Free 312-50v13 Exam Dumps

Question 151

- (Topic 3)
An attacker can employ many methods to perform social engineering against unsuspecting employees, including scareware.
What is the best example of a scareware attack?

A. A pop-up appears to a user stating, "You have won a free cruise! Click here to claim your prize!"
B. A banner appears to a user stating, "Your account has been locke
C. Click here to reset your password and unlock your account."
D. A banner appears to a user stating, "Your Amazon order has been delaye
E. Click here to find out your new delivery date."
F. A pop-up appears to a user stating, "Your computer may have been infected with spywar
G. Click here to install an anti-spyware tool to resolve this issue."

Correct Answer:D

Question 152

- (Topic 1)
Under what conditions does a secondary name server request a zone transfer from a primary name server?

A. When a primary SOA is higher that a secondary SOA
B. When a secondary SOA is higher that a primary SOA
C. When a primary name server has had its service restarted
D. When a secondary name server has had its service restarted
E. When the TTL falls to zero

Correct Answer:A

Question 153

- (Topic 3)
Lewis, a professional hacker, targeted the loT cameras and devices used by a target venture-capital firm. He used an information-gathering tool to collect information about the loT devices connected to a network, open ports and services, and the attack surface area. Using this tool, he also generated statistical reports on broad usage patterns and trends. This tool helped Lewis continually monitor every reachable server and device on the Internet, further allowing him to exploit these devices in the network. Which of the following tools was employed by Lewis in the above scenario?

A. Censys
B. Wapiti
C. NeuVector
D. Lacework

Correct Answer:A
Censys scans help the scientific community accurately study the Internet. The data is sometimes used to detect security problems and to inform operators of vulnerable systems so that they can fixed

Question 154

- (Topic 2)
When a security analyst prepares for the formal security assessment - what of the following should be done in order to determine inconsistencies in the secure assets database and verify that system is compliant to the minimum security baseline?

A. Data items and vulnerability scanning
B. Interviewing employees and network engineers
C. Reviewing the firewalls configuration
D. Source code review

Correct Answer:A

Question 155

- (Topic 3)
Sarah, a system administrator, was alerted of potential malicious activity on the network of her company. She discovered a malicious program spread through the instant messenger application used by her team. The attacker had obtained access to one of her teammate's messenger accounts and started sending files across the contact list. Which best describes the attack scenario and what measure could have prevented it?

A. Instant Messenger Applications; verifying the sender's identity before opening any files
B. Insecure Patch Management; updating application software regularly
C. Rogue/Decoy Applications; ensuring software is labeled as TRUSTED
D. Portable Hardware Media/Removable Devices; disabling Autorun functionality

Correct Answer:A
The attack scenario is best described as Instant Messenger Applications, and the measure that could have prevented it is verifying the sender??s identity before opening any files. Instant Messenger Applications are communication tools that allow users to exchange text, voice, video, and file messages in real time. However, they can also be used as attack vectors for spreading malware, such as viruses, worms, or Trojans, by exploiting the trust and familiarity between the users. In this scenario, the attacker compromised one of the team member??s messenger account and used it to send malicious files to the other team members, who may have opened them without suspicion, thus infecting their systems. This type of attack is also known as an instant messaging worm12. To prevent this type of attack, the users should verify the sender??s identity before opening any files sent through instant messenger applications. This can be done by checking the sender??s profile, asking for confirmation, or using a secure channel. Additionally, the users should also follow other security tips, such as using strong passwords, updating the application software, scanning the files with antivirus software, and reporting any suspicious activity34. References:
✑ 1: Instant Messaging Worm - Techopedia
✑ 2: Cybersecurity??s Silent Foe: A Comprehensive Guide to Computer Worms | Silent Quadrant
✑ 3: Instant Messenger Hacks: 10 Security Tips to Protect Yourself - MUO
✑ 4: Increased phishing attacks on instant messaging platforms: how to prevent them | Think Digital Partners