Free 312-50v13 Exam Dumps

Question 61

- (Topic 1)
Which system consists of a publicly available set of databases that contain domain name registration contact information?

A. WHOIS
B. CAPTCHA
C. IANA
D. IETF

Correct Answer:A

Question 62

- (Topic 3)
An ethical hacker is testing the security of a website's database system against SQL Injection attacks. They discover that the IDS has a strong signature detection mechanism to detect typical SQL injection patterns.
Which evasion technique can be most effectively used to bypass the IDS signature detection while performing a SQL Injection attack?

A. Implement case variation by altering the case of SQL statements
B. Employ IP fragmentation to obscure the attack payload
C. Use Hex encoding to represent the SQL query string
D. Leverage string concatenation to break identifiable keywords

Correct Answer:D
The most effective evasion technique to bypass the IDS signature detection while performing a SQL Injection attack is to leverage string concatenation to break identifiable keywords. This technique involves splitting SQL keywords or operators into smaller parts and joining them with string concatenation operators, such as ??+?? or ??||??. This way, the SQL query can still be executed by the database engine, but the IDS cannot recognize the keywords or operators as malicious, as they are hidden within strings. For example, the hacker could replace the keyword ??OR?? with ??O??||??R?? or ??O??+??R?? in the SQL query, and the IDS would not be able to match the signature of a typical SQL injection pattern12.
The other options are not as effective as option D for the following reasons:
✑ A. Implement case variation by altering the case of SQL statements: This option is not effective because most SQL engines and IDS systems are case-insensitive, meaning that they treat SQL keywords and operators the same regardless of their case. Therefore, altering the case of SQL statements would not help evade the IDS signature detection, as the IDS would still be able to match the signature of a typical SQL injection pattern3.
✑ B. Employ IP fragmentation to obscure the attack payload: This option is not applicable because IP fragmentation is a network-level technique that splits IP packets into smaller fragments to fit the maximum transmission unit (MTU) of the network. IP fragmentation does not affect the content or structure of the SQL query, and it does not help evade the IDS signature detection, as the IDS would still be able to reassemble the fragments and match the signature of a typical SQL injection pattern4.
✑ C. Use Hex encoding to represent the SQL query string: This option is not feasible because Hex encoding is a method of representing binary data in hexadecimal format, such as ??0x41?? for ??A??. Hex encoding does not work for SQL queries, as the SQL engine would not be able to interpret the hexadecimal values as valid SQL syntax. Moreover, Hex encoding would not help evade the IDS signature detection, as the IDS would still be able to decode the hexadecimal values and match the signature of a typical SQL injection pattern.
References:
✑ 1: SQL Injection Evasion Detection - F5
✑ 2: Mastering SQL Injection with SQLmap: A Comprehensive Evasion Techniques Cheatsheet
✑ 3: SQL Injection Prevention - OWASP Cheat Sheet Series
✑ 4: IP Fragmentation - an overview | ScienceDirect Topics
✑ : Hex Encoding - an overview | ScienceDirect Topics

Question 63

- (Topic 1)
Susan has attached to her company's network. She has managed to synchronize her boss's sessions with that of the file server. She then intercepted his traffic destined for the server, changed it the way she wanted to and then placed it on the server in his home directory.
What kind of attack is Susan carrying on?

A. A sniffing attack
B. A spoofing attack
C. A man in the middle attack
D. A denial of service attack

Correct Answer:C

Question 64

- (Topic 1)
To determine if a software program properly handles a wide range of invalid input, a form of automated testing can be used to randomly generate invalid input in an attempt to crash the program.
What term is commonly used when referring to this type of testing?

A. Randomizing
B. Bounding
C. Mutating
D. Fuzzing

Correct Answer:D

Question 65

- (Topic 2)
Alice needs to send a confidential document to her coworker. Bryan. Their company has public key infrastructure set up. Therefore. Alice both encrypts the message and digitally signs it. Alice uses to encrypt the message, and Bryan uses to confirm the digital signature.

A. Bryan??s public key; Bryan??s public key
B. Alice??s public key; Alice??s public key
C. Bryan??s private key; Alice??s public key
D. Bryan??s public key; Alice??s public key

Correct Answer:D
PKI uses public-key cryptography, which is widely used on the Internet to encrypt messages or authenticate message senders. In public-key cryptography, a CA generates public and private keys with the same algorithm simultaneously. The private key is held only by the subject (user, company, or system) mentioned in the certificate, while the public key is made publicly available in a directory that all parties can access. The subject keeps the private key secret and uses it to decrypt the text encrypted by someone else using the corresponding public key (available in a public directory). Thus, others encrypt messages for the user with the user's public key, and the user decrypts it with his/her private key.