312-50v11 Free Practice Test

Fingerprinting an Operating System helps a cracker because:

1. A. It defines exactly what software you have installed
2. B. It opens a security-delayed window based on the port being scanned
3. C. It doesn't depend on the patches that have been applied to fix existing security holes
4. D. It informs the cracker of which vulnerabilities he may be able to exploit on your system

Correct Answer: D

If a token and 4-digit personal identification number (PIN) are used to access a computer system and the token performs off-line checking for the correct PIN, what type of attack is possible?

1. A. Birthday
2. B. Brute force
3. C. Man-in-the-middle
4. D. Smurf

Correct Answer: B

A bank stores and processes sensitive privacy information related to home loans. However, auditing has never been enabled on the system. What is the first step that the bank should take before enabling the audit feature?

1. A. Perform a vulnerability scan of the system.
2. B. Determine the impact of enabling the audit feature.
3. C. Perform a cost/benefit analysis of the audit feature.
4. D. Allocate funds for staffing of audit log review.

Correct Answer: B

An Internet Service Provider (ISP) has a need to authenticate users connecting via analog modems, Digital Subscriber Lines (DSL), wireless data services, and Virtual Private Networks (VPN) over a Frame Relay network.
Which AAA protocol is the most likely able to handle this requirement?

1. A. TACACS+
2. B. DIAMETER
3. C. Kerberos
4. D. RADIUS

Correct Answer: D

Why would you consider sending an email to an address that you know does not exist within the company you are performing a Penetration Test for?

1. A. To determine who is the holder of the root account
2. B. To perform a DoS
3. C. To create needless SPAM
4. D. To illicit a response back that will reveal information about email servers and how they treat undeliverable mail
5. E. To test for virus protection

Correct Answer: D