Free 312-50v11 Exam Braindumps

The establishment of a TCP connection involves a negotiation called three-way handshake. What type of message does the client send to the server in order to begin this negotiation?

1. A. ACK
2. B. SYN
3. C. RST
4. D. SYN-ACK

Correct Answer: B

When configuring wireless on his home router, Javik disables SSID broadcast. He leaves authentication “open” but sets the SSID to a 32-character string of random letters and numbers.
What is an accurate assessment of this scenario from a security perspective?

1. A. Since the SSID is required in order to connect, the 32-character string is sufficient to prevent brute-force attacks.
2. B. Disabling SSID broadcast prevents 802.11 beacons from being transmitted from the access point, resulting in a valid setup leveraging “security through obscurity”.
3. C. It is still possible for a hacker to connect to the network after sniffing the SSID from a successful wireless association.
4. D. Javik’s router is still vulnerable to wireless hacking attempts because the SSID broadcast setting can be enabled using a specially crafted packet sent to the hardware address of the access point.

Correct Answer: C

The configuration allows a wired or wireless network interface controller to pass all traffic it receives to the Central Processing Unit (CPU), rather than passing only the frames that the controller is intended to receive. Which of the following is being described?

1. A. Multi-cast mode
2. B. Promiscuous mode
3. C. WEM
4. D. Port forwarding

Correct Answer: B

jane invites her friends Alice and John over for a LAN party. Alice and John access Jane's wireless network without a password. However. Jane has a long, complex password on her router. What attack has likely occurred?

1. A. Wireless sniffing
2. B. Piggybacking
3. C. Evil twin
4. D. Wardriving

Correct Answer: C
An evil twin may be a fraudulent Wi-Fi access point that appears to be legitimate but is about up to pay attention to wireless communications.[1] The evil twin is that the wireless LAN equivalent of the phishing scam.This type of attack could also be wont to steal the passwords of unsuspecting users, either by monitoring their connections or by phishing, which involves fixing a fraudulent internet site and luring people there.The attacker snoops on Internet traffic employing a bogus wireless access point. Unwitting web users could also be invited to log into the attacker’s server, prompting them to enter sensitive information like usernames and passwords. Often, users are unaware they need been duped until well after the incident has occurred.When users log into unsecured (non-HTTPS) bank or e-mail accounts, the attacker intercepts the transaction, since it’s sent through their equipment. The attacker is additionally ready to hook up with other networks related to the users’ credentials.Fake access points are found out by configuring a wireless card to act as an access point (known as HostAP). they’re hard to trace since they will be shut off instantly. The counterfeit access point could also be given an equivalent SSID and BSSID as a close-by Wi-Fi network. The evil twin are often configured to pass Internet traffic through to the legitimate access point while monitoring the victim’s connection, or it can simply say the system is temporarily unavailable after obtaining a username and password.

An Intrusion Detection System (IDS) has alerted the network administrator to a possibly malicious sequence of packets sent to a Web server in the network’s external DMZ. The packet traffic was captured by the IDS and saved to a PCAP file. What type of network tool can be used to determine if these packets are genuinely malicious or simply a false positive?

1. A. Protocol analyzer
2. B. Network sniffer
3. C. Intrusion Prevention System (IPS)
4. D. Vulnerability scanner

Correct Answer: A