Online Access Free 312-50v13 Practice Test

ViruXine.W32 virus hides its presence by changing the underlying executable code. This virus code mutates while keeping the original algorithm intact - the code changes itself each time it runs, but the function of the code (its semantics) does not change at all.

Here is a section of the virus code (refer to image), where the loop performs XOR encryption and changes the way the code looks every time it is executed.

What is this technique called?

• A.Polymorphic Virus
• B.Metamorphic Virus
• C.Dravidic Virus
• D.Stealth Virus

You're the security manager for a tech company that uses a database to store sensitive customer data. You have implemented countermeasures against SQL injection attacks. Recently, you noticed some suspicious activities and suspect an attacker is using SQL injection techniques. The attacker is believed to use different forms of payloads in his SQL queries. In the case of a successful SQL injection attack, which of the following payloads would have the most significant impact?

• A.'OR username LIKE '%: This payload uses the LIKE operator to search for a specific pattern in a column
• B.OR 'a'='a; DROP TABLE members; --: This payload combines the manipulation of the WHERE clausewith a destructive action, causing data loss
• C.UNION SELECT NULL, NULL, NULL -- : This payload manipulates the UNION SQL operator, enabling the attacker to retrieve data from different database tables
• D.'OR 'T="1: This payload manipulates the WHERE clause of an SQL statement, allowing the attacker to view unauthorized data

If you send a TCP ACK segment to a known closed port on a firewall but it does not respond with an RST, what do you know about the firewall you are scanning?

• A.There is no firewall in place.
• B.This event does not tell you anything about the firewall.
• C.It is a stateful firewall
• D.It is a non-stateful firewall.

What useful information is gathered during a successful Simple Mail Transfer Protocol (SMTP) enumeration?

• A.Reveals the daily outgoing message limits before mailboxes are locked
• B.The two internal commands VRFY and EXPN provide a confirmation of valid users, email addresses, aliases, and mailing lists.
• C.A list of all mail proxy server addresses used by the targeted host
• D.The internal command RCPT provides a list of ports open to message traffic.

A well-resourced attacker intends to launch a highly disruptive DDoS attack against a major online retailer.
The attacker aims to exhaust all the network resources while keeping their identity concealed. Their method should be resistant to simple defensive measures such as IP-based blocking. Based on these objectives, which of the following attack strategies would be most effective?

• A.The attacker should execute a simple ICMP flood attack from a single IP, exploiting the retailer's ICMP processing
• B.The attacker should leverage a botnet to launch a Pulse Wave attack, sending high-volume traffic pulses at regular intervals
• C.The attacker should instigate a protocol-based SYN flood attack, consuming connection state tables on the retailer's servers
• D.The attacker should initiate a volumetric flood attack using a single compromised machine to overwhelm the retailer's network bandwidth