Free 312-50v12 Exam Braindumps

- (Exam Topic 3)
What is the most common method to exploit the “Bash Bug” or “Shellshock” vulnerability?

1. A. SYN Flood
2. B. SSH
3. C. Through Web servers utilizing CGI (Common Gateway Interface) to send a malformed environment variable to a vulnerable Web server
4. D. Manipulate format strings in text fields

Correct Answer: C

- (Exam Topic 2)
An attacker runs netcat tool to transfer a secret file between two hosts.

He is worried about information being sniffed on the network.
How would the attacker use netcat to encrypt the information before transmitting onto the wire?

1. A. Machine A: netcat -l -p -s password 1234 < testfileMachine B: netcat <machine A IP> 1234
2. B. Machine A: netcat -l -e magickey -p 1234 < testfileMachine> 1234
3. C. Machine A: netcat -l -p 1234 < testfile> 1234 -pw password
4. D. Use cryptcat instead of netcat

Correct Answer: D

- (Exam Topic 2)
Which of the following steps for risk assessment methodology refers to vulnerability identification?

1. A. Determines if any flaws exist in systems, policies, or procedures
2. B. Assigns values to risk probabilities; Impact values.
3. C. Determines risk probability that vulnerability will be exploited (Hig
4. D. Medium, Low)
5. E. Identifies sources of harm to an IT syste
6. F. (Natural, Huma
7. G. Environmental)

Correct Answer: C

- (Exam Topic 3)
Mary, a penetration tester, has found password hashes in a client system she managed to breach. She needs to use these passwords to continue with the test, but she does not have time to find the passwords that correspond to these hashes. Which type of attack can she implement in order to continue?

1. A. LLMNR/NBT-NS poisoning
2. B. Internal monologue attack
3. C. Pass the ticket
4. D. Pass the hash

Correct Answer: D

- (Exam Topic 2)
in an attempt to increase the security of your network, you Implement a solution that will help keep your wireless network undiscoverable and accessible only to those that know It. How do you accomplish this?

1. A. Delete the wireless network
2. B. Remove all passwords
3. C. Lock all users
4. D. Disable SSID broadcasting

Correct Answer: D
The SSID (service set identifier) is the name of your wireless network. SSID broadcast is how your router transmits this name to surrounding devices. Its primary function is to make your network visible and easily accessible. Most routers broadcast their SSIDs automatically. To disable or enable SSID broadcast, you need to change your router’s settings.
Disabling SSID broadcast will make your Wi-FI network name invisible to other users. However, this only hides the name, not the network itself. You cannot disguise the router's activity, so hackers can still attack it.
With your network invisible to wireless devices, connecting becomes a bit more complicated. Just giving a Wi-FI password to your guests is no longer enough. They have to configure their settings manually by including the network name, security mode, and other relevant info.
Disabling SSID might be a small step towards online security, but by no means should it be your final one. Before considering it as a security measure, consider the following aspects:
- Disabling SSID broadcast will not hide your network completely
Disabling SSID broadcast only hides the network name, not the fact that it exists. Your router constantly transmits so-called beacon frames to announce the presence of a wireless network. They contain essential information about the network and help the device connect.
- Third-party software can easily trace a hidden network
Programs such as NetStumbler or Kismet can easily locate hidden networks. You can try using them yourself to see how easy it is to find available networks – hidden or not.
- You might attract unwanted attention.
Disabling your SSID broadcast could also raise suspicion. Most of us assume that when somebody hides something, they have a reason to do so. Thus, some hackers might be attracted to your network.