How Many Questions Of 312-50v12 Simulations

NEW QUESTION 1

In both pharming and phishing attacks, an attacker can create websites that look similar to legitimate sites with the intent of collecting personal identifiable information from its victims.
What is the difference between pharming and phishing attacks?

• A. In a pharming attack, a victim is redirected to a fake website by modifying their host configuration file or by exploiting vulnerabilities in DN
• B. In a phishing attack, an attacker provides the victim with a URL that is either misspelled or looks similar to the actual websites domain name
• C. In a phishing attack, a victim is redirected to a fake website by modifying their host configuration file or by exploiting vulnerabilities in DN
• D. In a pharming attack, an attacker provides the victim with a URL that is either misspelled or looks very similar to the actual websites domain name
• E. Both pharming and phishing attacks are purely technical and are not considered forms of social engineering
• F. Both pharming and phishing attacks are identical

Answer: A

NEW QUESTION 2

Sophia is a shopping enthusiast who spends significant time searching for trendy outfits online. Clark, an attacker, noticed her activities several times and sent a fake email containing a deceptive page link to her social media page displaying all-new and trendy outfits. In excitement, Sophia clicked on the malicious link and logged in to that page using her valid credentials. Which of the following tools is employed by Clark to create the spoofed email?

• A. PyLoris
• B. Slowloris
• C. Evilginx
• D. PLCinject

Answer: C

NEW QUESTION 3

Susan has attached to her company's network. She has managed to synchronize her boss's sessions with that of the file server. She then intercepted his traffic destined for the server, changed it the way she wanted to and then placed it on the server in his home directory.
What kind of attack is Susan carrying on?

• A. A sniffing attack
• B. A spoofing attack
• C. A man in the middle attack
• D. A denial of service attack

Answer: C

NEW QUESTION 4

When you are getting information about a web server, it is very important to know the HTTP Methods (GET, POST, HEAD, PUT, DELETE, TRACE) that are available because there are two critical methods (PUT and DELETE). PUT can upload a file to the server and DELETE can delete a file from the server. You can detect all these methods (GET, POST, HEAD, DELETE, PUT, TRACE) using NMAP script engine. What Nmap script will help you with this task?

• A. http-methods
• B. http enum
• C. http-headers
• D. http-git

Answer: A

NEW QUESTION 5

Jude, a pen tester working in Keiltech Ltd., performs sophisticated security testing on his company's network infrastructure to identify security loopholes. In this process, he started to circumvent the network protection tools and firewalls used in the company. He employed a technique that can create forged TCP sessions by carrying out multiple SYN, ACK, and RST or FIN packets. Further, this process allowed Jude to execute DDoS attacks that can exhaust the network resources. What is the attack technique used by Jude for finding loopholes in the above scenario?

• A. UDP flood attack
• B. Ping-of-death attack
• C. Spoofed session flood attack
• D. Peer-to-peer attack

Answer: C

NEW QUESTION 6

An organization is performing a vulnerability assessment tor mitigating threats. James, a pen tester, scanned the organization by building an inventory of the protocols found on the organization's machines to detect which ports are attached to services such as an email server, a web server or a database server. After identifying the services, he selected the vulnerabilities on each machine and started executing only the relevant tests. What is the type of vulnerability assessment solution that James employed in the above scenario?

• A. Product-based solutions
• B. Tree-based assessment
• C. Service-based solutions
• D. inference-based assessment

Answer: D

Explanation:
In an inference-based assessment, scanning starts by building an inventory of the protocols found on the machine. After finding a protocol, the scanning process starts to detect which ports are attached to services, such as an email server, web server, or database server. After finding services, it selects vulnerabilities on each machine and starts to execute only those relevant tests.

NEW QUESTION 7

While performing an Nmap scan against a host, Paola determines the existence of a firewall. In an attempt to determine whether the firewall is stateful or stateless, which of the following options would be best to use?

• A. -sA
• B. -sX
• C. -sT
• D. -sF

Answer: A

NEW QUESTION 8

Harper, a software engineer, is developing an email application. To ensure the confidentiality of email messages. Harper uses a symmetric-key block cipher having a classical 12- or 16-round Feistel network with a block size of 64 bits for encryption, which includes large 8 x 32-bit S-boxes (S1, S2, S3, S4) based on bent functions, modular addition and subtraction, key-dependent rotation, and XOR operations. This cipher also uses a masking key(Km1)and a rotation key (Kr1) for performing its functions. What is the algorithm employed by Harper to secure the email messages?

• A. CAST-128
• B. AES
• C. GOST block cipher
• D. DES

Answer: A

NEW QUESTION 9

Why containers are less secure that virtual machines?

• A. Host OS on containers has a larger surface attack.
• B. Containers may full fill disk space of the host.
• C. A compromise container may cause a CPU starvation of the host.
• D. Containers are attached to the same virtual network.

Answer: A

NEW QUESTION 10

Jim, a professional hacker, targeted an organization that is operating critical Industrial Infrastructure. Jim used Nmap to scan open pons and running services on systems connected to the organization's OT network. He used an Nmap command to identify Ethernet/IP devices connected to the Internet and further gathered Information such as the vendor name, product code and name, device name, and IP address. Which of the following Nmap commands helped Jim retrieve the required information?

• A. nmap -Pn -sT --scan-delay 1s --max-parallelism 1 -p < Port List > < Target IP >
• B. nmap -Pn -sU -p 44818 --script enip-info < Target IP >
• C. nmap -Pn -sT -p 46824 < Target IP >
• D. nmap -Pn -sT -p 102 --script s7-info < Target IP >

Answer: B

Explanation:
https://nmap.org/nsedoc/scripts/enip-info.html Example Usage enip-info:
- nmap --script enip-info -sU -p 44818 <host>
This NSE script is used to send a EtherNet/IP packet to a remote device that has TCP 44818 open. The script will send a Request Identity Packet and once a response is received, it validates that it was a proper response to the command that was sent, and then will parse out the data. Information that is parsed includes Device Type, Vendor ID, Product name, Serial Number, Product code, Revision Number, status, state, as well as the Device IP.
This script was written based of information collected by using the the Wireshark dissector for CIP, and EtherNet/IP, The original information was collected by running a modified version of the ethernetip.py script (https://github.com/paperwork/pyenip)

NEW QUESTION 11

Fred is the network administrator for his company. Fred is testing an internal switch.
From an external IP address, Fred wants to try and trick this switch into thinking it already has established a session with his computer. How can Fred accomplish this?

• A. Fred can accomplish this by sending an IP packet with the RST/SIN bit and the source address of his computer.
• B. He can send an IP packet with the SYN bit and the source address of his computer.
• C. Fred can send an IP packet with the ACK bit set to zero and the source address of the switch.
• D. Fred can send an IP packet to the switch with the ACK bit and the source address of his machine.

Answer: D

NEW QUESTION 12

A large mobile telephony and data network operator has a data center that houses network elements. These are essentially large computers running on Linux. The perimeter of the data center is secured with firewalls and IPS systems.
What is the best security policy concerning this setup?

• A. Network elements must be hardened with user ids and strong password
• B. Regular security tests and audits should be performed.
• C. As long as the physical access to the network elements is restricted, there is no need for additional measures.
• D. There is no need for specific security measures on the network elements as long as firewalls and IPS systems exist.
• E. The operator knows that attacks and down time are inevitable and should have a backup site.

Answer: A

NEW QUESTION 13

Which tier in the N-tier application architecture is responsible for moving and processing data between the tiers?

• A. Presentation tier
• B. Application Layer
• C. Logic tier
• D. Data tier

Answer: C

NEW QUESTION 14

The following is an entry captured by a network IDS. You are assigned the task of analyzing this entry. You notice the value 0x90, which is the most common NOOP instruction for the Intel processor. You figure that the attacker is attempting a buffer overflow attack.
You also notice "/bin/sh" in the ASCII part of the output. As an analyst what would you conclude about the attack?

• A. The buffer overflow attack has been neutralized by the IDS
• B. The attacker is creating a directory on the compromised machine
• C. The attacker is attempting a buffer overflow attack and has succeeded
• D. The attacker is attempting an exploit that launches a command-line shell

Answer: D

NEW QUESTION 15

Mirai malware targets loT devices. After infiltration, it uses them to propagate and create botnets that then used to launch which types of attack?

• A. MITM attack
• B. Birthday attack
• C. DDoS attack
• D. Password attack

Answer: C

NEW QUESTION 16
......