Free 312-50v12 Exam Braindumps

- (Exam Topic 2)
Alice needs to send a confidential document to her coworker. Bryan. Their company has public key infrastructure set up. Therefore. Alice both encrypts the message and digitally signs it. Alice uses to encrypt the message, and Bryan uses to confirm the digital signature.

1. A. Bryan’s public key; Bryan’s public key
2. B. Alice’s public key; Alice’s public key
3. C. Bryan’s private key; Alice’s public key
4. D. Bryan’s public key; Alice’s public key

Correct Answer: D
PKI uses public-key cryptography, which is widely used on the Internet to encrypt messages or authenticate message senders. In public-key cryptography, a CA generates public and private keys with the same algorithm simultaneously. The private key is held only by the subject (user, company, or system) mentioned in the certificate, while the public key is made publicly available in a directory that all parties can access. The subject keeps the private key secret and uses it to decrypt the text encrypted by someone else using the corresponding public key (available in a
public directory). Thus, others encrypt messages for the user with the user's public key, and the user decrypts it with his/her private key.

- (Exam Topic 3)
The security administrator of ABC needs to permit Internet traffic in the host 10.0.0.2 and UDP traffic in the host 10.1.1.3. He also needs to permit all FTP traffic to the rest of the network and deny all other traffic. After he applied his ACL configuration in the router, nobody can access the ftp, and the permitted hosts cannot access the Internet. According to the next configuration, what is happening in the network?
access-list 102 deny tcp any any
access-list 104 permit udp host 10.0.0.3 any
access-list 110 permit tcp host 10.0.0.2 eq www any
access-list 108 permit tcp any eq ftp any

1. A. The ACL 104 needs to be first because is UDP
2. B. The first ACL is denying all TCP traffic and the other ACLs are being ignored by the router
3. C. The ACL for FTP must be before the ACL 110
4. D. The ACL 110 needs to be changed to port 80

Correct Answer: B
https://www.cisco.com/c/en/us/support/docs/ip/access-lists/26448-ACLsamples.html
Since the first line prohibits any TCP traffic (access-list 102 deny tcp any any), the lines below will simply be ignored by the router. Below you will find the example from CISCO documentation.
This figure shows that FTP (TCP, port 21) and FTP data (port 20) traffic sourced from NetB destined to NetA is denied, while all other IP traffic is permitted.
Diagram Description automatically generated

FTP uses port 21 and port 20. TCP traffic destined to port 21 and port 20 is denied and everything else is explicitly permitted.
access-list 102 deny tcp any any eq ftp
access-list 102 deny tcp any any eq ftp-data
access-list 102 permit ip any any

- (Exam Topic 2)
How is the public key distributed in an orderly, controlled fashion so that the users can be sure of the sender’s identity?

1. A. Hash value
2. B. Private key
3. C. Digital signature
4. D. Digital certificate

Correct Answer: D