312-50 Free Practice Test

- (Topic 23)
Attackers send an ACK probe packet with random sequence number, no response means port is filtered (Stateful firewall is present) and RST response means the port is not filtered. What type of Port Scanning is this?

1. A. RST flag scanning
2. B. FIN flag scanning
3. C. SYN flag scanning
4. D. ACK flag scanning

Correct Answer: D

- (Topic 23)
File extensions provide information regarding the underlying server technology. Attackers can use this information to search vulnerabilities and launch attacks. How would you disable file extensions in Apache servers?

1. A. Use disable-eXchange
2. B. Use mod_negotiation
3. C. Use Stop_Files
4. D. Use Lib_exchanges

Correct Answer: B

- (Topic 15)
Sandra is conducting a penetration test for ABC.com. She knows that ABC.com is using wireless networking for some of the offices in the building right down the street. Through social engineering she discovers that they are using 802.11g. Sandra knows that 802.11g uses the same 2.4GHz frequency range as 802.11b. Using NetStumbler and her 802.11b wireless NIC, Sandra drives over to the building to map the wireless networks. However, even though she repositions herself around the building several times, Sandra is not able to detect a single AP.
What do you think is the reason behind this?

1. A. Netstumbler does not work against 802.11g.
2. B. You can only pick up 802.11g signals with 802.11a wireless cards.
3. C. The access points probably have WEP enabled so they cannot be detected.
4. D. The access points probably have disabled broadcasting of the SSID so they cannot be detected.
5. E. 802.11g uses OFDM while 802.11b uses DSSS so despite the same frequency and 802.11b card cannot see an 802.11g signal.
6. F. Sandra must be doing something wrong, as there is no reason for her to not see the signals.

Correct Answer: D
Netstumbler can not detect networks that do not respond to broadcast requests.

- (Topic 14)
Jimmy, an attacker, knows that he can take advantage of poorly designed input validation routines to create or alter SQL commands to gain access to private data or execute commands in the database. What technique does Jimmy use to compromise a database?

1. A. Jimmy can submit user input that executes an operating system command to compromise a target system
2. B. Jimmy can utilize this particular database threat that is an SQL injection technique to penetrate a target system
3. C. Jimmy can utilize an incorrect configuration that leads to access with higher-than- expected privilege of the database
4. D. Jimmy can gain control of system to flood the target system with requests, preventing legitimate users from gaining access

Correct Answer: B
SQL injection is a security vulnerability that occurs in the database layer of an application. The vulnerability is present when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and thereby unexpectedly executed. It is in fact an instance of a more general class of vulnerabilities that can occur whenever one programming or scripting language is embedded inside another.

- (Topic 7)
John the hacker is sniffing the network to inject ARP packets. He injects broadcast frames onto the wire to conduct MiTM attack. What is the destination MAC address of a broadcast frame?

1. A. 0xFFFFFFFFFFFF
2. B. 0xAAAAAAAAAAAA
3. C. 0xBBBBBBBBBBBB
4. D. 0xDDDDDDDDDDDD

Correct Answer: A
0xFFFFFFFFFFFF is the destination MAC address of the broadcast frame.