312-50v8無料問題集「EC-COUNCIL Certified Ethical Hacker v8」

質問 1

What happens during a SYN flood attack?

（A）A TCP packet is received with the FIN bit set but with no ACK bit set in the flags field.

（B）A TCP packet is received with both the SYN and the FIN bits set in the flags field.

（C）TCP connection requests floods a target machine is flooded with randomized source address & ports for the TCP ports.

（D）A TCP SYN packet,which is a connection initiation,is sent to a target machine,giving the target host's address as both source and destination,and is using the same port on the target host as both source and destination.

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 2

Michael is a junior security analyst working for the National Security Agency (NSA) working primarily on breaking terrorist encrypted messages. The NSA has a number of methods they use to decipher encrypted messages including Government Access to Keys (GAK) and inside informants. The NSA holds secret backdoor keys to many of the encryption algorithms used on the Internet. The problem for the NSA, and Michael, is that terrorist organizations are starting to use custom-built algorithms or obscure algorithms purchased from corrupt governments. For this reason, Michael and other security analysts like him have been forced to find different methods of deciphering terrorist messages. One method that Michael thought of using was to hide malicious code inside seemingly harmless programs. Michael first monitors sites and bulletin boards used by known terrorists, and then he is able to glean email addresses to some of these suspected terrorists. Michael then inserts a stealth keylogger into a mapping program file readme.txt and then sends that as an attachment to the terrorist. This keylogger takes screenshots every 2 minutes and also logs all keyboard activity into a hidden file on the terrorist's computer. Then, the keylogger emails those files to Michael twice a day with a built in SMTP server. What technique has Michael used to disguise this keylogging software?

（A）Wrapping

（B）ADS

（C）Hidden Channels

（D）Steganography

正解：B 解答を投票する

質問 3

Which element of Public Key Infrastructure (PKI) verifies the applicant?

（A）Verification authority

（B）Validation authority

（C）Registration authority

（D）Certificate authority

正解：C 解答を投票する

質問 4

"Testing the network using the same methodologies and tools employed by attackers" Identify the correct terminology that defines the above statement.

（A）Designing Network Security

（B）Penetration Testing

（C）Vulnerability Scanning

（D）Security Policy Implementation

正解：B 解答を投票する

質問 5

How does an operating system protect the passwords used for account logins?

（A）The operating system encrypts the passwords,and decrypts them when needed.

（B）The operating system stores all passwords in a protected segment of non-volatile memory.

（C）The operating system stores the passwords in a secret file that users cannot find.

（D）The operating system performs a one-way hash of the passwords.

正解：D 解答を投票する

質問 6

While footprinting a network, what port/service should you look for to attempt a zone transfer?

（A）60 TCP

（B）25 UDP

（C）25 TCP

（D）53 TCP

（E）22 TCP

（F）161 UDP

（G）53 UDP

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 7

What results will the following command yielD. 'NMAP -sS -O -p 123-153 192.168.100.3'?

（A）A stealth scan,determine operating system,and scanning ports 123 to 153

（B）A stealth scan,opening port 123 and 153

（C）A stealth scan,checking open ports 123 to 153

（D）A stealth scan,checking all open ports excluding ports 123 to 153

正解：A 解答を投票する

質問 8

What is the problem with this ASP script (login.asp)?

（A）The ASP script is vulnerable to Cross Site Scripting attack

（B）The ASP script is vulnerable to XSS attack

（C）The ASP script is vulnerable to Session Splice attack

（D）The ASP script is vulnerable to SQL Injection attack

正解：D 解答を投票する

質問 9

Sandra has been actively scanning the client network on which she is doing a vulnerability assessment test. While conducting a port scan she notices open ports in the range of 135 to 139. What protocol is most likely to be listening on those ports?

（A）SMB

（B）FTP

（C）Samba

（D）Finger

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 10

What does a type 3 code 13 represent?(Choose two.

（A）Network unreachable

（B）Time exceeded

（C）Administratively prohibited

（D）Echo request

（E）Port unreachable

（F）Destination unreachable

正解：C、F 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 11

Which of the following type of scanning utilizes automated process of proactively identifying vulnerabilities of the computing systems present on a network?

（A）Port Scanning

（B）Single Scanning

（C）External Scanning

（D）Vulnerability Scanning

正解：D 解答を投票する

質問 12

Which of the following wireless technologies can be detected by NetStumbler? (Select all
that apply)

（A）802.11e

（B）802.11

（C）802.11b

（D）802.11a

（E）802.11g

正解：C、D、E 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 13

You perform the above traceroute and notice that hops 19 and 20 both show the same IP address.

This probably indicates what?

（A）A Honeypot

（B）A host based IDS

（C）An application proxying firewall

（D）A stateful inspection firewall

正解：D 解答を投票する

質問 14

A circuit level gateway works at which of the following layers of the OSI Model?

（A）Layer 5 - Application

（B）Layer 3 - Internet protocol

（C）Layer 2 - Data link

（D）Layer 4 - TCP

正解：D 解答を投票する

質問 15

You are doing IP spoofing while you scan your target. You find that the target has port 23 open. Anyway you are unable to connect. Why?

（A）A firewall is blocking port 23

（B）You need an automated telnet tool

（C）You cannot spoof + TCP

（D）The OS does not reply to telnet even if port 23 is open

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 16

Which of the following items is unique to the N-tier architecture method of designing software applications?

（A）It is compatible with various databases including Access,Oracle,and SQL.

（B）Data security is tied into each layer and must be updated for all layers when any upgrade is performed.

（C）Application layers can be written in C,ASP.NET,or Delphi without any performance loss.

（D）Application layers can be separated,allowing each layer to be upgraded independently from other layers.

正解：D 解答を投票する

質問 17

Bill has successfully executed a buffer overflow against a Windows IIS web server. He has been able to spawn an interactive shell and plans to deface the main web page. He first attempts to use the "echo" command to simply overwrite index.html and remains unsuccessful. He then attempts to delete the page and achieves no progress. Finally, he tries to overwrite it with another page in which also he remains unsuccessful. What is the probable cause of Bill's problem?

（A）The HTML file has permissions of read only

（B）There is a problem with the shell and he needs to run the attack again

（C）You cannot use a buffer overflow to deface a web page

（D）The system is a honeypot

正解：A 解答を投票する

質問 18

A security engineer is attempting to map a company's internal network. The engineer enters in the following NMAP commanD.
NMAP -n -sS -P0 -p 80 ***.***.**.**
What type of scan is this?

（A）Quick scan

（B）Intense scan

（C）Comprehensive scan

（D）Stealth scan

正解：D 解答を投票する

312-50v8 無料問題集「EC-COUNCIL Certified Ethical Hacker v8」

弊社を連絡する

関連リンク

トップ試験