312-50v8 무료 덤프문제 온라인 액세스

Bill is a security analyst for his company.
All the switches used in the company's office are Cisco switches.
Bill wants to make sure all switches are safe from ARP poisoning.
How can Bill accomplish this?

• A.Bill can use the command: ip dhcp snooping.
• B.He could use the command: ip arp no snoop.
• C.Bill can use the command: no ip snoop.
• D.Bill could use the command: ip arp no flood.

A tester has been hired to do a web application security test. The tester notices that the site is dynamic and must make use of a back end database.
In order for the tester to see if SQL injection is possible, what is the first character that the
tester should use to attempt breaking a valid SQL request?

• A.Exclamation mark
• B.Single quote
• C.Double quote
• D.Semicolon

While reviewing the result of scanning run against a target network you come across the following:

Which among the following can be used to get this output?

• A.A sniffer
• B.A Bo2k system query.
• C.nmap protocol scan
• D.An SNMP walk

The network administrator at Spears Technology, Inc has configured the default gateway Cisco router's access-list as below:

You are hired to conduct security testing on their network. You successfully brute-force the SNMP community string using a SNMP crack tool. The access-list configured at the router prevents you from establishing a successful connection. You want to retrieve the Cisco configuration from the router. How would you proceed?

• A.Run a network sniffer and capture the returned traffic with the configuration file from the router
• B.Send a customized SNMP set request with a spoofed source IP address in the range 192.168.1.0
• C.Use the Cisco's TFTP default password to connect and download the configuration file
• D.Run Generic Routing Encapsulation (GRE) tunneling protocol from your computer to the router masking your IP address

A penetration tester is hired to do a risk assessment of a company's DMZ. The rules of engagement states that the penetration test be done from an external IP address with no prior knowledge of the internal IT systems. What kind of test is being performed?

• A.red box
• B.white box
• C.black box
• D.grey box