212-82 無料問題集「ECCouncil Certified Cybersecurity Technician」
Miguel, a professional hacker, targeted an organization to gain illegitimate access to its critical information.
He identified a flaw in the end-point communication that can disclose the target application's data.
Which of the following secure application design principles was not met by the application in the above scenario?
He identified a flaw in the end-point communication that can disclose the target application's data.
Which of the following secure application design principles was not met by the application in the above scenario?
正解:B
解答を投票する
解説: (JPNTest メンバーにのみ表示されます)
Martin, a network administrator at an organization, received breaching alerts for an application. He identified that a vulnerability in the application allowed attackers to enter malicious input. Martin evaluated the threat severity and extent of damage that could be caused by this vulnerability. He then escalated the issue to the security management team to determine appropriate mitigation strategies. In which of the following threat-modeling steps did Martin evaluate the severity level of the threat?
正解:C
解答を投票する
解説: (JPNTest メンバーにのみ表示されます)
Myles, a security professional at an organization, provided laptops for all the employees to carry out the business processes from remote locations. While installing necessary applications required for the business, Myles has also installed antivirus software on each laptop following the company's policy to detect and protect the machines from external malicious events over the Internet.
Identify the PCI-DSS requirement followed by Myles in the above scenario.
Identify the PCI-DSS requirement followed by Myles in the above scenario.
正解:B
解答を投票する
解説: (JPNTest メンバーにのみ表示されます)
A John-the-Ripper hash dump of an FTP server's login credentials is stored as "target-file" on the Desktop of Attacker Machine-2. Crack the password hashes in the file to recover the login credentials of the FTP server.
The FTP root directory hosts an exploit file. Read the exploit file and enter the name of the exploit's author as the answer. Hint: Not all the credentials will give access to the FTP. (Practical Question)
The FTP root directory hosts an exploit file. Read the exploit file and enter the name of the exploit's author as the answer. Hint: Not all the credentials will give access to the FTP. (Practical Question)
正解:D
解答を投票する
解説: (JPNTest メンバーにのみ表示されます)
Ashton is working as a security specialist in SoftEight Tech. He was instructed by the management to strengthen the Internet access policy. For this purpose, he implemented a type of Internet access policy that forbids everything and imposes strict restrictions on all company computers, whether it is system or network usage.
Identify the type of Internet access policy implemented by Ashton in the above scenario.
Identify the type of Internet access policy implemented by Ashton in the above scenario.
正解:D
解答を投票する
解説: (JPNTest メンバーにのみ表示されます)
Wilson, a security specialist in an organization, was instructed to enhance its cloud network security. To achieve this, Wilson deployed a network routing solution that established and managed communication between the on-premises consumer network and VPCs via a centralized unit. Identity the method used by Wilson to achieve cloud network security in this scenario.
正解:B
解答を投票する
解説: (JPNTest メンバーにのみ表示されます)
A software company develops new software products by following the best practices for secure application development. Dawson, a software analyst, is responsible for checking the performance of applications in the client's network to determine any issue faced by end users while accessing the application.
Which of the following tiers of the secure application development lifecycle involves checking the application performance?
Which of the following tiers of the secure application development lifecycle involves checking the application performance?
正解:D
解答を投票する
解説: (JPNTest メンバーにのみ表示されます)
You are working as a Security Consultant for a top firm named Beta Inc.
Being a Security Consultant, you are called in to assess your company's situation after a ransomware attack that encrypts critical data on Beta Inc. servers. What is the MOST critical action you have to take immediately after identifying the attack?
Being a Security Consultant, you are called in to assess your company's situation after a ransomware attack that encrypts critical data on Beta Inc. servers. What is the MOST critical action you have to take immediately after identifying the attack?
正解:C
解答を投票する
解説: (JPNTest メンバーにのみ表示されます)
Gideon, a forensic officer, was examining a victim's Linux system suspected to be involved in online criminal activities. Gideon navigated to a directory containing a log file that recorded information related to user login/logout. This information helped Gideon to determine the current login state of cyber criminals in the victim system, identify the Linux log file accessed by Gideon in this scenario.
正解:A
解答を投票する
解説: (JPNTest メンバーにのみ表示されます)
Brielle. a security professional, was instructed to secure her organization's network from malicious activities.
To achieve this, she started monitoring network activities on a control system that collected event data from various sources. During this process. Brielle observed that a malicious actor had logged in to access a network device connected to the organizational network. Which of the following types of events did Brielle identify in the above scenario?
To achieve this, she started monitoring network activities on a control system that collected event data from various sources. During this process. Brielle observed that a malicious actor had logged in to access a network device connected to the organizational network. Which of the following types of events did Brielle identify in the above scenario?
正解:B
解答を投票する
解説: (JPNTest メンバーにのみ表示されます)