312-50 Exam Dumps - Ethical Hacking and Countermeasures
Bluetooth uses which digital modulation technique to exchange information between paired devices?
Jack was attempting to fingerprint all machines in the network using the following Nmap syntax:
invictus@victim_server:~$ nmap -T4 -0 10.10.0.0/24
TCP/IP fingerprinting (for OS scan) xxxxxxx xxxxxx xxxxxxxxx. QUITTING!
Obviously, it is not going through. What is the issue here?
In cryptanalysis and computer security, 'pass the hash' is a hacking technique that allows an attacker to authenticate to a remote server/service by using the underlying NTLM and/or LanMan hash of a user's password, instead of requiring the associated plaintext password as is normally the case.
Metasploit Framework has a module for this technique: psexec. The psexec module is often used by penetration testers to obtain access to a given system that you already know the credentials for. It was written by sysinternals and has been integrated within the framework. Often as penetration testers, successfully gain access to a system through some exploit, use meterpreter to grab the passwords or other methods like fgdump, pwdump, or cachedump and then utilize rainbowtables to crack those hash values.
Which of the following is true hash type and sort order that is using in the psexec module's 'smbpass'?
Which tier in the N-tier application architecture is responsible for moving and processing data between the tiers?
A company has publicly hosted web applications and an internal Intranet protected by a firewall. Which technique will help protect against enumeration?
Which of the following examples best represents a logical or technical control?
While conducting a penetration test, the tester determines that there is a firewall between the tester's machine and the target machine. The firewall is only monitoring TCP handshaking of packets at the session layer of the OSI model. Which type of firewall is the tester trying to traverse?
A newly discovered flaw in a software application would be considered which kind of security vulnerability?
Which of the following is a hardware requirement that either an IDS/IPS system or a proxy server must have in order to properly function?
Which of the following can the administrator do to verify that a tape backup can be recovered in its entirety?
Which of the following describes the characteristics of a Boot Sector Virus?
Which statement is TRUE regarding network firewalls preventing Web Application attacks?
A large company intends to use Blackberry for corporate mobile phones and a security analyst is assigned to evaluate the possible threats. The analyst will use the Blackjacking attack method to demonstrate how an attacker could circumvent perimeter defenses and gain access to the corporate network. What tool should the analyst use to perform a Blackjacking attack?
An attacker has been successfully modifying the purchase price of items purchased on the company's web site. The security administrators verify the web server and Oracle database have not been compromised directly. They have also verified the Intrusion Detection System (IDS) logs and found no attacks that could have caused this. What is the mostly likely way the attacker has been able to modify the purchase price?
In order to show improvement of security over time, what must be developed?
On a Linux device, which of the following commands will start the Nessus client in the background so that the Nessus server can be configured?
ICMP ping and ping sweeps are used to check for active systems and to check
How can a rootkit bypass Windows 7 operating system’s kernel mode, code signing policy?
A hacker searches in Google for filetype:pcf to find Cisco VPN config files. Those files may contain connectivity passwords that can be decoded with which of the following?
A developer for a company is tasked with creating a program that will allow customers to update their billing and shipping information. The billing address field used is limited to 50 characters. What pseudo code would the developer use to avoid a buffer overflow attack on the billing address field?
Diffie-Hellman (DH) groups determine the strength of the key used in the key exchange process. Which of the following is the correct bit size of the Diffie-Hellman (DH) group 5?
To send a PGP encrypted message, which piece of information from the recipient must the sender have before encrypting the message?
Which security strategy requires using several, varying methods to protect IT systems against attacks?
Which of the following is optimized for confidential communications, such as bidirectional voice and video?
A network security administrator is worried about potential man-in-the-middle attacks when users access a corporate web site from their workstations. Which of the following is the best remediation against this type of attack?
What is the primary drawback to using advanced encryption standard (AES) algorithm with a 256 bit key to share sensitive data?
Which of the following items is unique to the N-tier architecture method of designing software applications?
Company A and Company B have just merged and each has its own Public Key Infrastructure (PKI). What must the Certificate Authorities (CAs) establish so that the private PKIs for Company A and Company B trust one another and each private PKI can validate digital certificates from the other company?
Which of the following is a primary service of the U.S. Computer Security Incident Response Team (CSIRT)?
Which of the following defines the role of a root Certificate Authority (CA) in a Public Key Infrastructure (PKI)?
The intrusion detection system at a software development company suddenly generates multiple alerts regarding attacks against the company's external webserver, VPN concentrator, and DNS servers. What should the security team do to determine which alerts to check first?
When setting up a wireless network, an administrator enters a pre-shared key for security. Which of the following is true?
What kind of risk will remain even if all theoretically possible safety measures would be applied?
Which of the following is the BEST way to protect Personally Identifiable Information (PII) from being exploited due to vulnerabilities of varying web applications?
You work for Acme Corporation as Sales Manager. The company has tight network security restrictions. You are trying to steal data from the company's Sales database (Sales.xls) and transfer them to your home computer. Your company filters and monitors traffic that leaves from the internal network to the Internet. How will you achieve this without raising suspicion?
A specific site received 91 ICMP_ECHO packets within 90 minutes from 47 different sites.
77 of the ICMP_ECHO packets had an ICMP ID:39612 and Seq:57072. 13 of the ICMP_ECHO packets had an ICMP ID:0 and Seq:0. What can you infer from this information?
Which type of security feature stops vehicles from crashing through the doors of a building?
Which of the following is a protocol specifically designed for transporting event messages?
Perspective clients want to see sample reports from previous penetration tests.
What should you do next?
Which United States legislation mandates that the Chief Executive Officer (CEO) and the Chief Financial Officer (CFO) must sign statements verifying the completeness and accuracy of financial reports?
Which method can provide a better return on IT security investment and provide a thorough and comprehensive assessment of organizational security covering policy, procedure design, and implementation?
How do employers protect assets with security policies pertaining to employee surveillance activities?
Which of the following conditions must be given to allow a tester to exploit a Cross-Site Request Forgery (CSRF) vulnerable web application?
What is the name of the international standard that establishes a baseline level of confidence in the security functionality of IT products by providing a set of requirements for evaluation?
In the software security development life cycle process, threat modeling occurs in which phase?
When creating a security program, which approach would be used if senior management is supporting and enforcing the security policy?
What is the most secure way to mitigate the theft of corporate information from a laptop that was left in a hotel room?
A security analyst is performing an audit on the network to determine if there are any deviations from the security policies in place. The analyst discovers that a user from the IT department had a dial-out modem installed. Which security policy must the security analyst check to see if dial-out modems are allowed?
Which of the following business challenges could be solved by using a vulnerability scanner?
A company firewall engineer has configured a new DMZ to allow public systems to be located away from the internal network. The engineer has three security zones set:
The engineer wants to configure remote desktop access from a fixed IP on the remote network to a remote desktop server in the DMZ. Which rule would best fit this requirement?
Which type of security document is written with specific step-by-step details?
Which of the following tools would be the best choice for achieving compliance with PCI Requirement 11?
When does the Payment Card Industry Data Security Standard (PCI-DSS) require organizations to perform external and internal penetration testing?
Which of the following ensures that updates to policies, procedures, and configurations are made in a controlled and documented fashion?
Which of the following programs is usually targeted at Microsoft Office products?
A certified ethical hacker (CEH) is approached by a friend who believes her husband is cheating. She offers to pay to break into her husband's email account in order to find proof so she can take him to court. What is the ethical response?
A consultant has been hired by the V.P. of a large financial organization to assess the company's security posture. During the security testing, the consultant comes across child pornography on the V.P.'s computer. What is the consultant's obligation to the financial organization?
International Organization for Standardization (ISO) standard 27002 provides guidance for compliance by outlining
Which of the following guidelines or standards is associated with the credit card industry?