312-50v9無料問題集「EC-COUNCIL Certified Ethical Hacker v9」

質問 1

Which of the following is component of a risk assessment?

（A）Administrative safeguards

（B）Physical security

（C）DMZ

（D）Logical interface

正解：A 解答を投票する

質問 2

Ricardo wants to send secret messages to acompetitor company. To secure these messages, he uses a technique of hiding a secret message within an ordinary message, the technique provides 'security through obscurity'. What technique is Ricardo using?

（A）RSA algorithm

（B）Public-key cryptography

（C）Steganography

（D）Encryption

正解：C 解答を投票する

質問 3

You are tasked to perform a penetration test. While you are performinginformation gathering, you find ab employee list in Google. You find receptionist's email, and you send her an email changing the source email to her boss's email ( boss@company ). In this email, you ask for a pdf with information. She reads your email and sends back a pdf with links. You exchange the pdf links with your malicious links (these links contain malware) and send back the modified pdf, saying that the links don't work. She reads your email, opens the links, and her machine gets infected.
What testing method did you use?

（A）Evesdropping

（B）Tailgating

（C）Social engineering

（D）Piggybacking

正解：C 解答を投票する

質問 4

What isa "Collision attach" in cryptography?

（A）Collision attacks try to find two inputs producing the same hash.

（B）Collision attacks try to break the hash into three parts to get the plaintext value.

（C）Collision attacks try to break the hash into two parts, with the same bytes in each part to get the private key.

（D）Collision attacks try to get the public key

正解：A 解答を投票する

質問 5

You have successfully gained access to your client's internal network and successfully comprised a linux server which is part of the internal IP network. You want to know which Microsoft Windows workstation have the sharing enabled.
Which port would you see listeningon these Windows machines in the network?

（A）161

（B）3389

（C）1443

（D）445

正解：D 解答を投票する

質問 6

What is the most common method to exploit the "Bash Bug" or ShellShock" vulnerability?

（A）Through Web servers utilizing CGI (CommonGateway Interface) to send a malformed environment variable to a vulnerable Web server

（B）SYN Flood

（C）Manipulate format strings in text fields

（D）SSH

正解：A 解答を投票する

質問 7

Which of the following is an extremelycommon IDS evasion technique in the web world?

（A）post knocking

（B）unicode characters

（C）subnetting

（D）spyware

正解：B 解答を投票する

質問 8

An Internet Service Provider (ISP) has a need to authenticate users connecting using analog modems, digital Subscriber Line (DSL), wireless data services, and virtual Private Networks (VPN) over a Frame Relay network.
Which AAA protocol is most likely able to handle this requirement?

（A）DIAMETER

（B）TACACS+

（C）RADIUS

（D）Kerberos

正解：B 解答を投票する

質問 9

Nation-state threat actors often discover vulnerabilitiesand hold on to them until they want to launch a sophisticated attack. The Stuxnet attack was an unprecedented style of attack because it used four types of this vulnerability.
What is this style of attack called?

（A）zero-hour

（B）zero-sum

（C）zero-day

（D）no-day

正解：C 解答を投票する

質問 10

You have compromised a server on a network and successfully open a shell. You aimed to identify all operating systems running on the network. However, as you attemptto fingerprint all machines in the machines in the network using the nmap syntax below, it is not going through.
invictus@victim_server:~$nmap -T4 -O 10.10.0.0/24
TCP/IP fingerprinting (for OS scan) xxxxxxx xxxxxx xxxxxxxxxx.
QUITTING!
What seems to be wrong?

（A）This is a common behavior for a corrupted nmap application.

（B）The outgoing TCP/IP fingerprinting is blocked by the host firewall.

（C）The nmap syntax is wrong.

（D）OS Scan requires root privileged.

正解：C 解答を投票する

312-50v9 無料問題集「EC-COUNCIL Certified Ethical Hacker v9」

弊社を連絡する

関連リンク

トップ試験