312-50v12 Free Practice Test

- (Exam Topic 3)
Which of the following statements is TRUE?

1. A. Packet Sniffers operate on the Layer 1 of the OSI model.
2. B. Packet Sniffers operate on Layer 2 of the OSI model.
3. C. Packet Sniffers operate on both Layer 2 & Layer 3 of the OSI model.
4. D. Packet Sniffers operate on Layer 3 of the OSI model.

Correct Answer: B

- (Exam Topic 3)
Mary found a high vulnerability during a vulnerability scan and notified her server team. After analysis, they sent her proof that a fix to that issue had already been applied. The vulnerability that Marry found is called what?

1. A. False-negative
2. B. False-positive
3. C. Brute force attack
4. D. Backdoor

Correct Answer: B
https://www.infocyte.com/blog/2019/02/16/cybersecurity-101-what-you-need-to-know-about-false-positives-an
False positives are mislabeled security alerts, indicating there is a threat when in actuality, there isn’t. These false/non-malicious alerts (SIEM events) increase noise for already over-worked security teams and can include software bugs, poorly written software, or unrecognized network traffic.
False negatives are uncaught cyber threats — overlooked by security tooling because they’re dormant, highly sophisticated (i.e. file-less or capable of lateral movement) or the security infrastructure in place lacks the technological ability to detect these attacks.

- (Exam Topic 2)
Matthew, a black hat, has managed to open a meterpreter session to one of the kiosk machines in Evil Corp’s lobby. He checks his current SID, which is S-1-5-21-1223352397-1872883824-861252104-501. What needs to happen before Matthew has full administrator access?

1. A. He must perform privilege escalation.
2. B. He needs to disable antivirus protection.
3. C. He needs to gain physical access.
4. D. He already has admin privileges, as shown by the “501” at the end of the SID.

Correct Answer: A

- (Exam Topic 3)
Richard, an attacker, targets an MNC. in this process, he uses a footprinting technique to gather as much information as possible. Using this technique, he gathers domain information such as the target domain name, contact details of its owner, expiry date, and creation date. With this information, he creates a map of the organization's network and misleads domain owners with social engineering to obtain internal details of its network. What type of footprinting technique is employed by Richard?

1. A. VoIP footprinting
2. B. VPN footprinting
3. C. Whois footprinting
4. D. Email footprinting

Correct Answer: C
WHOIS (pronounced because the phrase who is) may be a query and response protocol and whois footprinting may be a method for glance information about ownership of a website name as following:• name details• Contact details contain phone no. and email address of the owner• Registration date for the name• Expire date for the name• name servers

- (Exam Topic 1)
Which is the first step followed by Vulnerability Scanners for scanning a network?

1. A. OS Detection
2. B. Firewall detection
3. C. TCP/UDP Port scanning
4. D. Checking if the remote host is alive

Correct Answer: D
Vulnerability scanning solutions perform vulnerability penetration tests on the organizational network in three steps:
* 1. Locating nodes:
The first step in vulnerability scanning is to locate live hosts in the target network using various scanning techniques.
* 2. Performing service and OS discovery on them:
After detecting the live hosts in the target network, the next step is to enumerate the open ports and services and the operating system on the target systems.
* 3. Testing those services and OS for known vulnerabilities:
Finally, after identifying the open services and
the operating system running on the target nodes, they are tested for known vulnerabilities.