312-50 Free Practice Test

- (Topic 3)
What are the four steps is used by nmap scanning?

1. A. DNS Lookup
2. B. ICMP Message
3. C. Ping
4. D. Reverse DNS lookup
5. E. TCP three way handshake
6. F. The Actual nmap scan

Correct Answer: ACDF
Nmap performs four steps during a normal device scan. Some of these steps can be modified or disabled using options on the nmap command line.
✑ If a hostname is used as a remote device specification, nmap will perform a DNS
lookup prior to the scan.
✑ Nmap pings the remote device. This refers to the nmap "ping" process, not (necessarily) a traditional ICMP echo request.
✑ If an IP address is specified as the remote device, nmap will perform a reverse DNS lookup in an effort to identify a name that might be associated with the IP address. This is the opposite process of what happens in step 1, where an IP address is found from a hostname specification.
✑ Nmap executes the scan. Once the scan is over, this four-step process is completed. Except for the actual scan process in step four, each of these steps can be disabled or prevented using different IP addressing or nmap options. The nmap process can be as "quiet" or as "loud" as necessary!

- (Topic 23)
Google uses a unique cookie for each browser used by an individual user on a computer. This cookie contains information that allows Google to identify records about that user on its database. This cookie is submitted every time a user launches a Google search, visits a site using AdSense etc. The information stored in Google's database, identified by the cookie, includes
✑ Everything you search for using Google
✑ Every web page you visit that has Google Adsense ads How would you prevent Google from storing your search keywords?

1. A. Block Google Cookie by applying Privacy and Security settings in your web browser
2. B. Disable the Google cookie using Google Advanced Search settings on Google Search page
3. C. Do not use Google but use another search engine Bing which will not collect and store your search keywords
4. D. Use MAC OS X instead of Windows 7. Mac OS has higher level of privacy controls by default.

Correct Answer: A

- (Topic 19)
An Evil Cracker is attempting to penetrate your private network security. To do this, he must not be seen by your IDS, as it may take action to stop him. What tool might he use to bypass the IDS?
Select the best answer.

1. A. Firewalk
2. B. Manhunt
3. C. Fragrouter
4. D. Fragids

Correct Answer: C

Firewalking is a way to disguise a portscan. Thus, firewalking is not a tool, but a method of conducting a port scan in which it can be hidden from some firewalls. Synamtec Man-Hunt is an IDS, not a tool to evade an IDS.
Fragrouter is a tool that can take IP traffic and fragment it into multiple pieces. There is a legitimate reason that fragmentation is done, but it is also a technique that can help an attacker to evade detection while Fragids is a made-up tool and does not exist.

- (Topic 5)
Which of the following keyloggers cannot be detected by anti-virus or anti-spyware products?

1. A. Covert keylogger
2. B. Stealth keylogger
3. C. Software keylogger
4. D. Hardware keylogger

Correct Answer: D
As the hardware keylogger never interacts with the Operating System it is undetectable by anti-virus or anti-spyware products.

- (Topic 23)
TCP packets transmitted in either direction after the initial three-way handshake will have which of the following bit set?

1. A. SYN flag
2. B. ACK flag
3. C. FIN flag
4. D. XMAS flag

Correct Answer: B