Free 312-50 Exam Dumps

Question 71

- (Topic 18)
WinDump is a popular sniffer which results from the porting to Windows of TcpDump for Linux. What library does it use ?

A. LibPcap
B. WinPcap
C. Wincap
D. None of the above

Correct Answer:B
WinPcap is the industry-standard tool for link-layer network access in Windows environments: it allows applications to capture and transmit network packets bypassing the protocol stack, and has additional useful features, including kernel-level
packet filtering, a network statistics engine and support for remote packet capture.

Question 72

- (Topic 4)
What is the proper response for a NULL scan if the port is open?

A. SYN
B. ACK
C. FIN
D. PSH
E. RST
F. No response

Correct Answer:F
A NULL scan will have no response if the port is open.

Question 73

- (Topic 3)
What are the four steps is used by nmap scanning?

A. DNS Lookup
B. ICMP Message
C. Ping
D. Reverse DNS lookup
E. TCP three way handshake
F. The Actual nmap scan

Correct Answer:ACDF
Nmap performs four steps during a normal device scan. Some of these steps can be modified or disabled using options on the nmap command line.
✑ If a hostname is used as a remote device specification, nmap will perform a DNS
lookup prior to the scan.
✑ Nmap pings the remote device. This refers to the nmap "ping" process, not (necessarily) a traditional ICMP echo request.
✑ If an IP address is specified as the remote device, nmap will perform a reverse DNS lookup in an effort to identify a name that might be associated with the IP address. This is the opposite process of what happens in step 1, where an IP address is found from a hostname specification.
✑ Nmap executes the scan. Once the scan is over, this four-step process is completed. Except for the actual scan process in step four, each of these steps can be disabled or prevented using different IP addressing or nmap options. The nmap process can be as "quiet" or as "loud" as necessary!

Question 74

- (Topic 23)
If you receive a RST packet while doing an ACK scan, it indicates that the port is open.(True/False).

A. True
B. False

Correct Answer:A
When and ACK is sent to an open port, a RST is returned.

Question 75

- (Topic 19)
All the web servers in the DMZ respond to ACK scan on port 80. Why is this happening ?

A. They are all Windows based webserver
B. They are all Unix based webserver
C. The company is not using IDS
D. The company is not using a stateful firewall

Correct Answer:D
If they used a stateful inspection firewall this firewall would know if there has been a SYN-ACK before the ACK.