412-79無料問題集「EC-COUNCIL EC-Council Certified Security Analyst (ECSA)」

質問 1

Which one of the following tools of trade is a commercial shellcode and payload generator written in Python by Dave Aitel?

（A）Canvas

（B）CORE Impact

（C）Microsoft Baseline Security Analyzer (MBSA)

（D）Network Security Analysis Tool (NSAT)

正解：A 解答を投票する

質問 2

Which of the following documents helps in creating a confidential relationship between the pen tester and client to protect critical and confidential information or trade secrets?

（A）Rules of Behavior Agreement

（B）Liability Insurance

（C）Penetration Testing Agreement

（D）Non-Disclosure Agreement

正解：D 解答を投票する

質問 3

A penetration test consists of three phases: pre-attack phase, attack phase, and post-attack phase.

Active reconnaissance which includes activities such as network mapping, web profiling, and perimeter mapping is a part which phase(s)?

（A）Pre-attack phase

（B）Attack phase

（C）Post-attack phase

（D）Pre-attack phase and attack phase

正解：A 解答を投票する

質問 4

Nessus can test a server or a network for DoS vulnerabilities. Which one of the following script tries to kill a service?

（A）ACT_ATTACK

（B）ACT_FLOOD

（C）ACT_KILL_HOST

（D）ACT_DENIAL

正解：D 解答を投票する

質問 5

In which of the following IDS evasion techniques does IDS reject the packets that an end system accepts?

（A）IPS evasion technique

（B）IDS evasion technique

（C）UDP evasion technique

（D）TTL evasion technique

正解：D 解答を投票する

質問 6

The framework primarily designed to fulfill a methodical and organized way of addressing five threat classes to network and that can be used to access, plan, manage, and maintain secure computers and communication networks is:

（A）The IBM Security Framework

（B）Microsoft Internet Security Framework

（C）Bell Labs Network Security Framework

（D）Nortells Unified Security Framework

正解：C 解答を投票する

質問 7

Which of the following statements is true about the LM hash?

（A）Letters are converted to the lowercase

（B）Padded with NULL to 16 characters

（C）Disabled in Windows Vista and 7 OSs

（D）Separated into two 8-character strings

正解：C 解答を投票する

質問 8

Which of the following shields Internet users from artificial DNS data, such as a deceptive or mischievous address instead of the genuine address that was requested?

（A）DNSSEC

（B）Packet filtering

（C）Firewall

（D）IPSec

正解：A 解答を投票する

質問 9

War Driving is the act of moving around a specific area, mapping the population of wireless access points for statistical purposes. These statistics are then used to raise awareness of the security problems associated with these types of networks. Which one of the following is a Linux based program that exploits the weak IV (Initialization Vector) problem documented with static WEP?

（A）Airpwn

（B）Airsnort

（C）WEPCrack

（D）Aircrack

正解：B 解答を投票する

質問 10

Which one of the following is false about Wireshark? (Select all that apply)

（A）Packet Sniffer Mode

（B）It does not support decrypting the TKIP or CCMP packets

（C）Wireshark offers some options to analyze the WEP-decrypted data

（D）In order for Wireshark to decrypt the contents of the WEP-encrypted packets, it must be given the appropriate WEP key for the network

正解：C 解答を投票する

412-79 無料問題集「EC-COUNCIL EC-Council Certified Security Analyst (ECSA)」

弊社を連絡する

関連リンク

トップ試験