[July-2017-New]312-50v9 Exam Dump 589Q Free from Braidump2go[101-110]

2017 July New 312-50v9 Exam Dumps with PDF and VCE Free Updated in www.Braindump2go.com Today!

1.|2017 New 312-50v9 Exam Dumps (VCE & PDF) 589Q&As Download:
https://www.braindump2go.com/312-50v9.html

2.|2017 New 312-50v9 Exam Questions & Answers Download:
https://drive.google.com/drive/folders/0B75b5xYLjSSNWml5eng1ZVh6aHM?usp=sharing

QUESTION 101
What statement is true regarding LM hashes?

A.    LM hashes consist in 48 hexadecimal characters.
B.    LM hashes are based on AES128 cryptographic standard.
C.    Uppercase characters in the password are converted to lowercase.
D.    LM hashes are not generated when the password length exceeds 15 characters.

Answer: D

QUESTION 102
A developer for a company is tasked with creating a program that will allow customers to update their billing and shipping information. The billing address field used is limited to 50 characters. What pseudo code would the developer use to avoid a buffer overflow attack on the billing address field?

A.    if (billingAddress = 50) {update field} else exit
B.    if (billingAddress != 50) {update field} else exit
C.    if (billingAddress >= 50) {update field} else exit
D.    if (billingAddress <= 50) {update field} else exit

Answer: D

QUESTION 103
A security analyst in an insurance company is assigned to test a new web application that will be used by clients to help them choose and apply for an insurance plan. The analyst discovers that the application is developed in ASP scripting language and it uses MSSQL as a database backend. The analyst locates the application’s search form and introduces the following code in the search input field:
IMG SRC=vbscript:msgbox(“Vulnerable”);> originalAttribute=”SRC” originalPath=”vbscript:msgbox (“Vulnerable”);>”
When the analyst submits the form, the browser returns a pop-up window that says “Vulnerable”. Which web applications vulnerability did the analyst discover?

A.    Cross-site request forgery
B.    Command injection
C.    Cross-site scripting
D.    SQL injection

Answer: C
Explanation:

QUESTION 104
A security administrator notices that the log file of the company’s webserver contains suspicious entries:
 
Based on source code analysis, the analyst concludes that the login.php script is vulnerable to

A.    command injection.
B.    SQL injection.
C.    directory traversal.
D.    LDAP injection.

Answer: B

QUESTION 105
Which solution can be used to emulate computer services, such as mail and ftp, and to capture information related to logins or actions?

A.    Firewall
B.    Honeypot
C.    Core server
D.    Layer 4 switch

Answer: B

QUESTION 106
Which command lets a tester enumerate alive systems in a class C network via ICMP using native Windows tools?

A.    ping 192.168.2.
B.    ping 192.168.2.255
C.    for %V in (1 1 255) do PING 192.168.2.%V
D.    for /L %V in (1 1 254) do PING -n 1 192.168.2.%V | FIND /I “Reply”

Answer: D

QUESTION 107
What results will the following command yield: ‘NMAP -sS -O -p 123-153 192.168.100.3’?

A.    A stealth scan, opening port 123 and 153
B.    A stealth scan, checking open ports 123 to 153
C.    A stealth scan, checking all open ports excluding ports 123 to 153
D.    A stealth scan, determine operating system, and scanning ports 123 to 153

Answer: D

QUESTION 108
Which of the following parameters enables NMAP’s operating system detection feature?

A.    NMAP -sV
B.    NMAP -oS
C.    NMAP -sR
D.    NMAP -O

Answer: D

QUESTION 109
Which of the following open source tools would be the best choice to scan a network for potential targets?

A.    NMAP
B.    NIKTO
C.    CAIN
D.    John the Ripper

Answer: A

QUESTION 110
A hacker is attempting to see which IP addresses are currently active on a network. Which NMAP switch would the hacker use?

A.    -sO
B.    -sP
C.    -sS
D.    -sU

Answer: B


!!!RECOMMEND!!!

1.|2017 New 312-50v9 Exam Dumps (VCE & PDF) 589Q&As Download:
https://www.braindump2go.com/312-50v9.html

2.|2017 New 312-50v9 Study Guide Video:
https://youtu.be/U8B7_OOPx00