312-50V10 Online Practice Questions and Answers

An unauthorized individual enters a building following an employee through the employee entrance after the lunch rush. What type of breach has the individual just performed?

A. Reverse Social Engineering

B. Tailgating

C. Piggybacking

D. Announced

Which is the first step followed by Vulnerability Scanners for scanning a network?

A. TCP/UDP Port scanning

B. Firewall detection

C. OS Detection

D. Checking if the remote host is alive

What network security concept requires multiple layers of security controls to be placed throughout an IT infrastructure, which improves the security posture of an organization to defend against malicious attacks or potential vulnerabilities?

What kind of Web application vulnerability likely exists in their software?

A. Host-Based Intrusion Detection System

B. Security through obscurity

C. Defense in depth

D. Network-Based Intrusion Detection System

Assume a business-crucial web-site of some company that is used to sell handsets to the customers worldwide. All the developed components are reviewed by the security team on a monthly basis. In order to drive business further, the web-site developers decided to add some 3rd party marketing tools on it. The tools are written in JavaScript and can track the customer's activity on the site. These tools are located on the servers of the marketing company.

What is the main security risk associated with this scenario?

A. External script contents could be maliciously modified without the security team knowledge

B. External scripts have direct access to the company servers and can steal the data from there

C. There is no risk at all as the marketing services are trustworthy

D. External scripts increase the outbound company data traffic which leads greater financial losses

A botnet can be managed through which of the following?

A. IRC

B. E-Mail

C. Linkedin and Facebook

D. A vulnerable FTP server

A security consultant decides to use multiple layers of anti-virus defense, such as end user desktop anti-virus and E-mail gateway. This approach can be used to mitigate which kind of attack?

A. Forensic attack

B. ARP spoofing attack

C. Social engineering attack

D. Scanning attack

You have compromised a server on a network and successfully opened a shell. You aimed to identify all operating systems running on the network. However, as you attempt to fingerprint all machines in the network using the nmap syntax below, it is not going through.

What seems to be wrong?

A. OS Scan requires root privileges.

B. The nmap syntax is wrong.

C. This is a common behavior for a corrupted nmap application.

D. The outgoing TCP/IP fingerprinting is blocked by the host firewall.

You have successfully gained access to a linux server and would like to ensure that the succeeding outgoing traffic from this server will not be caught by a Network Based Intrusion Detection Systems (NIDS).

What is the best way to evade the NIDS?

A. Encryption

B. Protocol Isolation

C. Alternate Data Streams

D. Out of band signalling

You are an Ethical Hacker who is auditing the ABC company. When you verify the NOC one of the machines has 2 connections, one wired and the other wireless. When you verify the configuration of this Windows system you find two static routes.

route add 10.0.0.0 mask 255.0.0.0 10.0.0.1

route add 0.0.0.0 mask 255.0.0.0 199.168.0.1

What is the main purpose of those static routes?

A. Both static routes indicate that the traffic is external with different gateway.

B. The first static route indicates that the internal traffic will use an external gateway and the second static route indicates that the traffic will be rerouted.

C. Both static routes indicate that the traffic is internal with different gateway.

D. The first static route indicates that the internal addresses are using the internal gateway and the second static route indicates that all the traffic that is not internal must go to an external gateway.

You are attempting to crack LM Manager hashed from Windows 2000 SAM file. You will be using LM Brute force hacking tool for decryption. What encryption algorithm will you be decrypting?

A. MD4

B. DES

C. SHA

D. SSL