312-50v10 Free Practice Test

- (Exam Topic 2)
What are the three types of authentication?

1. A. Something you: know, remember, prove
2. B. Something you: have, know, are
3. C. Something you: show, prove, are
4. D. Something you: show, have, prove

Correct Answer: B

- (Exam Topic 5)
If executives are found liable for not properly protecting their company's assets and information systems, what type of law would apply in this situation?

1. A. Civil
2. B. International
3. C. Criminal
4. D. Common

Correct Answer: A

- (Exam Topic 6)
In IPv6 what is the major difference concerning application layer vulnerabilities compared to IPv4?

1. A. Implementing IPv4 security in a dual-stack network offers protection from IPv6 attacks too.
2. B. Vulnerabilities in the application layer are independent of the network laye
3. C. Attacks and mitigation techniques are almost identical.
4. D. Due to the extensive security measures built in IPv6, application layer vulnerabilities need not be addresses.
5. E. Vulnerabilities in the application layer are greatly different from IPv4.

Correct Answer: B

- (Exam Topic 2)
A pentester is using Metasploit to exploit an FTP server and pivot to a LAN. How will the pentester pivot using Metasploit?

1. A. Issue the pivot exploit and set the meterpreter.
2. B. Reconfigure the network settings in the meterpreter.
3. C. Set the payload to propagate through the meterpreter.
4. D. Create a route statement in the meterpreter.

Correct Answer: D

- (Exam Topic 7)
Gavin owns a white-hat firm and is performing a website security audit for one of his clients. He begins by running a scan which looks for common misconfigurations and outdated software versions. Which of the following tools is he most likely using?

1. A. Nikto
2. B. Nmap
3. C. Metasploit
4. D. Armitage

Correct Answer: B