312-50V9 Practice Questions

Destination unreachable administratively prohibited messages can inform the hacker to what?

Which of the following Nmap commands would be used to perform a stack fingerprinting?

(Note: the student is being tested on concepts learnt during passive OS fingerprinting, basic TCP/IP connection concepts and the ability to read packet signatures from a sniff dump...

Which type of Nmap scan is the most reliable, but also the most visible, and likely to be picked up by and IDS?

Name two software tools used for OS guessing? (Choose two.

Sandra is the security administrator of XYZ.com. One day she notices that the XYZ.com Oracle database server has been compromised and customer information along with financial data...

While reviewing the result of scanning run against a target network you come across the following: Which among the following can be used to get this output?

You are manually conducting Idle Scanning using Hping2. During your scanning you notice that almost every query increments the IPID regardless of the port being queried. One or two...

While performing ping scans into a target network you get a frantic call from the organization's security team. They report that they are under a denial of service attack. When you...

Neil notices that a single address is generating traffic from its port 500 to port 500 of several other machines on the network. This scan is eating up most of the network bandwidt...

A distributed port scan operates by:

An nmap command that includes the host specification of 202.176.56-57.* will scan _______ number of hosts.

A specific site received 91 ICMP_ECHO packets within 90 minutes from 47 different sites. 77 of the ICMP_ECHO packets had an ICMP ID:39612 and Seq:57072. 13 of the ICMP_ECHO packets...

Which of the following commands runs snort in packet logger mode?

You have initiated an active operating system fingerprinting attempt with nmap against a target system: What operating system is the target host running based on the open ports sho...

Study the log below and identify the scan type.

Which of the following command line switch would you use for OS detection in Nmap?

Why would an attacker want to perform a scan on port 137?

Which Type of scan sends a packets with no flags set? Select the Answer

Sandra has been actively scanning the client network on which she is doing a vulnerability assessment test. While conducting a port scan she notices open ports in the range of 135...

SNMP is a protocol used to query hosts, servers, and devices about performance or health status data. This protocol has long been used by hackers to gather great amount of informat...

Bob is acknowledged as a hacker of repute and is popular among visitors of "underground" sites. Bob is willing to share his knowledge with those who are willing to learn, and many...

Peter extracts the SIDs list from Windows 2000 Server machine using the hacking tool "SIDExtractor". Here is the output of the SIDs: From the above list identify the user account w...

Which address translation scheme would allow a single public IP address to always correspond to a single machine on an internal network, allowing "server publishing"?

What is the following command used for? net use \targetipc$ "" /u:""

What is the proper response for a NULL scan if the port is closed?

One of your team members has asked you to analyze the following SOA record. What is the TTL? Rutgers.edu.SOA NS1.Rutgers.edu ipad.college.edu (200302028 3600 3600 604800 2400.

One of your team members has asked you to analyze the following SOA record. What is the version? Rutgers.edu.SOA NS1.Rutgers.edu ipad.college.edu (200302028 3600 3600 604800 2400.

MX record priority increases as the number increases. (True/False.)

Which of the following tools can be used to perform a zone transfer?

Under what conditions does a secondary name server request a zone transfer from a primary name server?

What ports should be blocked on the firewall to prevent NetBIOS traffic from not coming through the firewall if your network is comprised of Windows NT, 2000, and XP?(Choose all th...

What is a NULL scan?

What is the proper response for a NULL scan if the port is open?

Which of the following statements about a zone transfer correct?(Choose three.

You have the SOA presented below in your Zone. Your secondary servers have not been able to contact your primary server to synchronize information. How long will the secondary serv...

Tess King is using the nslookup command to craft queries to list all DNS information (such as Name Servers, host names, MX records, CNAME records, glue records (delegation for chil...

A zone file consists of which of the following Resource Records (RRs)?

Let's imagine three companies (A, B and C), all competing in a challenging global environment. Company A and B are working together in developing a product that will generate a maj...

Which DNS resource record can indicate how long any "DNS poisoning" could last?

Joseph was the Web site administrator for the Mason Insurance in New York, who's main Web the Web site. One night, Joseph received an urgent phone call from his friend, Smith. Acco...

Which of the following tools are used for enumeration? (Choose three.)

What did the following commands determine? C: user2sid \earth guest S-1-5-21-343818398-789336058-1343024091-501 C:sid2user 5 21 343818398 789336058 1343024091 500 Name is Joe Domai...

Which definition among those given below best describes a covert channel?

Susan has attached to her company's network. She has managed to synchronize her boss's sessions with that of the file server. She then intercepted his traffic destined for the serv...

Eric has discovered a fantastic package of tools named Dsniff on the Internet. He has learnt to use these tools in his lab and is now ready for real world exploitation. He was able...

Eve is spending her day scanning the library computers. She notices that Alice is using a computer whose port 445 is active and listening. Eve uses the ENUM tool to enumerate Alice...

Which of the following represents the initial two commands that an IRC client sends to join an IRC network?

Study the following log extract and identify the attack.

Null sessions are un-authenticated connections (not using a username or password.) to an NT or 2000 system. Which TCP and UDP ports must you filter to check null sessions on your n...