312-50v9無料問題集「EC-COUNCIL Certified Ethical Hacker v9」

質問 1

During a recent security assessment, you discover the organization has one Domain Name Server (DNS) in a Demilitarized Zone (DMZ) and a second DNS server on the internal Network.
What is this type of DNS configuration commonly called?

（A）DNSSEC

（B）DNS Scheme

（C）Split DNS

（D）DynDNS

正解：C 解答を投票する

質問 2

Which of the following is the structure designed to verify and authenticate the identity of individuals within the enterprise taking part in a data exchange?

（A）SOA

（B）PKI

（C）single sign on

（D）biometrics

正解：B 解答を投票する

質問 3

During a security audit of IT processes, an IS auditor found that there was no documented security procedures. What should the IS auditor do?

（A）Identify and evaluate existing practices.

（B）Terminate the audit.

（C）Conduct compliance testing

（D）Create a procedures document

正解：A 解答を投票する

質問 4

Which of the following parameters describe LM Hash:
I - The maximum password length is 14 characters.
II - There are no distinctions between uppercase and lowercase.
III - It's a simple algorithm, so 10,000,000 hashes can be generated per second.

（A）I and II

（B）II

（C）I, II and III

（D）I

正解：C 解答を投票する

質問 5

Which of the following isthe greatest threat posed by backups?

（A）A back is incomplete because no verification was performed.

（B）An un-encrypted backup can be misplaced or stolen

（C）A backup is the source of Malware or illicit information.

（D）A backup is unavailable duringdisaster recovery.

正解：B 解答を投票する

質問 6

The "Gray box testing" methodology enforces what kind of restriction?

（A）Only the internal operation of a system is known to the tester.

（B）The internal operation of a system is only partly accessible to the tester.

（C）Only the external operation of a system is accessible to the tester.

（D）The internal operation of a system is completely known to the tester.

正解：B 解答を投票する

質問 7

Which of the following is designed to indentify malicious attempts to penetrate systems?

（A）Firewall

（B）Intrusion Detection System

（C）Router

（D）Proxy

正解：B 解答を投票する

質問 8

Which regulationdefines security and privacy controls for Federal information systems and organizations?

（A）PCI-DSS

（B）NIST-800-53

（C）HIPAA

（D）EU Safe Harbor

正解：B 解答を投票する

質問 9

When you return to your desk after a lunch break, you notice a strange email in your inbox. The senders is someone you did business with recently but the subject line has strange characters in it.
What should you do?

（A）Delete the email and pretend nothing happened.

（B）Forward the message to your company's security response team and permanently delete the message from your computer.

（C）Reply to the sender and ask them for more information about the message contents.

（D）Forward the message to your supervisor andask for her opinion on how to handle the situation.

正解：B 解答を投票する

質問 10

Your company was hired by a small healthcare provider to perform a technical assessment on the network.
What is the best approach for discovering vulnerabilities on a Windows-based computer?

（A）Use the built-in Windows Update tool

（B）Used a scan tool like Nessus

（C）Check MITRE.org for the latest list of CVE findings

（D）Create a disk imageof a clean Windows installation

正解：B 解答を投票する

312-50v9 無料問題集「EC-COUNCIL Certified Ethical Hacker v9」

弊社を連絡する

関連リンク

トップ試験