312-50v12 Free Practice Test

- (Exam Topic 2)
What do Trinoo, TFN2k, WinTrinoo, T-Sight, and Stracheldraht have in common?

1. A. All are hacking tools developed by the legion of doom
2. B. All are tools that can be used not only by hackers, but also security personnel
3. C. All are DDOS tools
4. D. All are tools that are only effective against Windows
5. E. All are tools that are only effective against Linux

Correct Answer: C

- (Exam Topic 2)
Richard, an attacker, aimed to hack loT devices connected to a target network. In this process. Richard recorded the frequency required to share information between connected devices. After obtaining the frequency, he captured the original data when commands were initiated by the connected devices. Once the original data were collected, he used free tools such as URH to segregate the command sequence. Subsequently, he started injecting the segregated command sequence on the same frequency into the loT network, which repeats the captured signals of the devices. What Is the type of attack performed by Richard In the above scenario?

1. A. Side-channel attack
2. B. Replay attack
3. C. CrypTanalysis attack
4. D. Reconnaissance attack

Correct Answer: B
Replay Attack could be a variety of security attack to the info sent over a network.In this attack, the hacker o a person with unauthorized access, captures the traffic and sends communication to its original destination, acting because the original sender. The receiver feels that it’s Associate in Nursing genuine message however it’s really the message sent by the aggressor. the most feature of the Replay Attack is that the consumer would receive the message double, thence the name, Replay Attack.
Prevention from Replay Attack : 1. Timestamp technique –Prevention from such attackers is feasible, if timestamp is employed at the side of the info. Supposedly, the timestamp on an information is over a precise limit, it may be discarded, and sender may be asked to send the info once more.2. Session key technique
–Another way of hindrance, is by victimisation session key. This key may be used one time (by sender and receiver) per dealing, and can’t be reused.

- (Exam Topic 2)
John wants to send Marie an email that includes sensitive information, and he does not trust the network that he is connected to. Marie gives him the idea of using PGP. What should John do to communicate correctly using this type of encryption?

1. A. Use his own public key to encrypt the message.
2. B. Use Marie's public key to encrypt the message.
3. C. Use his own private key to encrypt the message.
4. D. Use Marie's private key to encrypt the message.

Correct Answer: B
When a user encrypts plaintext with PGP, PGP first compresses the plaintext. The session key works with a very secure, fast conventional encryption algorithm to encrypt the plaintext; the result is ciphertext. Once the data is encrypted, the session key is then encrypted to the recipient's public key
https://en.wikipedia.org/wiki/Pretty_Good_Privacy
Pretty Good Privacy (PGP) is an encryption program that provides cryptographic privacy and authentication for data communication. PGP is used for signing, encrypting, and decrypting texts, e-mails, files, directories, and whole disk partitions and to increase the security of e-mail communications.
PGP encryption uses a serial combination of hashing, data compression, symmetric-key cryptography, and finally public-key cryptography; each step uses one of several supported algorithms. Each public key is bound to a username or an e-mail address.
https://en.wikipedia.org/wiki/Public-key_cryptography
Public key encryption uses two different keys. One key is used to encrypt the information and the other is used to decrypt the information. Sometimes this is referred to as asymmetric encryption because two keys are required to make the system and/or process work securely. One key is known as the public key and should be shared by the owner with anyone who will be securely communicating with the key owner. However, the owner’s secret key is not to be shared and considered a private key. If the private key is shared with unauthorized recipients, the encryption mechanisms protecting the information must be considered compromised.

- (Exam Topic 2)
Nathan is testing some of his network devices. Nathan is using Macof to try and flood the ARP cache of these switches.
If these switches' ARP cache is successfully flooded, what will be the result?

1. A. The switches will drop into hub mode if the ARP cache is successfully flooded.
2. B. If the ARP cache is flooded, the switches will drop into pix mode making it less susceptible to attacks.
3. C. Depending on the switch manufacturer, the device will either delete every entry in its ARP cache or reroute packets to the nearest switch.
4. D. The switches will route all traffic to the broadcast address created collisions.

Correct Answer: A

- (Exam Topic 3)
You are using a public Wi-Fi network inside a coffee shop. Before surfing the web, you use your VPN to prevent intruders from sniffing your traffic. If you did not have a VPN, how would you identify whether someone is performing an ARP spoofing attack on your laptop?

1. A. You should check your ARP table and see if there is one IP address with two different MAC addresses.
2. B. You should scan the network using Nmap to check the MAC addresses of all the hosts and look for duplicates.
3. C. You should use netstat to check for any suspicious connections with another IP address within the LAN.
4. D. You cannot identify such an attack and must use a VPN to protect your traffic, r

Correct Answer: A