312-50V8 Online Practice Questions and Answers

What does FIN in TCP flag define?

A. Used to abort a TCP connection abruptly

B. Used to close a TCP connection

C. Used to acknowledge receipt of a previous packet or transmission

D. Used to indicate the beginning of a TCP connection

Susan has attached to her company's network. She has managed to synchronize her boss's sessions with that of the file server. She then intercepted his traffic destined for the server, changed it the way she wanted to and then placed it on the server in his home directory.

What kind of attack is Susan carrying on?

A. A sniffing attack

B. A spoofing attack

C. A man in the middle attack

D. A denial of service attack

Sniffing is considered an active attack.

A. True

B. False

Which type of Nmap scan is the most reliable, but also the most visible, and likely to be picked up by and IDS?

A. SYN scan

B. ACK scan

C. RST scan

D. Connect scan

E. FIN scan

Which of the following processes of PKI (Public Key Infrastructure) ensures that a trust relationship exists and that a certificate is still valid for specific operations?

A. Certificate issuance

B. Certificate validation

C. Certificate cryptography

D. Certificate revocation

While testing web applications, you attempt to insert the following test script into the search area on the company's web site:

Later, when you press the search button, a pop up box appears on your screen with the text "Testing

Testing Testing".

What vulnerability is detected in the web application here?

A. Cross Site Scripting

B. Password attacks

C. A Buffer Overflow

D. A hybrid attack

You just purchased the latest DELL computer, which comes pre-installed with Windows 7, McAfee antivirus software and a host of other applications. You want to connect Ethernet wire to your cable modem and start using the computer immediately. Windows is dangerously insecure when unpacked from the box, and there are a few things that you must do before you use it.

A. New installation of Windows should be patched by installing the latest service packs and hotfixes

B. Key applications such as Adobe Acrobat,Macromedia Flash,Java,Winzip etc.,must have the latest security patches installed

C. Install a personal firewall and lock down unused ports from connecting to your computer

D. Install the latest signatures for Antivirus software

E. Configure "Windows Update" to automatic

F. Create a non-admin user with a complex password and logon to this account

G. You can start using your computer as vendors such as DELL,HP and IBM would have already installed the latest service packs.

Derek has stumbled upon a wireless network and wants to assess its security. However, he does not find enough traffic for a good capture. He intends to use AirSnort on the captured traffic to crack the WEP key and does not know the IP address range or the AP.

How can he generate traffic on the network so that he can capture enough packets to crack the WEP key?

A. Use any ARP requests found in the capture

B. Derek can use a session replay on the packets captured

C. Derek can use KisMAC as it needs two USB devices to generate traffic

D. Use Ettercap to discover the gateway and ICMP ping flood tool to generate traffic