312-50v12 Free Practice Test

- (Exam Topic 1)
Identify the UDP port that Network Time Protocol (NTP) uses as its primary means of communication?

1. A. 113
2. B. 69
3. C. 123
4. D. 161

Correct Answer: C
https://en.wikipedia.org/wiki/Network_Time_Protocol
The Network Time Protocol (NTP) is a networking protocol for clock synchronization between computer systems over packet-switched, variable-latency data networks.
NTP is intended to synchronize all participating computers within a few milliseconds of Coordinated Universal Time (UTC). It uses the intersection algorithm, a modified version of Marzullo's algorithm, to select accurate time servers and is designed to mitigate variable network latency effects. NTP can usually maintain time to within tens of milliseconds over the public Internet and achieve better than one millisecond accuracy in local area networks. Asymmetric routes and network congestion can cause errors of 100 ms or more.
The protocol is usually described in terms of a client-server model but can easily be used in peer-to-peer relationships where both peers consider the other to be a potential time source. Implementations send and receive timestamps using the User Datagram Protocol (UDP) on port number 123.

- (Exam Topic 2)
How can you determine if an LM hash you extracted contains a password that is less than 8 characters long?

1. A. There is no way to tell because a hash cannot be reversed
2. B. The right most portion of the hash is always the same
3. C. The hash always starts with AB923D
4. D. The left most portion of the hash is always the same
5. E. A portion of the hash will be all 0's

Correct Answer: B

- (Exam Topic 1)
Which of the following program infects the system boot sector and the executable files at the same time?

1. A. Polymorphic virus
2. B. Stealth virus
3. C. Multipartite Virus
4. D. Macro virus

Correct Answer: C

- (Exam Topic 2)
Techno Security Inc. recently hired John as a penetration tester. He was tasked with identifying open ports in the target network and determining whether the ports are online and any firewall rule sets are encountered. John decided to perform a TCP SYN ping scan on the target network. Which of the following Nmap commands must John use to perform the TCP SYN ping scan?

1. A. nmap -sn -pp < target ip address >
2. B. nmap -sn -PO < target>
3. C. nmap -sn -PS < target>
4. D. nmap -sn -PA < target>

Correct Answer: C
https://hub.packtpub.com/discovering-network-hosts-with-tcp-syn-and-tcp-ack-ping-scans-in-nmaptutorial/

- (Exam Topic 1)
What term describes the amount of risk that remains after the vulnerabilities are classified and the countermeasures have been deployed?

1. A. Residual risk
2. B. Impact risk
3. C. Deferred risk
4. D. Inherent risk

Correct Answer: A
https://en.wikipedia.org/wiki/Residual_risk
The residual risk is the risk or danger of an action or an event, a method or a (technical) process that, although being abreast with science, still conceives these dangers, even if all theoretically possible safety measures would be applied (scientifically conceivable measures); in other words, the amount of risk left over after natural or inherent risks have been reduced by risk controls.
· Residual risk = (Inherent risk) – (impact of risk controls)