312-50v12 Free Practice Test

- (Exam Topic 2)
You are performing a penetration test for a client and have gained shell access to a Windows machine on the internal network. You intend to retrieve all DNS records for the internal domain, if the DNS server is at 192.168.10.2 and the domain name is abccorp.local, what command would you type at the nslookup prompt to attempt a zone transfer?

1. A. list server=192.168.10.2 type=all
2. B. is-d abccorp.local
3. C. Iserver 192.168.10.2-t all
4. D. List domain=Abccorp.local type=zone

Correct Answer: B

- (Exam Topic 3)
In both pharming and phishing attacks, an attacker can create websites that look similar to legitimate sites with the intent of collecting personal identifiable information from its victims.
What is the difference between pharming and phishing attacks?

1. A. In a pharming attack, a victim is redirected to a fake website by modifying their host configuration file or by exploiting vulnerabilities in DN
2. B. In a phishing attack, an attacker provides the victim with a URL that is either misspelled or looks similar to the actual websites domain name
3. C. In a phishing attack, a victim is redirected to a fake website by modifying their host configuration file or by exploiting vulnerabilities in DN
4. D. In a pharming attack, an attacker provides the victim with a URL that is either misspelled or looks very similar to the actual websites domain name
5. E. Both pharming and phishing attacks are purely technical and are not considered forms of social engineering
6. F. Both pharming and phishing attacks are identical

Correct Answer: A

- (Exam Topic 2)
in the Common Vulnerability Scoring System (CVSS) v3.1 severity ratings, what range does medium vulnerability fall in?

1. A. 3.0-6.9
2. B. 40-6.0
3. C. 4.0-6.9
4. D. 3.9-6.9

Correct Answer: C

- (Exam Topic 3)
Jake, a professional hacker, installed spyware on a target iPhone to spy on the target user's activities. He can take complete control of the target mobile device by jailbreaking the device remotely and record audio, capture screenshots, and monitor all phone calls and SMS messages. What is the type of spyware that Jake used to infect the target device?

1. A. DroidSheep
2. B. Androrat
3. C. Zscaler
4. D. Trident

Correct Answer: B

- (Exam Topic 3)
If executives are found liable for not properly protecting their company’s assets and information systems, what type of law would apply in this situation?

1. A. Criminal
2. B. International
3. C. Common
4. D. Civil

Correct Answer: D