412-79無料問題集「EC-COUNCIL EC-Council Certified Security Analyst (ECSA)」

質問 1

Identify the person who will lead the penetration-testing project and be the client point of contact.

（A）Policy Penetration Tester

（B）Chief Penetration Tester

（C）Database Penetration Tester

（D）Application Penetration Tester

正解：B 解答を投票する

質問 2

How many possible sequence number combinations are there in TCP/IP protocol?

（A）1 billion

（B）32 million

（C）320 billion

（D）4 billion

正解：D 解答を投票する

質問 3

Which one of the following commands is used to search one of more files for a specific pattern and it helps in organizing the firewall log files?

（A）gprn

（B）grep

（C）grpck

（D）gpgv

正解：B 解答を投票する

質問 4

Which of the following external pen testing tests reveals information on price, usernames and passwords, sessions, URL characters, special instructors, encryption used, and web page behaviors?

（A）Check for Directory Consistency and Page Naming Syntax of the Web Pages

（B）Examine Server Side Includes (SSI)

（C）Examine E-commerce and Payment Gateways Handled by the Web Server

（D）Examine Hidden Fields

正解：D 解答を投票する

質問 5

John, a penetration tester, was asked for a document that defines the project, specifies goals, objectives, deadlines, the resources required, and the approach of the project. Which of the following includes all of these requirements?

（A）Penetration testing project plan

（B）Penetration testing software project management plan

（C）Penetration testing schedule plan

（D）Penetration testing project scope report

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 6

Many security and compliance projects begin with a simple idea: assess the organization's risk, vulnerabilities, and breaches. Implementing an IT security risk assessment is critical to the overall security posture of any organization.
An effective security risk assessment can prevent breaches and reduce the impact of realized breaches.

What is the formula to calculate risk?

（A）Risk = Budget x Time

（B）Risk = Loss x Exposure factor

（C）Risk = Threats x Attacks

（D）Risk = Goodwill x Reputation

正解：B 解答を投票する

質問 7

What are placeholders (or markers) in an HTML document that the web server will dynamically replace with data just before sending the requested documents to a browser?

（A）Slide Server Includes

（B）Sort Server Includes

（C）Server Sort Includes

（D）Server Side Includes

正解：D 解答を投票する

質問 8

Which among the following information is not furnished by the Rules of Engagement (ROE) document?

（A）Details on how data should be transmitted during and after the test

（B）Details on how organizational data is treated throughout and after the test

（C）Techniques for data exclusion from systems upon termination of the test

（D）Techniques for data collection from systems upon termination of the test

正解：D 解答を投票する

質問 9

Packet filtering firewalls are usually a part of a router. In a packet filtering firewall, each packet is compared to a set of criteria before it is forwarded.
Depending on the packet and the criteria, the firewall can:
i)Drop the packet
ii)Forward it or send a message to the originator

At which level of the OSI model do the packet filtering firewalls work?

（A）Transport layer

（B）Network layer

（C）Application layer

（D）Physical layer

正解：B 解答を投票する

質問 10

Which of the following is NOT generally included in a quote for penetration testing services?

（A）Budget required

（B）Type of testers involved

（C）Type of testing carried out

（D）Expected timescale required to finish the project

正解：B 解答を投票する

412-79 無料問題集「EC-COUNCIL EC-Council Certified Security Analyst (ECSA)」

弊社を連絡する

関連リンク

トップ試験