312-50v12 Practice Test

Which of the following tools performs comprehensive tests against web servers, including
dangerous files and CGIs?

A.

Nikto

B.

John the Ripper

C.

Dsniff

D.

Snort

Tess King is using the nslookup command to craft queries to list all DNS information (such
as Name Servers, host names, MX records, CNAME records, glue records (delegation for
child Domains), zone serial number, TimeToLive (TTL) records, etc) for a Domain.
What do you think Tess King is trying to accomplish? Select the best answer.

A.

A zone harvesting

B.

A zone transfer

C.

A zone update

D.

A zone estimate

What is the purpose of a demilitarized zone on a network?

A.

To scan all traffic coming through the DMZ to the internal network

B.

To only provide direct access to the nodes within the DMZ and protect the network
behind it

C.

To provide a place to put the honeypot

D.

To contain the network devices you wish to protect

Which mode of IPSec should you use to assure security and confidentiality of data within
the same LAN?

A.

ESP transport mode

B.

ESP confidential

C.

AH permiscuous

D.

AH Tunnel mode

Todd has been asked by the security officer to purchase a counter-based authentication
system. Which of the following best describes this type of system?

A.

A biometric system that bases authentication decisions on behavioral attributes.

B.

A biometric system that bases authentication decisions on physical attributes

C.

An authentication system that creates one-time passwords that are encrypted with
secret keys

D.

An authentication system that uses passphrases that are converted into virtual
passwords.