412-79v8無料問題集「EC-COUNCIL EC-Council Certified Security Analyst (ECSA)」

質問 1

Which type of vulnerability assessment tool provides security to the IT system by testing for vulnerabilities in the applications and operation system?

（A）Application-layer Vulnerability Assessment Tools

（B）Scope Assessment Tools

（C）Location/Data Examined Tools

（D）Active/Passive Tools

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 2

Phishing is typically carried out by email spoofing or instant messaging and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one.
Phishing is an example of social engineering techniques used to deceive users, and exploits the poor usability of current web security technologies. Attempts to deal with the growing number of reported phishing incidents include legislation, user training, public awareness, and technical security measures.

What characteristics do phishing messages often have that may make them identifiable?

（A）Invalid email signatures or contact information

（B）Suspicious attachments

（C）They trigger warning pop-ups

（D）Suspiciously good grammar and capitalization

正解：C 解答を投票する

質問 3

You work as an IT security auditor hired by a law firm in Boston. You have been assigned the responsibility to audit the client for security risks. When assessing the risk to the clients network, what step should you take first?

（A）Analyzing, categorizing and prioritizing resources

（B）Checking fora written security policy

（C）Analyzing the use of existing management and control architecture

（D）Evaluating the existing perimeter and internal security

正解：B 解答を投票する

質問 4

TCP/IP provides a broad range of communication protocols for the various applications on the network. The TCP/IP model has four layers with major protocols included within each layer. Which one of the following protocols is used to collect information from all the network devices?

（A）Internet Control Message Protocol (ICMP)

（B）Simple Network Management Protocol (SNMP)

（C）Transmission Control Protocol(TCP)

（D）Network File system (NFS)

正解：B 解答を投票する

質問 5

James is testing the ability of his routers to withstand DoS attacks. James sends ICMP ECHO requests to the broadcast address of his network. What type of DoS attack is James testing against his network?

（A）Fraggle

（B）Smurf

（C）Trinoo

（D）SYN flood

正解：B 解答を投票する

質問 6

What are placeholders (or markers) in an HTML document that the web server will dynamically replace with data just before sending the requested documents to a browser?

（A）Slide Server Includes

（B）Sort Server Includes

（C）Server Sort Includes

（D）Server Side Includes

正解：D 解答を投票する

質問 7

Besides the policy implications of chat rooms, Internet Relay Chat (IRC) is frequented by attackers and used as a command and control mechanism. IRC normally uses which one of the following TCP ports?

（A）6667 TCP port

（B）6771 TCP port

（C）6566 TCP port

（D）6257 TCP port

正解：A 解答を投票する

質問 8

Which of the following appendices gives detailed lists of all the technical terms used in the report?

（A）Research

（B）Required Work Efforts

（C）References

（D）Glossary

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 9

Which of the following policy forbids everything with strict restrictions on all usage of the company systems and network?

（A）Paranoid Policy

（B）Promiscuous Policy

（C）Information-Protection Policy

（D）Prudent Policy

正解：A 解答を投票する

質問 10

Assessing a network from a hacker's point of view to discover the exploits and vulnerabilities that are accessible to the outside world is which sort of vulnerability assessment?

（A）External Assessment

（B）Network Assessments

（C）Wireless Network Assessments

（D）Application Assessments

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

412-79v8 無料問題集「EC-COUNCIL EC-Council Certified Security Analyst (ECSA)」

弊社を連絡する

関連リンク

トップ試験