The Renewal Guide To 312-50v11 Free Download

NEW QUESTION 1
What is GINA?

• A. Gateway Interface Network Application
• B. GUI Installed Network Application CLASS
• C. Global Internet National Authority (G-USA)
• D. Graphical Identification and Authentication DLL

Answer: D

NEW QUESTION 2
What is one of the advantages of using both symmetric and asymmetric cryptography in SSL/TLS?

• A. Symmetric algorithms such as AES provide a failsafe when asymmetric methods fail.
• B. Asymmetric cryptography is computationally expensive in compariso
• C. However, it is well-suited to securely negotiate keys for use with symmetric cryptography.
• D. Symmetric encryption allows the server to securely transmit the session keys out-of-band.
• E. Supporting both types of algorithms allows less-powerful devices such as mobile phones to use symmetric encryption instead.

Answer: D

NEW QUESTION 3
Nathan is testing some of his network devices. Nathan is using Macof to try and flood the ARP cache of these switches.
If these switches' ARP cache is successfully flooded, what will be the result?

• A. The switches will drop into hub mode if the ARP cache is successfully flooded.
• B. If the ARP cache is flooded, the switches will drop into pix mode making it less susceptible to attacks.
• C. Depending on the switch manufacturer, the device will either delete every entry in its ARP cache or reroute packets to the nearest switch.
• D. The switches will route all traffic to the broadcast address created collisions.

Answer: A

NEW QUESTION 4
Bob is acknowledged as a hacker of repute and is popular among visitors of "underground" sites.
Bob is willing to share his knowledge with those who are willing to learn, and many have expressed their interest in learning from him. However, this knowledge has a risk associated with it, as it can be used for malevolent attacks as well.
In this context, what would be the most effective method to bridge the knowledge gap between the "black" hats or crackers and the "white" hats or computer security professionals? (Choose the test answer.)

• A. Educate everyone with books, articles and training on risk analysis, vulnerabilities and safeguards.
• B. Hire more computer security monitoring personnel to monitor computer systems and networks.
• C. Make obtaining either a computer security certification or accreditation easier to achieve so more individuals feel that they are a part of something larger than life.
• D. Train more National Guard and reservist in the art of computer security to help out in times of emergency or crises.

Answer: A

NEW QUESTION 5
You have gained physical access to a Windows 2008 R2 server which has an accessible disc drive. When you attempt to boot the server and log in, you are unable to guess the password. In your toolkit, you have an Ubuntu 9.10 Linux LiveCD. Which Linux-based tool can change any user’s password or activate disabled Windows accounts?

• A. John the Ripper
• B. SET
• C. CHNTPW
• D. Cain & Abel

Answer: C

NEW QUESTION 6
MX record priority increases as the number increases. (True/False.)

• A. True
• B. False

Answer: B

NEW QUESTION 7
Which of the following viruses tries to hide from anti-virus programs by actively altering and corrupting the chosen service call interruptions when they are being run?

• A. Macro virus
• B. Stealth/Tunneling virus
• C. Cavity virus
• D. Polymorphic virus

Answer: B

NEW QUESTION 8
What is the algorithm used by LM for Windows2000 SAM?

• A. MD4
• B. DES
• C. SHA
• D. SSL

Answer: B

NEW QUESTION 9
If you want to only scan fewer ports than the default scan using Nmap tool, which option would you use?

• A. –r
• B. –F
• C. –P
• D. –sP

Answer: B

NEW QUESTION 10
A network administrator discovers several unknown files in the root directory of his Linux FTP server. One of the files is a tarball, two are shell script files, and the third is a binary file is named "nc." The FTP server's access logs show that the anonymous user account logged in to the server, uploaded the files, and extracted the contents of the tarball and ran the script using a function provided by the FTP server's software. The “ps” command shows that the “nc” file is running as process, and the netstat command shows the “nc” process is listening on a network port.
What kind of vulnerability must be present to make this remote attack possible?

• A. File system permissions
• B. Privilege escalation
• C. Directory traversal
• D. Brute force login

Answer: A

NEW QUESTION 11
_____ is a tool that can hide processes from the process list, can hide files, registry entries, and intercept keystrokes.

• A. Trojan
• B. RootKit
• C. DoS tool
• D. Scanner
• E. Backdoor

Answer: B

NEW QUESTION 12
Which of the following is the structure designed to verify and authenticate the identity of individuals within the enterprise taking part in a data exchange?

• A. SOA
• B. biometrics
• C. single sign on
• D. PKI

Answer: D

NEW QUESTION 13
Yancey is a network security administrator for a large electric company. This company provides power for over 100, 000 people in Las Vegas. Yancey has worked for his company for over 15 years and has become very successful. One day, Yancey comes in to work and finds out that the company will be downsizing and he will be out of a job in two weeks. Yancey is very angry and decides to place logic bombs, viruses, Trojans, and backdoors all over the network to take down the company once he has left. Yancey does not care if his actions land him in jail for 30 or more years, he just wants the company to pay for what they are doing to him.
What would Yancey be considered?

• A. Yancey would be considered a Suicide Hacker
• B. Since he does not care about going to jail, he would be considered a Black Hat
• C. Because Yancey works for the company currently; he would be a White Hat
• D. Yancey is a Hacktivist Hacker since he is standing up to a company that is downsizing

Answer: A

NEW QUESTION 14
When analyzing the IDS logs, the system administrator noticed an alert was logged when the external router was accessed from the administrator’s Computer to update the router configuration. What type of an alert is this?

• A. False negative
• B. True negative
• C. True positive
• D. False positive

Answer: D

NEW QUESTION 15
Which of the following is the primary objective of a rootkit?

• A. It opens a port to provide an unauthorized service
• B. It creates a buffer overflow
• C. It replaces legitimate programs
• D. It provides an undocumented opening in a program

Answer: C

NEW QUESTION 16
env x=’(){ :;};echo exploit’ bash –c ‘cat/etc/passwd’
What is the Shellshock bash vulnerability attempting to do on a vulnerable Linux host?

• A. Removes the passwd file
• B. Changes all passwords in passwd
• C. Add new user to the passwd file
• D. Display passwd content to prompt

Answer: D

NEW QUESTION 17
Log monitoring tools performing behavioral analysis have alerted several suspicious logins on a Linux server occurring during non-business hours. After further examination of all login activities, it is noticed that none of the logins have occurred during typical work hours. A Linux administrator who is investigating this problem realizes the system time on the Linux server is wrong by more than twelve hours. What protocol used on Linux servers to synchronize the time has stopped working?

• A. Time Keeper
• B. NTP
• C. PPP
• D. OSPP

Answer: B

NEW QUESTION 18
What is the role of test automation in security testing?

• A. It is an option but it tends to be very expensive.
• B. It should be used exclusivel
• C. Manual testing is outdated because of low speed and possible test setup inconsistencies.
• D. Test automation is not usable in security due to the complexity of the tests.
• E. It can accelerate benchmark tests and repeat them with a consistent test setu
• F. But it cannot replace manual testing completely.

Answer: D

NEW QUESTION 19
A pen tester is configuring a Windows laptop for a test. In setting up Wireshark, what river and library are required to allow the NIC to work in promiscuous mode?

• A. Libpcap
• B. Awinpcap
• C. Winprom
• D. Winpcap

Answer: D

NEW QUESTION 20
You are programming a buffer overflow exploit and you want to create a NOP sled of 200 bytes in the program exploit.c

What is the hexadecimal value of NOP instruction?

• A. 0x60
• B. 0x80
• C. 0x70
• D. 0x90

Answer: D

NEW QUESTION 21
......