312-50V7 Online Practice Questions and Answers

Jack Hacker wants to break into Brown Co.'s computers and obtain their secret double fudge cookie recipe. Jack calls Jane, an accountant at Brown Co., pretending to be an administrator from Brown Co. Jack tells Jane that there has been a problem with some accounts and asks her to verify her password with him ''just to double check our records.'' Jane does not suspect anything amiss, and parts with her password. Jack can now access Brown Co.'s computers with a valid user name and password, to steal the cookie recipe. What kind of attack is being illustrated here?

A. Reverse Psychology

B. Reverse Engineering

C. Social Engineering

D. Spoofing Identity

E. Faking Identity

An attacker has successfully compromised a remote computer. Which of the following comes as one of the last steps that should be taken to ensure that the compromise cannot be traced back to the source of the problem?

A. Install patches

B. Setup a backdoor

C. Install a zombie for DDOS

D. Cover your tracks

This tool is widely used for ARP Poisoning attack. Name the tool.

A. Cain and Able

B. Beat Infector

C. Poison Ivy

D. Webarp Infector

While testing web applications, you attempt to insert the following test script into the search area on the company's web site:

Later, when you press the search button, a pop up box appears on your screen with the text "Testing Testing Testing". What vulnerability is detected in the web

application here?

A. Cross Site Scripting

B. Password attacks

C. A Buffer Overflow

D. A hybrid attack

_____________ is a type of symmetric-key encryption algorithm that transforms a fixed-length block of plaintext (unencrypted text) data into a block of ciphertext (encrypted text) data of the same length.

A. Stream Cipher

B. Block Cipher

C. Bit Cipher

D. Hash Cipher

What is the default Password Hash Algorithm used by NTLMv2?

A. MD4

B. DES

C. SHA-1

D. MD5

Neil is closely monitoring his firewall rules and logs on a regular basis. Some of the users have complained to Neil that there are a few employees who are visiting offensive web site during work hours, without any consideration for others. Neil knows that he has an up-to-date content filtering system and such access should not be authorized. What type of technique might be used by these offenders to access the Internet without restriction?

A. They are using UDP that is always authorized at the firewall

B. They are using HTTP tunneling software that allows them to communicate with protocols in a way it was not intended

C. They have been able to compromise the firewall, modify the rules, and give themselves proper access

D. They are using an older version of Internet Explorer that allow them to bypass the proxy server

An attacker is attempting to telnet into a corporation's system in the DMZ. The attacker doesn't want to get caught and is spoofing his IP address. After numerous tries he remains unsuccessful in connecting to the system. The attacker rechecks that the target system is actually listening on Port 23 and he verifies it with both nmap and hping2. He is still unable to connect to the target system. What could be the reason?

A. The firewall is blocking port 23 to that system

B. He needs to use an automated tool to telnet in

C. He cannot spoof his IP and successfully use TCP

D. He is attacking an operating system that does not reply to telnet even when open

For messages sent through an insecure channel, a properly implemented digital signature gives the receiver reason to believe the message was sent by the claimed sender. While using a digital signature, the message digest is encrypted with which key?

A. Sender's public key

B. Receiver's private key

C. Receiver's public key

D. Sender's private key

Which of the following viruses tries to hide from anti-virus programs by actively altering and corrupting the chosen service call interruptions when they are being run?

A. Cavity virus

B. Polymorphic virus

C. Tunneling virus

D. Stealth virus