CEH-001無料問題集「GAQM Certified Ethical Hacker (CEH)」

質問 1

Bob, an Administrator at XYZ was furious when he discovered that his buddy Trent, has launched a session hijack attack against his network, and sniffed on his communication, including administrative tasks suck as configuring routers, firewalls, IDS, via Telnet.
Bob, being an unhappy administrator, seeks your help to assist him in ensuring that attackers such as Trent will not be able to launch a session hijack in XYZ.
Based on the above scenario, please choose which would be your corrective measurement actions. (Choose two)

（A）Use encrypted protocols, like those found in the OpenSSH suite.

（B）Implement FAT32 filesystem for faster indexing and improved performance.

（C）Monitor for CRP caches, by using IDS products.

（D）Configure the appropriate spoof rules on gateways (internal and external).

正解：A、D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 2

A developer for a company is tasked with creating a program that will allow customers to update their billing and shipping information. The billing address field used is limited to 50 characters. What pseudo code would the developer use to avoid a buffer overflow attack on the billing address field?

（A）if (billingAddress != 50) {update field} else exit

（B）if (billingAddress >= 50) {update field} else exit

（C）if (billingAddress <= 50) {update field} else exit

（D）if (billingAddress = 50) {update field} else exit

正解：C 解答を投票する

質問 3

What type of OS fingerprinting technique sends specially crafted packets to the remote OS and analyzes the received response?

（A）Passive

（B）Reflective

（C）Distributive

（D）Active

正解：D 解答を投票する

質問 4

You have been called to investigate a sudden increase in network traffic at XYZ. It seems that the traffic generated was too heavy that normal business functions could no longer be rendered to external employees and clients. After a quick investigation, you find that the computer has services running attached to TFN2k and Trinoo software. What do you think was the most likely cause behind this sudden increase in traffic?

（A）A bad route on the firewall.

（B）A network card that was jabbering.

（C）Invalid rules entry at the gateway.

（D）A distributed denial of service attack.

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 5

Which one of the following is defined as the process of distributing incorrect Internet Protocol (IP) addresses/names with the intent of diverting traffic?

（A）Network aliasing

（B）Domain Name Server (DNS) poisoning

（C）Reverse Address Resolution Protocol (ARP)

（D）Port scanning

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 6

Your boss Tess King is attempting to modify the parameters of a Web-based application in order to alter the SQL statements that are parsed to retrieve data from the database. What would you call such an attack?

（A）SQL Injection attack

（B）SQL Piggybacking attack

（C）SQL Select attack

（D）SQL Input attack

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 7

Which of the following items of a computer system will an anti-virus program scan for viruses?

（A）Deleted Files

（B）Password Protected Files

（C）Windows Process List

（D）Boot Sector

正解：D 解答を投票する

質問 8

A Security Engineer at a medium-sized accounting firm has been tasked with discovering how much information can be obtained from the firm's public facing web servers. The engineer decides to start by using netcat to port 80.
The engineer receives this output:
HTTP/1.1 200 OK Server: Microsoft-IIS/6 Expires: Tue, 17 Jan 2011 01:41:33 GMT DatE. Mon, 16 Jan 2011 01:41:33 GMT Content-TypE. text/html Accept-Ranges: bytes Last-ModifieD. Wed, 28 Dec 2010 15:32:21 GMT ETaG. "b0aac0542e25c31:89d" Content-Length: 7369
Which of the following is an example of what the engineer performed?

（A）Banner grabbing

（B）Cross-site scripting

（C）SQL injection

（D）Whois database query

正解：A 解答を投票する

質問 9

In the context of password security: a simple dictionary attack involves loading a dictionary file (a text file full of dictionary words) into a cracking application such as L0phtCrack or John the Ripper, and running it against user accounts located by the application. The larger the word and word fragment selection, the more effective the dictionary attack is. The brute force method is the most inclusive - though slow. Usually, it tries every possible letter and number combination in its automated exploration. If you would use both brute force and dictionary combined together to have variations of words, what would you call such an attack?

（A）Hybrid Attack

（B）BruteDict Attack

（C）Full Blown Attack

（D）Thorough Attack

正解：A 解答を投票する

質問 10

Blane is a network security analyst for his company. From an outside IP, Blane performs an XMAS scan using Nmap. Almost every port scanned does not illicit a response. What can he infer from this kind of response?

（A）If a port does not respond to an XMAS scan using NMAP, that port is closed.

（B）These ports are open because they do not illicit a response.

（C）The scan was not performed correctly using NMAP since all ports, no matter what their state, will illicit some sort of response from an XMAS scan.

（D）He can tell that these ports are in stealth mode.

正解：B 解答を投票する

質問 11

What port number is used by Kerberos protocol?

（A）419

（B）88

（C）44

（D）487

正解：B 解答を投票する

質問 12

Which type of scan does NOT open a full TCP connection?

（A）Stealth Scan

（B）FIN Scan

（C）Null Scan

（D）XMAS Scan

正解：A 解答を投票する

質問 13

On a backdoored Linux box there is a possibility that legitimate programs are modified or trojaned. How is it possible to list processes and uids associated with them in a more reliable manner?

（A）Use "echo"

（B）Use "Is"

（C）Use "netstat"

（D）Use "lsof"

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 14

What is the purpose of conducting security assessments on network resources?

（A）Implementation

（B）Documentation

（C）Validation

（D）Management

正解：C 解答を投票する

CEH-001 無料問題集「GAQM Certified Ethical Hacker (CEH)」

弊社を連絡する

関連リンク

トップ試験