312-50 Online Practice Questions and Answers

Most cases of insider abuse can be traced to individuals who are introverted, incapable of dealing with stress or conflict, and frustrated with their job, office politics, and lack of respect or promotion. Disgruntled employees may pass company

secrets and intellectual property to competitors for monitory benefits.

Here are some of the symptoms of a disgruntled employee,.

These disgruntled employees are the biggest threat to enterprise security. How do you deal with these threats? (Select 2 answers)

A. Frequently leaves work early, arrive late or call in sick

B. Spends time surfing the Internet or on the phone

C. Responds in a confrontational, angry, or overly aggressive way to simple requests or comments

D. Always negative; finds fault with everything

E. Limit access to the applications they can run on their desktop computers and enforce strict work hour rules

F. By implementing Virtualization technology from the desktop to the data centre, organizations can isolate different environments with varying levels of access and security to various employees

G. Organizations must ensure that their corporate data is centrally managed and delivered to users just and when needed

H. Limit Internet access, e-mail communications, access to social networking sites and job hunting portals

You receive an e-mail like the one shown below. When you click on the link contained in the mail, you are redirected to a website seeking you to download free Anti-Virus software.

Dear valued customers,

We are pleased to announce the newest version of Antivirus 2010 for Windows which will probe you with total security against the latest spyware, malware, viruses, Trojans and other online threats. Simply visit the link below and enter your

antivirus code:

Antivirus code: 5014 http://www.juggyboy/virus/virus.html Thank you for choosing us, the worldwide leader Antivirus solutions.

Mike Robertson PDF Reader Support Copyright Antivirus 2010 ?All rights reserved If you want to stop receiving mail, please go to: http://www.juggyboy.com or you may contact us at the following address: Media Internet Consultants, Edif. Neptuno, Planta Baja, Ave. Ricardo J. Alfaro, Tumba Muerto, n/a Panama How will you determine if this is Real Anti-Virus or Fake Anti-Virus website?

A. Look at the website design, if it looks professional then it is a Real Anti-Virus website

B. Connect to the site using SSL, if you are successful then the website is genuine

C. Search using the URL and Anti-Virus product name into Google and lookout for suspicious warnings against this site

D. Download and install Anti-Virus software from this suspicious looking site, your Windows 7 will prompt you and stop the installation if the downloaded file is a malware

E. Download and install Anti-Virus software from this suspicious looking site, your Windows 7 will prompt you and stop the installation if the downloaded file is a malware

How do you defend against ARP Poisoning attack? (Select 2 answers)

A. Enable DHCP Snooping Binding Table

B. Restrict ARP Duplicates

C. Enable Dynamic ARP Inspection

D. Enable MAC snooping Table

Why would you consider sending an email to an address that you know does not exist within the company you are performing a Penetration Test for?

A. To determine who is the holder of the root account

B. To perform a DoS

C. To create needless SPAM

D. To illicit a response back that will reveal information about email servers and how they treat undeliverable mail

E. To test for virus protection

In the context of using PKI, when Sven wishes to send a secret message to Bob, he looks up Bob's public key in a directory, uses it to encrypt the message before sending it off. Bob then uses his private key to decrypt the message and reads it. No one listening on can decrypt the message. Anyone can send an encrypted message to Bob but only Bob can read it. Thus, although many people may know Bob's public key and use it to verify Bob's signature, they cannot discover Bob's private key and use it to forge digital signatures.

What does this principle refer to?

A. Irreversibility

B. Non-repudiation

C. Symmetry

D. Asymmetry

John has a proxy server on his network which caches and filters web access. He shuts down all unnecessary ports and services. Additionally, he has installed a firewall (Cisco PIX) that will not allow users to connect to any outbound ports. Jack, a network user has successfully connected to a remote server on port 80 using netcat. He could in turn drop a shell from the remote machine. Assuming an attacker wants to penetrate John's network, which of the following options is he likely to choose?

A. Use ClosedVPN

B. Use Monkey shell

C. Use reverse shell using FTP protocol

D. Use HTTPTunnel or Stunnel on port 80 and 443

In order to attack a wireless network, you put up an access point and override the signal of the real access point. As users send authentication data, you are able to capture it. What kind of attack is this?

A. WEP attack

B. Drive by hacking

C. Rogue access point attack

D. Unauthorized access point attack

Jim is having no luck performing a penetration test in company's network. He is running the tests from home and has downloaded every security scanner that he could lay his hands on. Despite knowing the IP range of all the systems, and the exact network configuration, Jim is unable to get any useful results.

Why is Jim having these problems?

A. Security scanners are not designed to do testing through a firewall.

B. Security scanners cannot perform vulnerability linkage.

C. Security scanners are only as smart as their database and cannot find unpublished vulnerabilities.

D. All of the above.

Bret is a web application administrator and has just read that there are a number of surprisingly common web application vulnerabilities that can be exploited by unsophisticated attackers with easily available tools on the Internet.

He has also read that when an organization deploys a web application, they invite the world to send HTTP requests. Attacks buried in these requests sail past firewalls, filters, platform hardening, SSL, and IDS without notice because they are inside legal HTTP requests. Bret is determined to weed out any vulnerabilities. What are some common vulnerabilities in web applications that he should be concerned about?

A. Non-validated parameters, broken access control, broken account and session management, cross- side scripting and buffer overflows are just a few common vulnerabilities

B. No IDS configured, anonymous user account set as default, missing latest security patch, no firewall filters set and visible clear text passwords are just a few common vulnerabilities

C. Visible clear text passwords, anonymous user account set as default, missing latest security patch, no firewall filters set and no SSL configured are just a few common vulnerabilities

D. No SSL configured, anonymous user account set as default, missing latest security patch, no firewall filters set and an inattentive system administrator are just a few common vulnerabilities

home/root # traceroute www.targetcorp.com traceroute to www.targetcorp.com (192.168.12.18), 64 hops may, 40 byte packets 1 router.anon.com (192.13.212.254) 1.373 ms 1.123 ms 1.280 ms 2 192.13.133.121 (192.13.133.121) 3.680 ms 3.506 ms 4.583 ms 3 firewall.anon.com (192.13.192.17) 127.189 ms 257.404 ms 208.484 ms 4 anon-gw.anon.com

(192.93.144.89) 471.68 ms 376.875 ms 228.286 ms 5 fe5-0.lin.isp.com (192.162.231.225) 2.961 ms 3.852 ms 2.974 ms 6 fe0-0.lon0.isp.com (192.162.231.234) 3.979 ms 3.243 ms 4.370 ms 7 192.13.133.5 (192.13.133.5) 11.454 ms 4.221

ms 3.333 ms 6 * * *

7 * * *

8 www.targetcorp.com (192.168.12.18) 5.392 ms 3.348 ms 3.199 ms

Use the traceroute results shown above to answer the following question:

The perimeter security at targetcorp.com does not permit ICMP TTL-expired packets out.

A. True

B. False