312-50V10 Online Practice Questions and Answers

Which protocol is used for setting up secure channels between two devices, typically in VPNs?

A. PPP

B. IPSEC

C. PEM

D. SET

When analyzing the IDS logs, the system administrator noticed an alert was logged when the external router was accessed from the administrator's computer to update the router configuration. What type of an alert is this?

A. False positive

B. False negative

C. True positve

D. True negative

A security engineer is attempting to map a company's internal network. The engineer enters in the following NMAP command:

NMAP –n –sS –P0 –p 80 ***.***.**.**

What type of scan is this?

A. Quick scan

B. Intense scan

C. Stealth scan

D. Comprehensive scan

Which of the following processes evaluates the adherence of an organization to its stated security policy?

A. Vulnerability assessment

B. Penetration testing

C. Risk assessment

D. Security auditing

Which statement best describes a server type under an N-tier architecture?

A. A group of servers at a specific layer

B. A single server with a specific role

C. A group of servers with a unique role

D. A single server at a specific layer

When you are testing a web application, it is very useful to employ a proxy tool to save every request and response. You can manually test every request and analyze the response to find vulnerabilities. You can test parameter and headers manually to get more precise results than if using web vulnerability scanners.

What proxy tool will help you find web vulnerabilities?

A. Burpsuite

B. Maskgen

C. Dimitry

D. Proxychains

A new wireless client is configured to join a 802.11 network. This client uses the same hardware and software as many of the other clients on the network. The client can see the network, but cannot connect. A wireless packet sniffer shows that the Wireless Access Point (WAP) is not responding to the association requests being sent by the wireless client.

What is a possible source of this problem?

A. The WAP does not recognize the client's MAC address

B. The client cannot see the SSID of the wireless network

C. Client is configured for the wrong channel

D. The wireless client is not configured to use DHCP

Which of the following is the BEST approach to prevent Cross-site Scripting (XSS) flaws?

A. Use digital certificates to authenticate a server prior to sending data.

B. Verify access right before allowing access to protected information and UI controls.

C. Verify access right before allowing access to protected information and UI controls.

D. Validate and escape all information sent to a server.

Which of the following commands runs snort in packet logger mode?

A. ./snort -dev -h ./log

B. ./snort -dev -l ./log

C. ./snort -dev -o ./log

D. ./snort -dev -p ./log

Yancey is a network security administrator for a large electric company. This company provides power for over 100, 000 people in Las Vegas. Yancey has worked for his company for over 15 years and has become very successful. One day, Yancey comes in to work and finds out that the company will be downsizing and he will be out of a job in two weeks. Yancey is very angry and decides to place logic bombs, viruses, Trojans, and backdoors all over the network to take down the company once he has left. Yancey does not care if his actions land him in jail for 30 or more years, he just wants the company to pay for what they are doing to him.

What would Yancey be considered?

A. Yancey would be considered a Suicide Hacker

B. Since he does not care about going to jail, he would be considered a Black Hat

C. Because Yancey works for the company currently; he would be a White Hat

D. Yancey is a Hacktivist Hacker since he is standing up to a company that is downsizing