Free 312-50v12 Exam Braindumps

- (Exam Topic 2)
Yancey is a network security administrator for a large electric company. This company provides power for over 100, 000 people in Las Vegas. Yancey has worked for his company for over 15 years and has become very successful. One day, Yancey comes in to work and finds out that the company will be downsizing and he will be out of a job in two weeks. Yancey is very angry and decides to place logic bombs, viruses, Trojans, and backdoors all over the network to take down the company once he has left. Yancey does not care if his actions land him in jail for 30 or more years, he just wants the company to pay for what they are doing to him.
What would Yancey be considered?

1. A. Yancey would be considered a Suicide Hacker
2. B. Since he does not care about going to jail, he would be considered a Black Hat
3. C. Because Yancey works for the company currently; he would be a White Hat
4. D. Yancey is a Hacktivist Hacker since he is standing up to a company that is downsizing

Correct Answer: A

- (Exam Topic 2)
Bill is a network administrator. He wants to eliminate unencrypted traffic inside his company's network. He decides to setup a SPAN port and capture all traffic to the datacenter. He immediately discovers unencrypted traffic in port UDP 161. what protocol is this port using and how can he secure that traffic?

1. A. it is not necessary to perform any actions, as SNMP is not carrying important information.
2. B. SNMP and he should change it to SNMP V3
3. C. RPC and the best practice is to disable RPC completely
4. D. SNMP and he should change it to SNMP v2, which is encrypted

Correct Answer: B
We have various articles already in our documentation for setting up SNMPv2 trap handling in Opsview,
but SNMPv3 traps are a whole new ballgame. They can be quite confusing and complicated to set up the firs time you go through the process, but when you understand what is going on, everything should make more sense.
SNMP has gone through several revisions to improve performance and security (version 1, 2c and 3). By default, it is a UDP port based protocol where communication is based on a ‘fire and forget’ methodology in which network packets are sent to another device, but there is no check for receipt of that packet (versus TCP port when a network packet must be acknowledged by the other end of the communication link).
There are two modes of operation with SNMP – get requests (or polling) where one device requests information from an SNMP enabled device on a regular basis (normally using UDP port 161), and traps where the SNMP enabled device sends a message to another device when an event occurs (normally using UDP port 162). The latter includes instances such as someone logging on, the device powering up or down, or a wide variety of other problems that would need this type of investigation.
This blog covers SNMPv3 traps, as polling and version 2c traps are covered elsewhere in our documentation. SNMP trapsSince SNMP is primarily a UDP port based system, traps may be ‘lost’ when sending between devices; the sending device does not wait to see if the receiver got the trap. This means if the configuration on the sending device is wrong (using the wrong receiver IP address or port) or the receiver isn’t listening for traps or rejecting them out of hand due to misconfiguration, the sender will never know.
The SNMP v2c specification introduced the idea of splitting traps into two types; the original ‘hope it gets there’ trap and the newer ‘INFORM’ traps. Upon receipt of an INFORM, the receiver must send an acknowledgement back. If the sender doesn’t get the acknowledgement back, then it knows there is an existing problem and can log it for sysadmins to find when they interrogate the device.

- (Exam Topic 2)
Which of the following statements is FALSE with respect to Intrusion Detection Systems?

1. A. Intrusion Detection Systems can be configured to distinguish specific content in network packets
2. B. Intrusion Detection Systems can easily distinguish a malicious payload in an encrypted traffic
3. C. Intrusion Detection Systems require constant update of the signature library
4. D. Intrusion Detection Systems can examine the contents of the data n context of the network protocol

Correct Answer: B

- (Exam Topic 2)
Clark is a professional hacker. He created and configured multiple domains pointing to the same host to switch quickly between the domains and avoid detection.
Identify the behavior of the adversary In the above scenario.

1. A. use of command-line interface
2. B. Data staging
3. C. Unspecified proxy activities
4. D. Use of DNS tunneling

Correct Answer: C
A proxy server acts as a gateway between you and therefore the internet. It’s an intermediary server separating end users from the websites they browse. Proxy servers provide varying levels of functionality, security, and privacy counting on your use case, needs, or company policy.If you’re employing a proxy server, internet traffic flows through the proxy server on its thanks to the address you requested. A proxy server is essentially a computer on the web with its own IP address that your computer knows. once you send an internet request, your request goes to the proxy server first. The proxy server then makes your web request on your behalf, collects the response from the online server, and forwards you the online page data so you’ll see the page in your browser.

- (Exam Topic 1)
The collection of potentially actionable, overt, and publicly available information is known as

1. A. Open-source intelligence
2. B. Real intelligence
3. C. Social intelligence
4. D. Human intelligence

Correct Answer: A