Top Tips Of Most Up-to-date 312-50v12 Braindump

NEW QUESTION 1

Richard, an attacker, targets an MNC In this process, he uses a footprinting technique to gather as much information as possible. Using this technique, he gathers domain information such as the target domain name, contact details of its owner, expiry date, and creation date. With this information, he creates a map of the organization's network and misleads domain owners with social engineering to obtain internal details of its network. What type of footprinting technique is employed by Richard?

• A. VPN footprinting
• B. Email footprinting
• C. VoIP footprinting
• D. Whois footprinting

Answer: B

NEW QUESTION 2

Shiela is an information security analyst working at HiTech Security Solutions. She is performing service version discovery using Nmap to obtain information about the running services and their versions on a target system.
Which of the following Nmap options must she use to perform service version discovery on the target host?

• A. -SN
• B. -SX
• C. -sV
• D. -SF

Answer: C

NEW QUESTION 3

Ricardo has discovered the username for an application in his targets environment. As he has a limited amount of time, he decides to attempt to use a list of common passwords he found on the Internet. He compiles them into a list and then feeds that list as an argument into his password-cracking application, what type of attack is Ricardo performing?

• A. Known plaintext
• B. Password spraying
• C. Brute force
• D. Dictionary

Answer: D

Explanation:
A dictionary Attack as an attack vector utilized by the attacker to break in a very system, that is password
protected, by golf shot technically each word in a very dictionary as a variety of password for that system. This attack vector could be a variety of Brute Force Attack.
The lexicon will contain words from an English dictionary and conjointly some leaked list of commonly used passwords and once combined with common character substitution with numbers, will generally be terribly effective and quick.
How is it done?
Basically, it’s attempting each single word that’s already ready. it’s done victimization machine-controlled tools that strive all the possible words within the dictionary.
Some password Cracking Software:
• John the ripper
• L0phtCrack
• Aircrack-ng

NEW QUESTION 4

Don, a student, came across a gaming app in a third-party app store and Installed it. Subsequently, all the legitimate apps in his smartphone were replaced by deceptive applications that appeared legitimate. He also received many advertisements on his smartphone after Installing the app. What is the attack performed on Don in the above scenario?

• A. SMS phishing attack
• B. SIM card attack
• C. Agent Smith attack
• D. Clickjacking

Answer: C

Explanation:
Agent Smith Attack
Agent Smith attacks are carried out by luring victims into downloading and installing malicious apps designed and published by attackers in the form of games, photo editors, or other attractive tools from third-party app stores such as 9Apps. Once the user has installed the app, the core malicious code inside the application infects or replaces the legitimate apps in the victim's mobile device C&C commands. The deceptive application replaces legitimate apps such as WhatsApp, SHAREit, and MX Player with similar infected versions. The application sometimes also appears to be an authentic Google product such as Google Updater or Themes. The attacker then produces a massive volume of irrelevant and fraudulent advertisements on the victim's device through the infected app for financial gain. Attackers exploit these apps to steal critical information such as personal information, credentials, and bank details, from the victim's mobile device through C&C commands.

NEW QUESTION 5

Dorian Is sending a digitally signed email to Polly, with which key is Dorian signing this message and how is Poly validating It?

• A. Dorian is signing the message with his public ke
• B. and Poly will verify that the message came from Dorian by using Dorian's private key.
• C. Dorian Is signing the message with Polys public ke
• D. and Poly will verify that the message came from Dorian by using Dorian's public key.
• E. Dorian is signing the message with his private ke
• F. and Poly will verify that the message came from Dorian by using Dorian's public key.
• G. Dorian is signing the message with Polys private ke
• H. and Poly will verify mat the message came from Dorian by using Dorian's public key.

Answer: C

Explanation:
https://blog.mailfence.com/how-do-digital-signatures-work/ https://en.wikipedia.org/wiki/Digital_signature
A digital signature is a mathematical technique used to validate the authenticity and integrity of a message, software, or digital document. It's the digital equivalent of a handwritten signature or stamped seal, but it offers far more inherent security. A digital signature is intended to solve the problem of tampering and impersonation in digital communications.
Digital signatures can provide evidence of origin, identity, and status of electronic documents, transactions, or digital messages. Signers can also use them to acknowledge informed consent.
Digital signatures are based on public-key cryptography, also known as asymmetric cryptography. Two keys are generated using a public key algorithm, such as RSA (Rivest-Shamir-Adleman),
mathematically linked pair of keys, one private and one public.
creating a Digital signatures work through public-key cryptography's
two mutually authenticating cryptographic keys.
The individual who creates the digital signature uses a private key
only way to decrypt that data is with the signer's public key.
to encrypt signature-related data, while the

NEW QUESTION 6

Which of the following tools performs comprehensive tests against web servers, including dangerous files and CGIs?

• A. Nikto
• B. John the Ripper
• C. Dsniff
• D. Snort

Answer: A

Explanation:
https://en.wikipedia.org/wiki/Nikto_(vulnerability_scanner)
Nikto is a free software command-line vulnerability scanner that scans web servers for dangerous files/CGIs, outdated server software, and other problems. It performs generic and server types specific checks. It also captures and prints any cookies received. The Nikto code itself is free software, but the data files it uses to drive the program are not.

NEW QUESTION 7

Which DNS resource record can indicate how long any "DNS poisoning" could last?

• A. MX
• B. SOA
• C. NS
• D. TIMEOUT

Answer: B

NEW QUESTION 8

Eric, a cloud security engineer, implements a technique for securing the cloud resources used by his organization. This technique assumes by default that a user attempting to access the network is not an authentic entity and verifies every incoming connection before allowing access to the network. Using this technique, he also imposed conditions such that employees can access only the resources required for their role.
What is the technique employed by Eric to secure cloud resources?

• A. Serverless computing
• B. Demilitarized zone
• C. Container technology
• D. Zero trust network

Answer: D

NEW QUESTION 9

An attacker identified that a user and an access point are both compatible with WPA2 and WPA3 encryption. The attacker installed a rogue access point with only WPA2 compatibility in the vicinity and forced the victim to go through the WPA2 four-way handshake to get connected. After the connection was established, the attacker used automated tools to crack WPA2-encrypted messages. What is the attack performed in the above scenario?

• A. Timing-based attack
• B. Side-channel attack
• C. Downgrade security attack
• D. Cache-based attack

Answer: B

NEW QUESTION 10

What is the way to decide how a packet will move from an untrusted outside host to a protected inside that is behind a firewall, which permits the hacker to determine which ports are open and if the packets can pass through the packet-filtering of the firewall?

• A. Session hijacking
• B. Firewalking
• C. Man-in-the middle attack
• D. Network sniffing

Answer: B

NEW QUESTION 11

Which of the following tools are used for enumeration? (Choose three.)

• A. SolarWinds
• B. USER2SID
• C. Cheops
• D. SID2USER
• E. DumpSec

Answer: BDE

NEW QUESTION 12

When configuring wireless on his home router, Javik disables SSID broadcast. He leaves authentication “open” but sets the SSID to a 32-character string of random letters and numbers.
What is an accurate assessment of this scenario from a security perspective?

• A. Since the SSID is required in order to connect, the 32-character string is sufficient to prevent brute-force attacks.
• B. Disabling SSID broadcast prevents 802.11 beacons from being transmitted from the access point, resulting in a valid setup leveraging “security through obscurity”.
• C. It is still possible for a hacker to connect to the network after sniffing the SSID from a successful wireless association.
• D. Javik’s router is still vulnerable to wireless hacking attempts because the SSID broadcast setting can be enabled using a specially crafted packet sent to the hardware address of the access point.

Answer: C

NEW QUESTION 13

A DDOS attack is performed at layer 7 to take down web infrastructure. Partial HTTP requests are sent to the web infrastructure or applications. Upon receiving a partial request, the target servers opens multiple connections and keeps waiting for the requests to complete.
Which attack is being described here?

• A. Desynchronization
• B. Slowloris attack
• C. Session splicing
• D. Phlashing

Answer: B

Explanation:
Developed by Robert “RSnake” Hansen, Slowloris is DDoS attack software that permits one computer to require down an internet server. Due the straightforward yet elegant nature of this attack, it requires minimal bandwidth to implement and affects the target server’s web server only, with almost no side effects on other services and ports.Slowloris has proven highly-effective against many popular sorts of web server software, including Apache 1.x and 2.x.Over the years, Slowloris has been credited with variety of high-profile server takedowns. Notably, it had been used extensively by Iranian ‘hackivists’ following the 2009 Iranian presidential election to attack Iranian government internet sites .Slowloris works by opening multiple connections to the targeted web server and keeping them open as long as possible. It does this by continuously sending partial HTTP requests, none of which are ever completed. The attacked servers open more and connections open, expecting each of the attack requests to be completed.Periodically, the Slowloris sends subsequent HTTP headers for every request, but never actually completes the request. Ultimately, the targeted server’s maximum concurrent connection pool is filled, and extra (legitimate) connection attempts are denied.By sending partial, as against malformed, packets, Slowloris can easily elapse traditional Intrusion Detection systems.Named after a kind of slow-moving Asian primate, Slowloris really does win the race by moving slowly and steadily. A Slowloris attack must await sockets to be released by legitimate requests before consuming them one by one.For a high-volume internet site , this will take a while . the method are often further slowed if legitimate sessions are reinitiated. But within the end, if the attack is unmitigated, Slowloris—like the tortoise—wins the race.If undetected or unmitigated, Slowloris attacks also can last for long periods of your time . When attacked sockets outing , Slowloris simply reinitiates the connections, continuing to reach the online server until mitigated.Designed for stealth also as efficacy, Slowloris are often modified to send different host headers within the event that a virtual host is targeted, and logs are stored separately for every virtual host.More importantly, within the course of an attack, Slowloris are often set to suppress log file creation. this suggests the attack can catch unmonitored servers off-guard, with none red flags appearing in log file entries.Methods of mitigationImperva’s security services are enabled by reverse proxy technology, used for inspection of all incoming requests on their thanks to the clients’ servers.Imperva’s secured proxy won’t forward any partial connection requests—rendering all Slowloris DDoS attack attempts completely and utterly useless.

NEW QUESTION 14

Every company needs a formal written document which spells out to employees precisely what they are allowed to use the company's systems for, what is prohibited, and what will happen to them if they break the rules. Two printed copies of the policy should be given to every employee as soon as possible after they join the organization. The employee should be asked to sign one copy, which should be safely filed by the company. No one should be allowed to use the company's computer systems until they have signed the policy in acceptance of its terms.
What is this document called?

• A. Information Audit Policy (IAP)
• B. Information Security Policy (ISP)
• C. Penetration Testing Policy (PTP)
• D. Company Compliance Policy (CCP)

Answer: B

NEW QUESTION 15

Study the snort rule given below:

From the options below, choose the exploit against which this rule applies.

• A. WebDav
• B. SQL Slammer
• C. MS Blaster
• D. MyDoom

Answer: C

NEW QUESTION 16
......