312-50v11 | What High Value 312-50v11 Test Is

NEW QUESTION 1
In the field of cryptanalysis, what is meant by a “rubber-hose" attack?

• A. Attempting to decrypt cipher text by making logical assumptions about the contents of the original plain text.
• B. Extraction of cryptographic secrets through coercion or torture.
• C. Forcing the targeted key stream through a hardware-accelerated device such as an ASIC.
• D. A backdoor placed into a cryptographic algorithm by its creator.

Answer: B

NEW QUESTION 2
What is correct about digital signatures?

• A. A digital signature cannot be moved from one signed document to another because it is the hash of the original document encrypted with the private key of the signing party.
• B. Digital signatures may be used in different documents of the same type.
• C. A digital signature cannot be moved from one signed document to another because it is a plain hash of the document content.
• D. Digital signatures are issued once for each user and can be used everywhere until they expire.

Answer: A

NEW QUESTION 3
Which of the following program infects the system boot sector and the executable files at the same time?

• A. Polymorphic virus
• B. Stealth virus
• C. Multipartite Virus
• D. Macro virus

Answer: C

NEW QUESTION 4
Under what conditions does a secondary name server request a zone transfer from a primary name server?

• A. When a primary SOA is higher that a secondary SOA
• B. When a secondary SOA is higher that a primary SOA
• C. When a primary name server has had its service restarted
• D. When a secondary name server has had its service restarted
• E. When the TTL falls to zero

Answer: A

NEW QUESTION 5
Which of the following incident handling process phases is responsible for defining rules, collaborating human workforce, creating a back-up plan, and testing the plans for an organization?

• A. Preparation phase
• B. Containment phase
• C. Identification phase
• D. Recovery phase

Answer: A

NEW QUESTION 6
Which service in a PKI will vouch for the identity of an individual or company?

• A. KDC
• B. CR
• C. CBC
• D. CA

Answer: D

NEW QUESTION 7
Bob is going to perform an active session hijack against Brownies Inc. He has found a target that allows session oriented connections (Telnet) and performs the sequence prediction on the target operating system. He manages to find an active session due to the high level of traffic on the network. What is Bob supposed to do next?

• A. Take over the session
• B. Reverse sequence prediction
• C. Guess the sequence numbers
• D. Take one of the parties offline

Answer: C

NEW QUESTION 8
An Intrusion Detection System (IDS) has alerted the network administrator to a possibly malicious sequence of packets sent to a Web server in the network’s external DMZ. The packet traffic was captured by the IDS and saved to a PCAP file. What type of network tool can be used to determine if these packets are genuinely malicious or simply a false positive?

• A. Protocol analyzer
• B. Network sniffer
• C. Intrusion Prevention System (IPS)
• D. Vulnerability scanner

Answer: A

NEW QUESTION 9
Which system consists of a publicly available set of databases that contain domain name registration contact information?

• A. WHOIS
• B. CAPTCHA
• C. IANA
• D. IETF

Answer: A

NEW QUESTION 10
A company’s policy requires employees to perform file transfers using protocols which encrypt traffic. You suspect some employees are still performing file transfers using unencrypted protocols because the employees do not like changes. You have positioned a network sniffer to capture traffic from the laptops used by employees in the data ingest department. Using Wireshark to examine the captured traffic, which command can be used as display filter to find unencrypted file transfers?

• A. tcp.port = = 21
• B. tcp.port = 23
• C. tcp.port = = 21 | | tcp.port = =22
• D. tcp.port ! = 21

Answer: A

NEW QUESTION 11
As a Certified Ethical Hacker, you were contracted by a private firm to conduct an external security assessment through penetration testing.
What document describes the specifics of the testing, the associated violations, and essentially protects both the organization’s interest and your liabilities as a tester?

• A. Service Level Agreement
• B. Project Scope
• C. Rules of Engagement
• D. Non-Disclosure Agreement

Answer: C

NEW QUESTION 12
Peter, a Network Administrator, has come to you looking for advice on a tool that would help him perform SNMP enquires over the network.
Which of these tools would do the SNMP enumeration he is looking for? Select the best answers.

• A. SNMPUtil
• B. SNScan
• C. SNMPScan
• D. Solarwinds IP Network Browser
• E. NMap

Answer: ABD

NEW QUESTION 13
What is one of the advantages of using both symmetric and asymmetric cryptography in SSL/TLS?

• A. Symmetric algorithms such as AES provide a failsafe when asymmetric methods fail.
• B. Asymmetric cryptography is computationally expensive in compariso
• C. However, it is well-suited to securely negotiate keys for use with symmetric cryptography.
• D. Symmetric encryption allows the server to securely transmit the session keys out-of-band.
• E. Supporting both types of algorithms allows less-powerful devices such as mobile phones to use symmetric encryption instead.

Answer: D

NEW QUESTION 14
What is the following command used for? net use \targetipc$ "" /u:""

• A. Grabbing the etc/passwd file
• B. Grabbing the SAM
• C. Connecting to a Linux computer through Samba.
• D. This command is used to connect as a null session
• E. Enumeration of Cisco routers

Answer: D

NEW QUESTION 15
During an Xmas scan what indicates a port is closed?

• A. No return response
• B. RST
• C. ACK
• D. SYN

Answer: B

NEW QUESTION 16
What is one of the advantages of using both symmetric and asymmetric cryptography in SSL/TLS?

• A. Supporting both types of algorithms allows less-powerful devices such as mobile phones to use symmetric encryption instead.
• B. Symmetric algorithms such as AES provide a failsafe when asymmetric methods fail.
• C. Symmetric encryption allows the server to security transmit the session keys out-of-band.
• D. Asymmetric cryptography is computationally expensive in compariso
• E. However, it is well-suited to securely negotiate keys for use with symmetric cryptography.

Answer: A

NEW QUESTION 17
The change of a hard drive failure is once every three years. The cost to buy a new hard drive is $300. It will require 10 hours to restore the OS and software to the new hard disk. It will require a further 4 hours to restore the database from the last backup to the new hard disk. The recovery person earns $10/hour. Calculate the SLE, ARO, and ALE. Assume the EF = 1(100%). What is the closest approximate cost of this replacement and recovery operation per year?

• A. $1320
• B. $440
• C. $100
• D. $146

Answer: D

NEW QUESTION 18
Which of the following is a component of a risk assessment?

• A. Administrative safeguards
• B. Physical security
• C. DMZ
• D. Logical interface

Answer: A

NEW QUESTION 19
In Trojan terminology, what is a covert channel?

• A. A channel that transfers information within a computer system or network in a way that violates the security policy
• B. A legitimate communication path within a computer system or network for transfer of data
• C. It is a kernel operation that hides boot processes and services to mask detection
• D. It is Reverse tunneling technique that uses HTTPS protocol instead of HTTP protocol to establish connections

Answer: A

NEW QUESTION 20
Bob, a network administrator at BigUniversity, realized that some students are connecting their notebooks in the wired network to have Internet access. In the university campus, there are many Ethernet ports available for professors and authorized visitors but not for students.
He identified this when the IDS alerted for malware activities in the network. What should Bob do to avoid this problem?

• A. Disable unused ports in the switches
• B. Separate students in a different VLAN
• C. Use the 802.1x protocol
• D. Ask students to use the wireless network

Answer: C

NEW QUESTION 21
You are tasked to configure the DHCP server to lease the last 100 usable IP addresses in subnet to. 1.4.0/23. Which of the following IP addresses could be teased as a result of the new configuration?

• A. 210.1.55.200
• B. 10.1.4.254
• C. 10..1.5.200
• D. 10.1.4.156

Answer: C

NEW QUESTION 22
Which of the following LM hashes represent a password of less than 8 characters? (Choose two.)

• A. BA810DBA98995F1817306D272A9441BB
• B. 44EFCE164AB921CQAAD3B435B51404EE
• C. 0182BD0BD4444BF836077A718CCDF409
• D. CEC52EB9C8E3455DC2265B23734E0DAC
• E. B757BF5C0D87772FAAD3B435B51404EE
• F. E52CAC67419A9A224A3B108F3FA6CB6D

Answer: BE

NEW QUESTION 23
......