Act now and download your 312 50v9 pdf today! Do not waste time for the worthless 312 50v9 pdf tutorials. Download 312 50v9 pdf with real questions and answers and begin to learn 312 50v9 pdf with a classic professional.

Online 312-50v9 free questions and answers of New Version:

NEW QUESTION 1
Which of the following is a low-tech way of gaining unauthorized access to systems?

  • A. Sniffing
  • B. Social engineering
  • C. Scanning
  • D. Eavesdropping

Answer: B

NEW QUESTION 2
Which of the following tools is used to detect wireless LANs using the 802.11a/b/g/n WLAN standards on a linux platform?

  • A. Kismet
  • B. Netstumbler
  • C. Abel
  • D. Nessus

Answer: A

NEW QUESTION 3
Jimmy is standing outside a secure entrance to a facility. He is pretending to having a tense conversation on his cell phone as an authorized employee badges in. Jimmy, while still on the phone, grabs the door as it beginsto close.
What just happened?

  • A. Masquading
  • B. Phishing
  • C. Whaling
  • D. Piggybacking

Answer: D

NEW QUESTION 4
It isan entity or event with the potential to adversely impact a system through unauthorized access destruction disclosures denial of service or modification of data.
Which of the following terms best matches this definition?

  • A. Threat
  • B. Attack
  • C. Risk
  • D. Vulnerability

Answer: A

NEW QUESTION 5
What isa “Collision attach” in cryptography?

  • A. Collision attacks try to break the hash into two parts, with the same bytes in each part to get the private key.
  • B. Collision attacks try to break the hash into three parts to get the plaintext value.
  • C. Collision attacks try to find two inputs producing the same hash.
  • D. Collision attacks try to get the public key

Answer: C

NEW QUESTION 6
You are attempting to man-in-the-middle a session. Which protocol will allow you to guess a sequence number?

  • A. ICMP
  • B. TCP
  • C. UDP
  • D. UPX

Answer: B

NEW QUESTION 7
You are performing a penetration test. You achieved access via a bufferoverflow exploit and you proceed to find interesting data, such as files with usernames and passwords. You find a hidden folder that has the administrator’s bank account password and login information for the administrator’s bitcoin account.
What should you do?

  • A. Do not transfer the money but steal the bitcoins.
  • B. Report immediately to the administrator.
  • C. Transfer money from the administrator’s account to another account.
  • D. Do not report it and continue the penetration test.

Answer: B

NEW QUESTION 8
You have compromised a server and successfully gained a root access. You want to pivot and pass traffic undetected over the network and evade any possible Intrusion Detection System.
What is the best approach?

  • A. Install and use Telnet to encrypt all outgoing traffic from this server.
  • B. Install Cryptcat and encrypt outgoing packets from this server
  • C. Use Alternate Data Streams to hide the outgoing packets from this server.
  • D. Use HTTP so that all traffic can be routed via a browser, thus evading the internal Intrusion Detection Systems.

Answer: A

NEW QUESTION 9
You are logged in as a local admin on a Windows 7 system and you need to launch the Computer Management Console from command line.
Which command would you use?

  • A. c:services.msc
  • B. c:ncpa.cp
  • C. c:compmgmt.msc
  • D. c:gpedit

Answer: C

NEW QUESTION 10
Perspective clients wantto see sample reports from previous penetration tests. What should you do next?

  • A. Share full reports, not redacted.
  • B. Share full reports, with redacted.
  • C. Decline but, provide references.
  • D. Share reports, after NDA is signed.

Answer: B

NEW QUESTION 11
You have successfully comprised a server having an IP address of 10.10.0.5. You would like to enumerate all machines in the same network quickly.
What is the best nmap command you will use?

  • A. Nmap –T4 –F 10.10.0.0/24
  • B. Nmap –T4 –q 10.10.0.0/24
  • C. Nmap –T4 –O 10.10.0.0/24
  • D. Nmap –T4 –r 10.10.0.0/24

Answer: A

NEW QUESTION 12
While using your bank’s online servicing you notice the following stringin the URL bar: “http://www.MyPersonalBank/Account?
Id=368940911028389&Damount=10980&Camount=21”
You observe that if you modify the Damount & Camount values and submit the request, that data on the web page reflect the changes.
What type of vulnerability is present on this site?

  • A. SQL injection
  • B. XSS Reflection
  • C. Web Parameter Tampering
  • D. Cookie Tampering

Answer: C

NEW QUESTION 13
This tool is an 802.11 WEP and WPA-PSK keys cracking program that can recover keys once enough data packets have been captured. It implements the standard FMS attach along with some optimizations like Korek attacks, as well as the PTW attack, thus making the attack much faster compared to other WEP cracking tools.
Which of the following tools is being described?

  • A. Wificracker
  • B. WLAN-crack
  • C. Airguard
  • D. Aircrack-ng

Answer: D

NEW QUESTION 14
The “Gray box testing” methodology enforces what kind of restriction?

  • A. Only the external operation of a system is accessible to the tester.
  • B. Only the internal operation of a system is known to the tester.
  • C. The internal operation of a system is completely known to the tester.
  • D. The internal operation of a system is only partly accessible to the tester.

Answer: D

NEW QUESTION 15
It is a regulation that has a set if guideline,which should be adhered to by anyone who handles any electronic medical data. These guidelines stipulate that all medical practices must ensure that all necessary measures are in place while saving, accessing, and sharing any electronic medical data to keep patient data secure.
Which of the following regulations best matches the description?

  • A. HIPAA
  • B. COBIT
  • C. ISO/IEC 27002
  • D. FISMA

Answer: A

NEW QUESTION 16
Which method of password cracking takes the most time and effect?

  • A. Rainbow Tables
  • B. Shoulder surfing
  • C. Bruce force
  • D. Directory attack

Answer: C

NEW QUESTION 17
You have successfully compromised a machine on the network and found a server that is alive on the same network. You tried to ping but you didn’t get any response back.
What is happening?

  • A. TCP/IP doesn’t support ICMP.
  • B. ICMP could be disabled on the target server.
  • C. The ARP is disabled on the target server.
  • D. You need to run the ping command with root privileges.

Answer: A

NEW QUESTION 18
A company’s Web development team has become aware ofa certain type of security vulnerability in their Web software. To mitigate the possibility of this vulnerability being exploited, the team wants to modify the software requirements to disallow users from entering HTML as input into their Web application.
What kind of web application vulnerability likely exists in their software?

  • A. Web site defacement vulnerability
  • B. SQL injection vulnerability
  • C. Cross-site Scripting vulnerability
  • D. Cross-site Request Forgery vulnerability

Answer: C

Thanks for reading the newest 312-50v9 exam dumps! We recommend you to try the PREMIUM 2passeasy 312-50v9 dumps in VCE and PDF here: https://www.2passeasy.com/dumps/312-50v9/ (125 Q&As Dumps)