312-50 Free Practice Test

- (Topic 3)
Name two software tools used for OS guessing.(Choose two.

1. A. Nmap
2. B. Snadboy
3. C. Queso
4. D. UserInfo
5. E. NetBus

Correct Answer: AC
Nmap and Queso are the two best-known OS guessing programs. OS guessing software has the ability to look at peculiarities in the way that each vendor implements the RFC's. These differences are compared with its database of known OS fingerprints. Then a best guess of the OS is provided to the user.

- (Topic 23)
An SNMP scanner is a program that sends SNMP requests to multiple IP addresses, trying different community strings and waiting for a reply. Unfortunately SNMP servers don't respond to requests with invalid community strings and the underlying protocol does not reliably report closed ports. This means that 'no response' from the probed IP address can mean which of the following:
(Select up to 3)

1. A. Invalid community string
2. B. S-AUTH protocol is running on the SNMP server
3. C. Machine unreachable
4. D. SNMP server not running

Correct Answer: ACD
http://en.wikipedia.org/wiki/Simple_Network_Management_Protocol

- (Topic 5)
Exhibit

You receive an e-mail with the message displayed in the exhibit.
From this e-mail you suspect that this message was sent by some hacker since you have using their e-mail services for the last 2 years and they never sent out an e-mail as this. You also observe the URL in the message and confirm your suspicion about 340590649. You immediately enter the following at the Windows 2000 command prompt.
ping 340590649
You get a response with a valid IP address. What is the obstructed IP address in the e-mail URL?

1. A. 192.34.5.9
2. B. 10.0.3.4
3. C. 203.2.4.5
4. D. 199.23.43.4

Correct Answer: C
Convert the number in binary, then start from last 8 bits and convert them to decimal to get the last octet (in this case .5)

- (Topic 23)
What do you call a pre-computed hash?

1. A. Sun tables
2. B. Apple tables
3. C. Rainbow tables
4. D. Moon tables

Correct Answer: C

- (Topic 2)
System Administrators sometimes post questions to newsgroups when they run into technical challenges. As an ethical hacker, you could use the information in newsgroup posting to glean insight into the makeup of a target network. How would you search for these posting using Google search?

1. A. Search in Google using the key strings “the target company” and “newsgroups”
2. B. Search for the target company name at http://groups.google.com
3. C. Use NNTP websites to search for these postings
4. D. Search in Google using the key search strings “the target company” and “forums”

Correct Answer: B
Using http://groups.google.com is the easiest way to access various newsgroups today. Before http://groups.google.com you had to use special NNTP clients or subscribe to some nntp to web services.