312-50v12 Free Practice Test

- (Exam Topic 2)
What port number is used by LDAP protocol?

1. A. 110
2. B. 389
3. C. 464
4. D. 445

Correct Answer: B

- (Exam Topic 2)
Bobby, an attacker, targeted a user and decided to hijack and intercept all their wireless communications. He installed a fake communication tower between two authentic endpoints to mislead the victim. Bobby used this virtual tower to interrupt the data transmission between the user and real tower, attempting to hijack an active session, upon receiving the users request. Bobby manipulated the traffic with the virtual tower and redirected the victim to a malicious website. What is the attack performed by Bobby in the above scenario?

1. A. Wardriving
2. B. KRACK attack
3. C. jamming signal attack
4. D. aLTEr attack

Correct Answer: D
aLTEr attacks are usually performed on LTE devices Attacker installs a virtual (fake) communication tower between two authentic endpoints intending to mislead the victim This virtual tower is used to interrupt the data transmission between the user and real tower attempting to hijack the active session.
https://alter-attack.net/media/breaking_lte_on_layer_two.pdf
The new aLTEr attack can be used against nearly all LTE connected endpoints by intercepting traffic and redirecting it to malicious websites together with a particular approach for Apple iOS devices.
This attack works by taking advantage of a style flaw among the LTE network — the information link layer (aka: layer-2) of the LTE network is encrypted with AES-CTR however it’s not integrity-protected, that is why an offender will modify the payload.
As a result, the offender is acting a classic man-in-the-middle wherever they’re movement as a cell tower to the victim.
Diagram Description automatically generated

- (Exam Topic 2)
Which of the following LM hashes represent a password of less than 8 characters? (Choose two.)

1. A. BA810DBA98995F1817306D272A9441BB
2. B. 44EFCE164AB921CQAAD3B435B51404EE
3. C. 0182BD0BD4444BF836077A718CCDF409
4. D. CEC52EB9C8E3455DC2265B23734E0DAC
5. E. B757BF5C0D87772FAAD3B435B51404EE
6. F. E52CAC67419A9A224A3B108F3FA6CB6D

Correct Answer: BE

- (Exam Topic 3)
Which of the following scanning method splits the TCP header into several packets and makes it difficult for packet filters to detect the purpose of the packet?

1. A. ACK flag probe scanning
2. B. ICMP Echo scanning
3. C. SYN/FIN scanning using IP fragments
4. D. IPID scanning

Correct Answer: C
SYN/FIN scanning using IP fragments is a process of scanning that was developed to avoid false positives generated by other scans because of a packet filtering device on the target system. The TCP header splits into several packets to evade the packet filter. For any transmission, every TCP header must have the source and destination port for the initial packet (8-octet, 64-bit). The initialized flags in the next packet allow the remote host to reassemble the packets upon receipt via an Internet protocol module that detects the fragmented data packets using field-equivalent values of the source, destination, protocol, and identification.

- (Exam Topic 3)
Which Nmap option would you use if you were not concerned about being detected and wanted to perform a very fast scan?

1. A. -T5
2. B. -O
3. C. -T0
4. D. -A

Correct Answer: A