412-79v8無料問題集「EC-COUNCIL EC-Council Certified Security Analyst (ECSA)」

質問 1

Mason is footprinting an organization to gather competitive intelligence. He visits the company's website for contact information and telephone numbers but does not find any. He knows the entire staff directory was listed on their website 12 months. How can he find the directory?

（A）Visit the company's partners' and customers' website for this information

（B）Visit Google's search engine and view the cached copy

（C）Use WayBackMachine in Archive.org web site to retrieve the Internet archive

（D）Crawl and download the entire website using the Surfoffline tool and save them to his computer

正解：C 解答を投票する

質問 2

Before performing the penetration testing, there will be a pre-contract discussion with different pen-testers (the team of penetration testers) to gather a quotation to perform pen testing.

Which of the following factors is NOT considered while preparing a price quote to perform pen testing?

（A）Expected time required to finish the project

（B）Type of testers involved

（C）The budget required

（D）Total number of employees in the client organization

正解：D 解答を投票する

質問 3

NTP protocol is used to synchronize the system clocks of computers with a remote time server or time source over a network. Which one of the following ports is used by NTP as its transport layer?

（A）TCP port 113

（B）UDP port 177

（C）TCP port 152

（D）UDP port 123

正解：D 解答を投票する

質問 4

Identify the person who will lead the penetration-testing project and be the client point of contact.

（A）Policy Penetration Tester

（B）Chief Penetration Tester

（C）Database Penetration Tester

（D）Application Penetration Tester

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 5

Which of the following approaches to vulnerability assessment relies on the administrator providing baseline of system configuration and then scanning continuously without incorporating any information found at the time of scanning?

（A）Product-based Assessment Solutions

（B）Inference-based Assessment

（C）Tree-based Assessment

（D）Service-based Assessment Solutions

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 6

Which one of the following scans starts, but does not complete the TCP handshake sequence for each port selected, and it works well for direct scanning and often works well through firewalls?

（A）SYN Scan

（B）Connect() scan

（C）Null Scan

（D）XMAS Scan

正解：A 解答を投票する

質問 7

Wireshark is a network analyzer. It reads packets from the network, decodes them, and presents them in an easy-to-understand format. Which one of the following is the command-line version of Wireshark, which can be used to capture the live packets from the wire or to read the saved capture files?

（A）Capinfos

（B）Tshark

（C）Idl2wrs

（D）Tcpdump

正解：A 解答を投票する

質問 8

Identify the port numbers used by POP3 and POP3S protocols.

（A）111 and 982

（B）113 and 981

（C）110 and 995

（D）109 and 973

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 9

Snort, an open source network-based intrusion detection sensor, is the most widely installed NIDS in the world. It can be configured to run in the four modes. Which one of the following modes reads the packets off the network and displays them in a continuous stream on the console (screen)?

（A）Inline Mode

（B）Packet Logger Mode

（C）Packet Sniffer Mode

（D）Network Intrusion Detection System Mode

正解：C 解答を投票する

質問 10

Security auditors determine the use of WAPs on their networks with Nessus vulnerability scanner which identifies the commonly used WAPs. One of the plug-ins that the Nessus Vulnerability Scanner uses is ID #11026 and is named "Access Point Detection". This plug-in uses four techniques to identify the presence of a WAP. Which one of the following techniques is mostly used for uploading new firmware images while upgrading the WAP device?

（A）NMAP TCP/IP fingerprinting

（B）SNMP fingerprinting

（C）HTTP fingerprinting

（D）FTP fingerprinting

正解：D 解答を投票する

412-79v8 無料問題集「EC-COUNCIL EC-Council Certified Security Analyst (ECSA)」

弊社を連絡する

関連リンク

トップ試験