[2022年02月] 実際問題を使って312-50v11無料問題集サンプルと問題と練習テストエンジン
合格させるEC-COUNCIL 312-50v11試験問題でテスト復刻エンジンとPDF
質問 171
Let's imagine three companies (A, B and C), all competing in a challenging global environment.
Company A and B are working together in developing a product that will generate a major competitive advantage for them.
Company A has a secure DNS server while company B has a DNS server vulnerable to spoofing.
With a spoofing attack on the DNS server of company B, company C gains access to outgoing e-mails from company B.
How do you prevent DNS spoofing?
- A. Disable DNS timeouts
- B. Install DNS Anti-spoofing
- C. Install DNS logger and track vulnerable packets
- D. Disable DNS Zone Transfer
正解: B
質問 172
Leverox Solutions hired Arnold, a security professional, for the threat intelligence process. Arnold collected information about specific threats against the organization. From this information, he retrieved contextual information about security events and incidents that helped him disclose potential risks and gain insight into attacker methodologies. He collected the information from sources such as humans, social media, and chat rooms as well as from events that resulted in cyberattacks. In this process, he also prepared a report that includes identified malicious activities, recommended courses of action, and warnings for emerging attacks. What is the type of threat intelligence collected by Arnold in the above scenario?
- A. Strategic threat intelligence
- B. Operational threat intelligence
- C. Technical threat intelligence
- D. Tactical threat intelligence
正解: A
質問 173
Mary, a penetration tester, has found password hashes in a client system she managed to breach. She needs to use these passwords to continue with the test, but she does not have time to find the passwords that correspond to these hashes. Which type of attack can she implement in order to continue?
- A. LLMNR/NBT-NS poisoning
- B. Internal monologue attack
- C. Pass the ticket
- D. Pass the hash
正解: D
質問 174
You are a penetration tester and are about to perform a scan on a specific server. The agreement that you signed with the client contains the following specific condition for the scan: "The attacker must scan every port on the server several times using a set of spoofed sources IP addresses. " Suppose that you are using Nmap to perform this scan. What flag will you use to satisfy this requirement?
- A. The -f flag
- B. The -D flag
- C. The -A flag
- D. The -g flag
正解: B
解説:
Explanation
flags -source-port and -g are equivalent and instruct nmap to send packets through a selected port. this option is used to try to cheat firewalls whitelisting traffic from specific ports. the following example can scan the target from the port twenty to ports eighty, 22, 21,23 and 25 sending fragmented packets to LinuxHint.
質問 175
Let's imagine three companies (A, B and C), all competing in a challenging global environment. Company A and B are working together in developing a product that will generate a major competitive advantage for them. Company A has a secure DNS server while company B has a DNS server vulnerable to spoofing. With a spoofing attack on the DNS server of company B, company C gains access to outgoing e-mails from company B.
How do you prevent DNS spoofing?
- A. Disable DNS timeouts
- B. Install DNS Anti-spoofing
- C. Install DNS logger and track vulnerable packets
- D. Disable DNS Zone Transfer
正解: B
質問 176
What type of analysis is performed when an attacker has partial knowledge of inner-workings of the application?
- A. White-box
- B. Black-box
- C. Announced
- D. Grey-box
正解: D
質問 177
What does the following command in netcat do?
nc -l -u -p55555 < /etc/passwd
- A. deletes the /etc/passwd file when connected to the UDP port 55555
- B. loads the /etc/passwd file to the UDP port 55555
- C. logs the incoming connections to /etc/passwd file
- D. grabs the /etc/passwd file when connected to UDP port 55555
正解: D
質問 178
Your company was hired by a small healthcare provider to perform a technical assessment on the network.
What is the best approach for discovering vulnerabilities on a Windows-based computer?
- A. Use the built-in Windows Update tool
- B. Check MITRE.org for the latest list of CVE findings
- C. Use a scan tool like Nessus
- D. Create a disk image of a clean Windows installation
正解: C
質問 179
You work for Acme Corporation as Sales Manager. The company has tight network security restrictions. You are trying to steal data from the company's Sales database (Sales.xls) and transfer them to your home computer. Your company filters and monitors traffic that leaves from the internal network to the Internet. How will you achieve this without raising suspicion?
- A. Encrypt the Sales.xls using PGP and e-mail it to your personal gmail account
- B. You can conceal the Sales.xls database in another file like photo.jpg or other files and send it out in an innocent looking email or file transfer using Steganography techniques
- C. Change the extension of Sales.xls to sales.txt and upload them as attachment to your hotmail account
- D. Package the Sales.xls using Trojan wrappers and telnet them back your home computer
正解: B
質問 180
What does the -oX flag do in an Nmap scan?
- A. Perform an eXpress scan
- B. Perform an Xmas scan
- C. Output the results in truncated format to the screen
- D. Output the results in XML format to a file
正解: D
質問 181
An attacker identified that a user and an access point are both compatible with WPA2 and WPA3 encryption.
The attacker installed a rogue access point with only WPA2 compatibility in the vicinity and forced the victim to go through the WPA2 four-way handshake to get connected. After the connection was established, the attacker used automated tools to crack WPA2-encrypted messages. What is the attack performed in the above scenario?
- A. Cache-based attack
- B. Downgrade security attack
- C. Side-channel attack
- D. Timing-based attack
正解: C
質問 182
By performing a penetration test, you gained access under a user account. During the test, you established a connection with your own machine via the SMB service and occasionally entered your login and password in plaintext.
Which file do you have to clean to clear the password?
- A. .bash_history
- B. .xsession-log
- C. .bashrc
- D. .profile
正解: A
質問 183
Ethical hacker jane Smith is attempting to perform an SQL injection attach. She wants to test the response time of a true or false response and wants to use a second command to determine whether the database will return true or false results for user IDs. which two SQL Injection types would give her the results she is looking for?
- A. union-based and error-based
- B. Time-based and union-based
- C. Time-based and boolean-based
- D. Out of band and boolean-based
正解: B
解説:
Explanation
Boolean-based (content-based) Blind SQLi
Boolean-based SQL Injection is an inferential SQL Injection technique that relies on sending an SQL query to the database which forces the application to return a different result depending on whether the query returns a TRUE or FALSE result.
Depending on the result, the content within the HTTP response will change, or remain the same. This allows an attacker to infer if the payload used returned true or false, even though no data from the database is returned. This attack is typically slow (especially on large databases) since an attacker would need to enumerate a database, character by character.
Time-based Blind SQLi
Time-based SQL Injection is an inferential SQL Injection technique that relies on sending an SQL query to the database which forces the database to wait for a specified amount of time (in seconds) before responding. The response time will indicate to the attacker whether the result of the query is TRUE or FALSE.
Depending on the result, an HTTP response will be returned with a delay, or returned immediately.
This allows an attacker to infer if the payload used returned true or false, even though no data from the database is returned. This attack is typically slow (especially on large databases) since an attacker would need to enumerate a database character by character.
https://www.acunetix.com/websitesecurity/sql-injection2/
質問 184
which of the following Bluetooth hacking techniques refers to the theft of information from a wireless device through Bluetooth?
- A. Bluebugging
- B. Bluejacking
- C. Bluesmacking
- D. Bluesnarfing
正解: D
解説:
Bluesnarfing is the unauthorized access of information from a wireless device through a Bluetooth connection, often between phones, desktops, laptops, and PDAs (personal digital assistant).
質問 185
When a security analyst prepares for the formal security assessment - what of the following should be done in order to determine inconsistencies in the secure assets database and verify that system is compliant to the minimum security baseline?
- A. Reviewing the firewalls configuration
- B. Data items and vulnerability scanning
- C. Interviewing employees and network engineers
- D. Source code review
正解: B
質問 186
In this attack, a victim receives an e-mail claiming from PayPal stating that their account has been disabled and confirmation is required before activation. The attackers then scam to collect not one but two credit card numbers, ATM PIN number and other personal details. Ignorant users usually fall prey to this scam.
Which of the following statement is incorrect related to this attack?
- A. Do not reply to email messages or popup ads asking for personal or financial information
- B. Antivirus, anti-spyware, and firewall software can very easily detect these type of attacks
- C. Review credit card and bank account statements regularly
- D. Do not send credit card numbers, and personal or financial information via e-mail
- E. Do not trust telephone numbers in e-mails or popup ads
正解: B
質問 187
Which of the following Google advanced search operators helps an attacker in gathering information about websites that are similar to a specified target URL?
- A. [inurl:]
- B. [info:]
- C. [site:]
- D. [related:]
正解: D
質問 188
......
あなたを合格させる312-50v11お手軽に試験合格リアル312-50v11練習問題集で更新されたのは2022年02月19日:https://www.jpntest.com/shiken/312-50v11-mondaishu