uses to encrypt the message, and Bryan uses to confirm the digital signature.

• A. Bryan’s public key; Bryan’s public key
• B. Alice’s public key; Alice’s public key
• C. Bryan’s private key; Alice’s public key
• D. Bryan’s public key; Alice’s public key

Answer: D

Explanation:
PKI uses public-key cryptography, which is widely used on the Internet to encrypt messages or authenticate message senders. In public-key cryptography, a CA generates public and private keys with the same algorithm simultaneously. The private key is held only by the subject (user, company, or system) mentioned in the certificate, while the public key is made publicly available in a directory that all parties can access. The subject keeps the private key secret and uses it to decrypt the text encrypted by someone else using the corresponding public key (available in a
public directory). Thus, others encrypt messages for the user with the user's public key, and the user decrypts it with his/her private key.

NEW QUESTION 15

______ is a type of phishing that targets high-profile executives such as CEOs, CFOs, politicians, and celebrities who have access to confidential and highly valuable information.

• A. Spear phishing
• B. Whaling
• C. Vishing
• D. Phishing

Answer: B

NEW QUESTION 16
......