Question 67

- (Topic 3)
You are scanning into the target network for the first time. You find very few conventional ports open. When you attempt to perform traditional service identification by connecting to the open ports, it yields either unreliable or no results. You are unsure of what protocols are being used. You need to discover as many different protocols as possible. Which kind of scan would you use to do this?

Correct Answer:A
Running Nmap with the –sO switch will do a IP Protocol Scan. The IP
protocol scan is a bit different than the other nmap scans. The IP protocol scan is searching for additional IP protocols in use by the remote station, such as ICMP, TCP, and UDP. If a router is scanned, additional IP protocols such as EGP or IGP may be identified.

Question 68

- (Topic 3)
Study the log below and identify the scan type.
tcpdump -vv host 192.168.1.10
17:34:45.802163 eth0 < 192> victim: ip-proto-117 0 (ttl 48, id 36166)
17:34:45.802216 eth0 < 192> victim: ip-proto-25 0 (ttl 48, id 33796)
17:34:45.802266 eth0 < 192> victim: ip-proto-162 0 (ttl 48, id 47066)
17:34:46.111982 eth0 < 192> victim: ip-proto-74 0 (ttl 48, id 35585)
17:34:46.112039 eth0 < 192> victim: ip-proto-117 0 (ttl 48, id 32834)
17:34:46.112092 eth0 < 192> victim: ip-proto-25 0 (ttl 48, id 26292)
17:34:46.112143 eth0 < 192> victim: ip-proto-162 0 (ttl 48, id 51058)
tcpdump -vv -x host 192.168.1.10
17:35:06.731739 eth0 < 192> victim: ip-proto-130 0 (ttl 59, id 42060) 4500
0014 a44c 0000 3b82 57b8 c0a8 010a c0a8 0109 0000 0000 0000 0000 0000 0000 0000
0000 0000 0000 0000 0000 0000

Correct Answer:D

Question 69

- (Topic 23)
Pandora is used to attack network operating systems.

Correct Answer:D
While there are not lots of tools available to attack Netware, Pandora is one that can be used.

Question 70

- (Topic 5)
You are the IT Manager of a large legal firm in California. Your firm represents many important clients whose names always must remain anonymous to the public. Your boss, Mr. Smith is always concerned about client information being leaked or revealed to the pres or public. You have just finished a complete security overhaul of your information system including an updated IPS, new firewall, email encryption and employee security awareness training. Unfortunately, many of your firm’s clients do not trust technology to completely secure their information, so couriers routinely have to travel back and forth to and from the office with sensitive information.
Your boss has charged you with figuring out how to secure the information the couriers must transport. You propose that the data be transferred using burned CD’s or USB flash drives. You initially think of encrypting the files, but decide against that method for fear the encryption keys could eventually be broken.
What software application could you use to hide the data on the CD’s and USB flash drives?

Correct Answer:A
The Snow software developed by Matthew Kwan will insert extra spaces at the end of each line. Three bits are encoded in each line by adding between 0 and 7 spaces that are ignored by most display programs including web browsers.

Question 71

- (Topic 1)
The United Kingdom (UK) he passed a law that makes hacking into an unauthorized network a felony.
The law states:
Section1 of the Act refers to unauthorized access to computer material. This states that a person commits an offence if he causes a computer to perform any function with intent to secure unauthorized access to any program or data held in any computer. For a successful conviction under this part of the Act, the prosecution must prove that the access secured is unauthorized and that the suspect knew that this was the case. This section is designed to deal with common-or-graden hacking.
Section 2 of the deals with unauthorized access with intent to commit or facilitate the commission of further offences. An offence is committed under Section 2 if a Section 1 offence has been committed and there is the intention of committing or facilitating a further offense (any offence which attacks a custodial sentence of more than five years, not necessarily one covered but the Act). Even if it is not possible to prove the intent to commit the further offence, the Section 1 offence is still committed.
Section 3 Offences cover unauthorized modification of computer material, which generally means the creation and distribution of viruses. For conviction to succeed there must have been the intent to cause the modifications and knowledge that the modification had not been authorized
What is the law called?

Correct Answer:A
Computer Misuse Act (1990) creates three criminal offences:
✑ Unauthorised access to computer material
✑ Unauthorised access to a computer system with intent to commit or facilitate the commission of a further offence
✑ Unauthorised modification of computer material

Question 72

- (Topic 3)
____ is an automated vulnerability assessment tool.

Correct Answer:C
Nessus is a vulnerability assessment tool.

START 312-50 EXAM