Dumps4free
Discount Offer
Go Back on 312-50 Exam
Available in 1, 3, 6 and 12 Months Free Updates Plans
PDF: $15 $60

Test Engine: $20 $80

PDF + Engine: $25 $99



Pass exam with Dumps4free or we will provide you with three additional months of access for FREE.

312-50 Practice Test

Whether you're a beginner or brushing up on skills, our 312-50 practice exam is your key to success. Our comprehensive question bank covers all key topics, ensuring you’re fully prepared.


Page 29 out of 153 Pages

Topic 19, Evading IDS, Firewalls and Honeypots

Which of the following is not an effective countermeasure against replay attacks?


A.

Digital signatures


B.

Time Stamps


C.

System identification


D.

Sequence numbers





C.   

System identification



Explanation: A replay attack is a form of network attack in which a valid data transmission
is maliciously or fraudulently repeated or delayed. Effective countermeasures should be
anything that makes it hard to delay or replay the packet (time stamps and sequence
numbers) or anything that prove the package is received as it was sent from the original
sender (digital signature)

You are attempting to map out the firewall policy for an organization. You discover
your target system is one hop beyond the firewall. Using hping2, you send SYN
packets with the exact TTL of the target system starting at port 1 and going up to
port 1024. What is this process known as?


A.

Footprinting


B.

Firewalking


C.

Enumeration


D.

Idle scanning





B.   

Firewalking



Explanation: Firewalking uses a traceroute-like IP packet analysis to determine whether or
not a particular packet can pass from the attacker’s host to a destination host through a
packet-filtering device. This technique can be used to map open or pass through ports on
a gateway. More over, it can determine whether packets with various control information
can pass through a given gateway.

Study the log below and identify the scan type.
tcpdump –w host 192.168.1.10

 


A.

nmap R 192.168.1.10


B.

nmap S 192.168.1.10


C.

  nmap V 192.168.1.10


D.

nmap –sO –T 192.168.1.10






D.   

nmap –sO –T 192.168.1.10




Explanation: -sO: IP protocol scans: This method is used to determine which IP protocols
are supported on a host. The technique is to send raw IP packets without any further
protocol header to each specified protocol on the target machine.

War dialing is a very old attack and depicted in movies that were made years ago.
Why would a modem security tester consider using such an old technique?


A.

It is cool, and if it works in the movies it must work in real life.


B.

It allows circumvention of protection mechanisms by being on the internal network.


C.

 It allows circumvention of the company PBX.


D.

 A good security tester would not use such a derelict technique.






B.   

It allows circumvention of protection mechanisms by being on the internal network.



Explanation: If you are lucky and find a modem that answers and is connected to the
target network, it usually is less protected (as only employees are supposed to know of its
existence) and once connected you don’t need to take evasive actions towards any
firewalls or IDS.

What is the disadvantage of an automated vulnerability assessment tool?


A.

Ineffective


B.

 Slow


C.

 Prone to false positives


D.

 Prone to false negatives


E.

 Noisy






E.   

 Noisy




Explanation: Vulnerability assessment tools perform a good analysis of system
vulnerabilities; however, they are noisy and will quickly trip IDS systems.


Page 29 out of 153 Pages
Previous