312-50v13無料問題集「ECCouncil Certified Ethical Hacker Exam (CEHv13)」

質問 1

Ethical backer jane Doe is attempting to crack the password of the head of the it department of ABC company. She Is utilizing a rainbow table and notices upon entering a password that extra characters are added to the password after submitting. What countermeasure is the company using to protect against rainbow tables?

（A）Account lockout

（B）Password key hashing

（C）Password hashing

（D）Password salting

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 2

Which type of security feature stops vehicles from crashing through the doors of a building?

（A）Bollards

（B）Receptionist

（C）Mantrap

（D）Turnstile

正解：A 解答を投票する

質問 3

During the enumeration phase. Lawrence performs banner grabbing to obtain information such as OS details and versions of services running. The service that he enumerated runs directly on TCP port 445.
Which of the following services is enumerated by Lawrence in this scenario?

（A）Telnet

（B）Server Message Block (SMB)

（C）Remote procedure call (RPC)

（D）Network File System (NFS)

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 4

Which system consists of a publicly available set of databases that contain domain name registration contact information?

（A）WHOIS

（B）CAPTCHA

（C）IETF

（D）IANA

正解：A 解答を投票する

質問 5

Bill has been hired as a penetration tester and cyber security auditor for a major credit card company. Which information security standard is most applicable to his role?

（A）Sarbanes-OxleyAct

（B）PCI-DSS

（C）FISMA

（D）HITECH

正解：B 解答を投票する

質問 6

ViruXine.W32 virus hides their presence by changing the underlying executable code.
This Virus code mutates while keeping the original algorithm intact, the code changes itself each time it runs, but the function of the code (its semantics) will not change at all.

Here is a section of the Virus code:

What is this technique called?

（A）Metamorphic Virus

（B）Polymorphic Virus

（C）Dravidic Virus

（D）Stealth Virus

正解：B 解答を投票する

質問 7

DHCP snooping is a great solution to prevent rogue DHCP servers on your network. Which security feature on switchers leverages the DHCP snooping database to help prevent man-in-the-middle attacks?

（A）Dynamic ARP Inspection (DAI)

（B）Spanning tree

（C）Layer 2 Attack Prevention Protocol (LAPP)

（D）Port security

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 8

A technician is resolving an issue where a computer is unable to connect to the Internet using a wireless access point. The computer is able to transfer files locally to other machines, but cannot successfully reach the Internet. When the technician examines the IP address and default gateway they are both on the 192.168.1.0
/24. Which of the following has occurred?

（A）The gateway is not routing to a public IP address.

（B）The computer is using an invalid IP address.

（C）The computer is not using a private IP address.

（D）The gateway and the computer are not on the same network.

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 9

What is the known plaintext attack used against DES which gives the result that encrypting plaintext with one DES key followed by encrypting it with a second DES key is no more secure than using a single key?

（A）Man-in-the-middle attack

（B）Replay attack

（C）Traffic analysis attack

（D）Meet-in-the-middle attack

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 10

Heather's company has decided to use a new customer relationship management tool. After performing the appropriate research, they decided to purchase a subscription to a cloud-hosted solution. The only administrative task that Heather will need to perform is the management of user accounts. The provider will take care of the hardware, operating system, and software administration including patching and monitoring.
Which of the following is this type of solution?

（A）SaaS

（B）PasS

（C）IaaS

（D）CaaS

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 11

in an attempt to increase the security of your network, you Implement a solution that will help keep your wireless network undiscoverable and accessible only to those that know It. How do you accomplish this?

（A）Remove all passwords

（B）Lock all users

（C）Disable SSID broadcasting

（D）Delete the wireless network

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 12

What is the role of test automation in security testing?

（A）It is an option but it tends to be very expensive.

（B）Test automation is not usable in security due to the complexity of the tests.

（C）It can accelerate benchmark tests and repeat them with a consistent test setup. But it cannot replace manual testing completely.

（D）It should be used exclusively. Manual testing is outdated because of low speed and possible test setup inconsistencies.

正解：C 解答を投票する

質問 13

Security administrator John Smith has noticed abnormal amounts of traffic coming from local computers at night. Upon reviewing, he finds that user data have been exfilltrated by an attacker. AV tools are unable to find any malicious software, and the IDS/IPS has not reported on any non-whitelisted programs, what type of malware did the attacker use to bypass the company's application whitelisting?

（A）Phishing malware

（B）File-less malware

（C）Zero-day malware

（D）Logic bomb malware

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 14

George is a security professional working for iTech Solutions. He was tasked with securely transferring sensitive data of the organization between industrial systems. In this process, he used a short-range communication protocol based on the IEEE 203.15.4 standard. This protocol is used in devices that transfer data infrequently at a low rate in a restricted area, within a range of 10-100 m. What is the short-range wireless communication technology George employed in the above scenario?

（A）NB-IoT

（B）LPWAN

（C）MQTT

（D）Zigbee

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

312-50v13 無料問題集「ECCouncil Certified Ethical Hacker Exam (CEHv13)」

弊社を連絡する

関連リンク

トップ試験