次の認定試験に速く合格する！

簡単に認定試験を準備し、学び、そして合格するためにすべてが必要だ。

会員センターカート (0)

312-50v8 無料問題集「EC-COUNCIL Certified Ethical Hacker v8」

ページ: 1 / 44
トータル 880 問

サインアップ、ログインされた後に、試験全体を無料で表示できるようになります。

質問 1

Which of the following is a primary service of the U.S. Computer Security Incident Response Team (CSIRT)?

（A）CSIRT provides a computer security surveillance service to supply a government with important intelligence information on individuals travelling abroad.

（B）CSIRT provides a vulnerability assessment service to assist law enforcement agencies with profiling an individual's property or company's asset.

（C）CSIRT provides an incident response service to enable a reliable and trusted single point of contact for reporting computer security incidents worldwide.

（D）CSIRT provides a penetration testing service to support exception reporting on incidents worldwide by individuals and multi-national corporations.

正解：C 解答を投票する

質問 2

A newly discovered flaw in a software application would be considered which kind of security vulnerability?

（A）Input validation flaw

（B）0-day vulnerability

（C）Time-to-check to time-to-use flaw

（D）HTTP header injection vulnerability

正解：B 解答を投票する

質問 3

What is the tool Firewalk used for?

（A）To test the webserver configuration

（B）To test a firewall for proper operation

（C）To test the IDS for proper operation

（D）To determine what rules are in place for a firewall

（E）Firewalk is a firewall auto configuration tool

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 4

If the final set of security controls does not eliminate all risk in a system, what could be done next?

（A）Continue to apply controls until there is zero risk.

（B）If the residual risk is low enough,it can be accepted.

（C）Remove current controls since they are not completely effective.

（D）Ignore any remaining risk.

正解：B 解答を投票する

質問 5

Diffie-Hellman (DH) groups determine the strength of the key used in the key exchange process. Which of the following is the correct bit size of the Diffie-Hellman (DH) group 5?

（A）1536 bit key

（B）768 bit key

（C）1025 bit key

（D）2048 bit key

正解：A 解答を投票する

質問 6

Which cipher encrypts the plain text digit (bit or byte) one by one?

（A）Block cipher

（B）Classical cipher

（C）Stream cipher

（D）Modern cipher

正解：C 解答を投票する

質問 7

A hacker, who posed as a heating and air conditioning specialist, was able to install a sniffer program in a switched environment network. Which attack could the hacker use to sniff all of the packets in the network?

（A）Fraggle

（B）Smurf

（C）Tear Drop

（D）MAC Flood

正解：D 解答を投票する

質問 8

Which NMAP command combination would let a tester scan every TCP port from a class C network that is blocking ICMP with fingerprinting and service detection?

（A）NMAP -PN -A -O -sS 192.168.2.0/24

（B）NMAP -P0 -A -sT -p0-65535 192.168.0/16

（C）NMAP -P0 -A -O -p1-65535 192.168.0/24

（D）NMAP -PN -O -sS -p 1-1024 192.168.0/8

正解：C 解答を投票する

質問 9

What are two things that are possible when scanning UDP ports? (Choose two.

（A）Nothing

（B）An ICMP message will be returned

（C）The four-way handshake will not be completed

（D）An RFC 1294 message will be returned

（E）A reset will be returned

正解：A、B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 10

Tess King is making use of Digest Authentication for her Web site. Why is this considered to be more secure than Basic authentication?

（A）Basic authentication is broken

（B）The password sent in clear text over the network is never reused.

（C）The password is never sent in clear text over the network

（D）It is based on Kerberos authentication protocol

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 11

What makes web application vulnerabilities so aggravating? (Choose two)

（A）They exist only on the Linux platform.

（B）They can be launched through an authorized port.

（C）They are detectable by most leading antivirus software.

（D）A firewall will not stop them.

正解：B、D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 12

This method is used to determine the Operating system and version running on a remote target system. What is it called?

（A）OS Fingerprinting

（B）Identification Scanning

（C）Service Degradation

（D）Manual Target System

正解：A 解答を投票する

質問 13

Ivan is auditing a corporate website. Using Winhex, he alters a cookie as shown below.
Before Alteration: Cookie: lang=en-us; ADMIN=no; y=1 ; time=10:30GMT ;
After Alteration: Cookie: lang=en-us; ADMIN=yes; y=1 ; time=12:30GMT ;
What attack is being depicted here?

（A）Parameter Manipulation

（B）Cookie Stealing

（C）Session Hijacking

（D）Cross Site Scripting

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 14

Fake Anti-Virus, is one of the most frequently encountered and persistent threats on the web. This malware uses social engineering to lure users into infected websites with a technique called Search Engine Optimization.
Once the Fake AV is downloaded into the user's computer, the software will scare them into believing their system is infected with threats that do not really exist, and then push users to purchase services to clean up the non-existent threats.
The Fake AntiVirus will continue to send these annoying and intrusive alerts until a payment is made.

What is the risk of installing Fake AntiVirus?

（A）Denial of Service attack will be launched against the infected computer crashing other machines on the connected network

（B）Victim's personally identifiable information such as billing address and credit card details,may be extracted and exploited by the attacker

（C）Once infected,the computer will be unable to boot and the Trojan will attempt to format the hard disk

（D）Victim's Operating System versions,services running and applications installed will be published on Blogs and Forums

正解：B 解答を投票する

質問 15

Which of the following guidelines or standards is associated with the credit card industry?

（A）Payment Card Industry Data Security Standards (PCI DSS)

（B）Control Objectives for Information and Related Technology (COBIT)

（C）Sarbanes-Oxley Act (SOX)

（D）Health Insurance Portability and Accountability Act (HIPAA)

正解：A 解答を投票する

質問 16

SNMP is a protocol used to query hosts, servers, and devices about performance or health status data. This protocol has long been used by hackers to gather great amount of information about remote hosts.
Which of the following features makes this possible? (Choose two)

（A）It uses community string that is transmitted in clear text.

（B）It is susceptible to sniffing.

（C）It used TCP as the underlying protocol.

（D）It is used by all network devices on the market.

正解：A、D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 17

Switches maintain a CAM Table that maps individual MAC addresses on the network to physical ports on the switch.

In MAC flooding attack, a switch is fed with many Ethernet frames, each containing different source MAC addresses, by the attacker. Switches have a limited memory for mapping various MAC addresses to physical ports. What happens when the CAM table becomes full?

（A）The switch replaces outgoing frame switch factory default MAC address of FF:FF:FF:FF:FF:FF

（B）The CAM overflow table will cause the switch to crash causing Denial of Service

（C）Every packet is dropped and the switch sends out SNMP alerts to the IDS port

（D）Switch then acts as hub by broadcasting packets to all machines on the network

正解：D 解答を投票する

質問 18

You are footprinting an organization and gathering competitive intelligence. You visit the company's website for contact information and telephone numbers but do not find them listed there. You know they had the entire staff directory listed on their website 12 months ago but now it is not there. Is there any way you can retrieve information from a website that is outdated?

（A）Crawl the entire website and store them into your computer

（B）Visit Google's search engine and view the cached copy

（C）Visit the company's partners and customers website for this information

（D）Visit Archive.org web site to retrieve the Internet archive of the company's website

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 19

What results will the following command yielD. 'NMAP -sS -O -p 123-153 192.168.100.3'?

（A）A stealth scan,determine operating system,and scanning ports 123 to 153

（B）A stealth scan,opening port 123 and 153

（C）A stealth scan,checking open ports 123 to 153

（D）A stealth scan,checking all open ports excluding ports 123 to 153

正解：A 解答を投票する

質問 20

If a token and 4-digit personal identification number (PIN) are used to access a computer system and the token performs off-line checking for the correct PIN, what type of attack is possible?

（A）Smurf

（B）Brute force

（C）Birthday

（D）Man-in-the-middle

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

ページ: 1 / 44
トータル 880 問

312-50v8 の機能をすべて解除する

キャプチャ不要
365日無料更新サービス
希望する合格率を設定できる
時間の割り当てられる（時間：分）
312-50v8 に2つの練習用モード
サポートサービス対応

完全版を入手する

弊社を連絡する

我々は１２時間以内ですべてのお問い合わせを答えます。

オンラインサポート時間：( UTC+9 ) 9:00-24:00
月曜日から土曜日まで

サポート：現在連絡

トップ試験

HPE0-J68 試験問題集
1Z0-902 試験問題集
Okta-Certified-Developer 試験問題集
312-76 試験問題集
312-82 試験問題集
ASIS-PCI 試験問題集

312-50v8 無料問題集「EC-COUNCIL Certified Ethical Hacker v8」

弊社を連絡する

関連リンク

トップ試験