Free 312-50 Exam Dumps

Question 96

- (Topic 19)
What do you conclude from the nmap results below?
Staring nmap V. 3.10ALPHA0 (www.insecure.org/map/)
(The 1592 ports scanned but not shown below are in state: closed) PortStateService
21/tcpopenftp 25/tcpopensmtp 80/tcpopenhttp 443/tcpopenhttps
Remote operating system guess: Too many signatures match the reliability guess the OS. Nmap run completed – 1 IP address (1 host up) scanned in 91.66 seconds

A. The system is a Windows Domain Controller.
B. The system is not firewalled.
C. The system is not running Linux or Solaris.
D. The system is not properly patched.

Correct Answer:B
There is no reports of any ports being filtered.

Question 97

- (Topic 4)
SNMP is a connectionless protocol that uses UDP instead of TCP packets? (True or False)

A. True
B. False

Correct Answer:A
TCP and UDP provide transport services. But UDP was preferred. This is due to TCP characteristics, it is a complicate protocol and it consume to many memory and CPU resources. Where as UDP is easy to build and run. Into devices (repeaters and modems) vendors have built simple version of IP and UDP.

Question 98

- (Topic 15)
Derek has stumbled upon a wireless network and wants to assess its security. However, he does not find enough traffic for a good capture. He intends to use AirSnort on the captured traffic to crack the WEP key and does not know the IP address range or the AP. How can he generate traffic on the network so that he can capture enough packets to crack the WEP key?

A. Use any ARP requests found in the capture
B. Derek can use a session replay on the packets captured
C. Derek can use KisMAC as it needs two USB devices to generate traffic
D. Use Ettercap to discover the gateway and ICMP ping flood tool to generate traffic

Correct Answer:D
By forcing the network to answer to a lot of ICMP messages you can gather enough packets to crack the WEP key.

Question 99

- (Topic 3)
Bob has been hired to perform a penetration test on ABC.com. He begins by looking at IP address ranges owned by the company and details of domain name registration. He then goes to News Groups and financial web sites to see if they are leaking any sensitive information of have any technical details online.
Within the context of penetration testing methodology, what phase is Bob involved with?

A. Passive information gathering
B. Active information gathering
C. Attack phase
D. Vulnerability Mapping

Correct Answer:A
He is gathering information and as long as he doesn’t make contact with any of the targets systems he is considered gathering this information in a passive mode.

Question 100

- (Topic 23)
Theresa is the chief information security officer for her company, a large shipping company based out of New York City. In the past, Theresa and her IT employees manually checked the status of client computers on the network to see if they had the most recent Microsoft updates. Now that the company has added over 100 more clients to accommodate new departments, Theresa must find some kind of tool to see whether the clients are up-to-date or not. Theresa decides to use Qfecheck to monitor all client computers. When Theresa runs the tool, she is repeatedly told that the software does not have the proper permissions to scan. Theresa is worried that the operating system hardening that she performs on all clients is keeping the software from scanning the necessary registry keys on the client computers.
What registry key permission should Theresa check to ensure that Qfecheck runs properly?

A. In order for Qfecheck to run properly, it must have enough permission to read
B. She needs to check the permissions of the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates registry key
C. Theresa needs to look over the permissions of the registry key
D. The registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Microsoft must be checked

Correct Answer:B
Qfecheck check the registry HKLM\Software\Microsoft\Updates