312-50v8無料問題集「EC-COUNCIL Certified Ethical Hacker v8」

質問 1

Which type of intrusion detection system can monitor and alert on attacks, but cannot stop them?

（A）Passive

（B）Reactive

（C）Intuitive

（D）Detective

正解：A 解答を投票する

質問 2

Pandora is used to attack __________ network operating systems.

（A）Linux

（B）Windows

（C）MAC OS

（D）UNIX

（E）Netware

正解：E 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 3

More sophisticated IDSs look for common shellcode signatures. But even these systems can be bypassed, by using polymorphic shellcode. This is a technique common among virus writers ?it basically hides the true nature of the shellcode in different disguises.
How does a polymorphic shellcode work?

（A）They convert the shellcode into Unicode,using loader to convert back to machine code then executing them

（B）They reverse the working instructions into opposite order by masking the IDS signatures

（C）They compress shellcode into normal instructions,uncompress the shellcode using loader code and then executing the shellcode

（D）They encrypt the shellcode by XORing values over the shellcode,using loader code to decrypt the shellcode,and then executing the decrypted shellcode

正解：D 解答を投票する

質問 4

This tool is widely used for ARP Poisoning attack. Name the tool.

（A）Webarp Infector

（B）Poison Ivy

（C）Cain and Able

（D）Beat Infector

正解：C 解答を投票する

質問 5

A penetration tester is conducting a port scan on a specific host. The tester found several ports opened that were confusing in concluding the Operating System (OS) version installed. Considering the NMAP result below, which of the following is likely to be installed on the target machine by the OS?
Starting NMAP 5.21 at 2011-03-15 11:06 NMAP scan report for 172.16.40.65 Host is up (1.00s latency). Not shown: 993 closed ports PORT STATE SERVICE 21/tcp open ftp 23/tcp open telnet 80/tcp open http 139/tcp open netbios-ssn 515/tcp open 631/tcp open ipp 9100/tcp open MAC Address: 00:00:48:0D:EE:89

（A）The host is likely a router.

（B）The host is likely a printer.

（C）The host is likely a Windows machine.

（D）The host is likely a Linux machine.

正解：B 解答を投票する

質問 6

Which of the following is the best way an attacker can passively learn about technologies used in an organization?

（A）By searching regional newspapers and job databases for skill sets technology hires need to possess in the organization

（B）By performing a port scan on the organization's web site

（C）By webcrawling the organization web site

（D）By sending web bugs to key personnel

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 7

Information gathered from social networking websites such as Facebook, Twitter and
LinkedIn can be used to launch which of the following types of attacks? (Choose two.)

（A）SQL injection attack

（B）Phishing attack

（C）Distributed denial of service attack

（D）Smurf attack

（E）Fraggle attack

（F）Social engineering attack

正解：B、F 解答を投票する

質問 8

Which of the following best describes session key creation in SSL?

（A）It is created by the server after verifying theuser's identity

（B）It is created by the client from the server's public key

（C）It is created by the client after verifying the server's identity

（D）It is created by the server upon connection by the client

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 9

What is Form Scalpel used for?

（A）Analysis of Access Database Forms

（B）Dissecting SQL Forms

（C）Dissecting HTML Forms

（D）Quatro Pro Analysis Tool

（E）Troubleshooting Netscape Navigator

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 10

What is the essential difference between an 'Ethical Hacker' and a 'Cracker'?

（A）The ethical hacker does not use the same techniques or skills as a cracker.

（B）The ethical hacker does it strictly for financial motives unlike a cracker.

（C）The ethical hacker has authorization from the owner of the target.

（D）The ethical hacker is just a cracker who is getting paid.

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 11

Which command line switch would be used in NMAP to perform operating system detection?

（A）-sO

（B）-sP

（C）-OS

（D）-O

正解：D 解答を投票する

質問 12

In the context of password security: a simple dictionary attack involves loading a dictionary file (a text file full of dictionary words) into a cracking application such as L0phtCrack or John the Ripper, and running it against user accounts located by the application. The larger the word and word fragment selection, the more effective the dictionary attack is. The brute force method is the most inclusive - though slow. Usually, it tries every possible letter and number combination in its automated exploration. If you would use both brute force and dictionary combined together to have variations of words, what would you call such an attack?

（A）Hybrid Attack

（B）BruteDict Attack

（C）Full Blown Attack

（D）Thorough Attack

正解：A 解答を投票する

312-50v8 無料問題集「EC-COUNCIL Certified Ethical Hacker v8」

弊社を連絡する

関連リンク

トップ試験