312-50v9無料問題集「EC-COUNCIL Certified Ethical Hacker v9」

質問 1

It is a vulnerability in GNU's bash shell, discovered in September of 2004, that gives attackers access to run remote commands on a vulnerable system. The malicious software can take control of an infected machine, launch denial-of service attacks to disrupt websites, and scan for other vulnerable devices (including routers).
Which of the following vulnerabilities is being described?

（A）Shellbash

（B）Rootshock

（C）Rootshell

（D）Shellshock

正解：D 解答を投票する

質問 2

An Internet Service Provider (ISP) has a need to authenticate users connecting using analog modems, digital Subscriber Line (DSL), wireless data services, and virtual Private Networks (VPN) over a Frame Relay network.
Which AAA protocol is most likely able to handle this requirement?

（A）DIAMETER

（B）TACACS+

（C）RADIUS

（D）Kerberos

正解：B 解答を投票する

質問 3

env x= '(){ :;};echo exploit ' bash -c 'cat/etc/passwd
What is the Shellshock bash vulnerability attempting to do on an vulnerable Linux host?

（A）Change all password in passwd

（B）Remove the passwd file.

（C）Display passwd contents to prompt

（D）Add new user to the passwd file

正解：C 解答を投票する

質問 4

It is a kind of malware (malicious software) that criminals install on your computer so they can lock it from a remote location. This malware generates a pop-up windows, webpage,or email warning from what looks like an officialauthority. It explains your computer has been locked because of possible illegal activities and demands payment before you can access your files and programs again.
Which term best matches this definition?

（A）Riskware

（B）Spyware

（C）Adware

（D）Ransomware

正解：D 解答を投票する

質問 5

This tool is an 802.11 WEP and WPA-PSK keys cracking program that can recover keys once enough data packets have been captured. It implements the standard FMS attach along with some optimizations like Korek attacks, as well as the PTW attack, thus making the attack much faster compared to other WEP cracking tools.
Which of the following tools is being described?

（A）Airguard

（B）WLAN-crack

（C）Wificracker

（D）Aircrack-ng

正解：D 解答を投票する

質問 6

You have successfully gained access to a linux server and would like to ensure that the succeeding outgoing traffic from the server will not be caught by a Network Based Intrusion Detection System (NIDS).
Which is the best way to evade the NIDS?

（A）Alternate Data Streams

（B）Protocol Isolation

（C）Out of band signaling

（D）Encryption

正解：D 解答を投票する

質問 7

A medium-sized healthcare IT business decides to implement a risk management strategy. Which of the following is NOT one of the five basic responses to risk?

（A）Avoid

（B）Mitigate

（C）Delegate

（D）Accept

正解：C 解答を投票する

質問 8

Which of the following statements is TRUE?

（A）Sniffers operation on Layer 3 of the OSI model

（B）Sniffers operation on Layer 2 of the OSI model

（C）Sniffers operation on both Layer 2 & Layer 3 of the OSImodel

（D）Sniffers operation on the Layer 1 of the OSI model

正解：C 解答を投票する

質問 9

This international organizationregulates billions of transactions daily and provides security guidelines to protect personally identifiable information (PII). These security controls provide a baseline and prevent low-level hackers sometimes known as script kiddies from causing a data breach.
Which of the following organizations is being described?

（A）Institute of Electrical and Electronics Engineers (IEEE)

（B）Payment Card Industry (PCI)

（C）International Security Industry Organization (ISIO)

（D）Center for Disease Control (CDC)

正解：C 解答を投票する

質問 10

Which of the following is the structure designed to verify and authenticate the identity of individuals within the enterprise taking part in a data exchange?

（A）SOA

（B）PKI

（C）single sign on

（D）biometrics

正解：B 解答を投票する

312-50v9 無料問題集「EC-COUNCIL Certified Ethical Hacker v9」

弊社を連絡する

関連リンク

トップ試験