2018/10/24 Braindump2go 312-50v10 Exam Dumps with PDF and VCE New Updated Today! Following are some new 312-50v10 Real Exam Questions:
1.|2018 Latest 312-50v10 Exam Dumps (PDF & VCE) 242Q&As Download:
https://www.braindump2go.com/312-50v10.html
2.|2018 Latest 312-50v10 Exam Questions & Answers Download:
https://drive.google.com/drive/folders/1g15jl9W8jnovDp0b_CsOg86BZSP5ualP?usp=sharing
QUESTION 162
An attacker with access to the inside network of a small company launches a successful STP manipulation attack. What will he do next?
A. He will create a SPAN entry on the spoofed root bridge and redirect traffic to his computer.
B. He will activate OSPF on the spoofed root bridge.
C. He will repeat this action so that is escalates to a DoS attack.
D. He will repeat the same attack against all L2 switches of the network.
Answer: A
QUESTION 163
Which access control mechanism allows for multiple systems to use a central authentication server (CAS) that permits users to authenticate once and gain access to multiple systems?
A. Single sign-on
B. Windows authentication
C. Role Based Access Control (RBAC)
D. Discretionary Access Control (DAC)
Answer: A
QUESTION 164
Which of the following viruses tries to hide from anti-virus programs by actively altering and corrupting the chosen service call interruptions when they are being run?
A. Stealth virus
B. Tunneling virus
C. Cavity virus
D. Polymorphic virus
Answer: A
QUESTION 165
If there is an Intrusion Detection System (IDS) in intranet, which port scanning technique cannot be used?
A. Spoof Scan
B. TCP SYN
C. TCP Connect scan
D. Idle scan
Answer: B
QUESTION 166
There are several ways to gain insight on how a cryptosystem works with the goal of reverse engineering the process. A term describes when two pieces of data result in the value is?
A. Polymorphism
B. Escrow
C. Collusion
D. Collision
Answer: D
QUESTION 167
A Security Engineer at a medium-sized accounting firm has been tasked with discovering how much information can be obtained from the firm’s public facing web servers. The engineer decides to start by using netcat to port 80.
The engineer receives this output:
HTTP/1.1 200 OK
Server: Microsoft-IIS/6
Expires: Tue, 17 Jan 2011 01:41:33 GMT
Date: Mon, 16 Jan 2011 01:41:33 GMT
Content-Type: text/html
Accept-Ranges: bytes
Last-Modified: Wed, 28 Dec 2010 15:32:21 GMT
ETag: “b0aac0542e25c31:89d”
Content-Length: 7369
Which of the following is an example of what the engineer performed?
A. Cross-site scripting
B. Banner grabbing
C. SQL injection
D. Who is database query
Answer: B
QUESTION 168
A large company intends to use Blackberry for corporate mobile phones and a security analyst is assigned to evaluate the possible threats. The analyst will use the Blackjacking attack method to demonstrate how an attacker could circumvent perimeter defenses and gain access to the Prometric Online Testing ?Reports https://ibt1.prometric.com/users/custom/report_queue/rq_str... corporate network. What tool should the analyst use to perform a Blackjacking attack?
A. Paros Proxy
B. BBProxy
C. Bloover
D. BBCrack
Answer: B
QUESTION 169
What attack is used to crack passwords by using a precomputed table of hashed passwords?
A. Brute Force Attack
B. Rainbow Table Attack
C. Dictionary Attack
D. Hybrid Attack
Answer: B
QUESTION 170
ShellShock had the potential for an unauthorized user to gain access to a server. It affected many internet- facing services, which OS did it not directly affect?
A. Windows
B. Linux
C. OS X
D. Unix
Answer: C
QUESTION 171
A network administrator discovers several unknown files in the root directory of his Linux FTP server. One of the files is a tarball, two are shell script files, and the third is a binary file is named “nc.” The FTP server’s access logs show that the anonymous user account logged in to the server, uploaded the files, and extracted the contents of the tarball and ran the script using a function provided by the FTP server’s software. The ps command shows that the nc file is running as process, and the netstat command shows the nc process is listening on a network port.
What kind of vulnerability must be present to make this remote attack possible?
A. File system permissions
B. Privilege escalation
C. Directory traversal
D. Brute force login
Answer: A
QUESTION 172
When you are testing a web application, it is very useful to employ a proxy tool to save every request and response. You can manually test every request and analyze the response to find vulnerabilities. You can test parameter and headers manually to get more precise results than if using web vulnerability scanners.
What proxy tool will help you find web vulnerabilities?
A. Burpsuite
B. Maskgen
C. Dimitry
D. Proxychains
Answer: A
!!!RECOMMEND!!!
1.|2018 Latest 312-50v10 Exam Dumps (PDF & VCE) 242Q&As Download:
https://www.braindump2go.com/312-50v10.html
2.|2018 Latest 312-50v10 Study Guide Video: