312-50v11無料問題集「EC-COUNCIL Certified Ethical Hacker Exam (CEH v11)」

質問 1

There have been concerns in your network that the wireless network component is not sufficiently secure. You perform a vulnerability scan of the wireless network and find that it is using an old encryption protocol that was designed to mimic wired encryption, what encryption protocol is being used?

（A）WPA3

（B）RADIUS

（C）WEP

（D）WPA

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 2

Which of the following is a low-tech way of gaining unauthorized access to systems?

（A）Scanning

（B）Eavesdropping

（C）Social Engineering

（D）Sniffing

正解：C 解答を投票する

質問 3

After an audit, the auditors Inform you that there is a critical finding that you must tackle Immediately. You read the audit report, and the problem is the service running on port 389. Which service Is this and how can you tackle the problem?

（A）The service is SMTP, and you must change it to SMIME. which is an encrypted way to send emails.

（B）The findings do not require immediate actions and are only suggestions.

（C）The service is LDAP. and you must change it to 636. which is LDPAPS.

（D）The service is NTP. and you have to change It from UDP to TCP in order to encrypt it

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 4

What is the algorithm used by LM for Windows2000 SAM?

（A）SSL

（B）SHA

（C）MD4

（D）DES

正解：D 解答を投票する

質問 5

Lewis, a professional hacker, targeted the loT cameras and devices used by a target venture-capital firm. He used an information-gathering tool to collect information about the loT devices connected to a network, open ports and services, and the attack surface are a. Using this tool, he also generated statistical reports on broad usage patterns and trends. This tool helped Lewis continually monitor every reachable server and device on the Internet, further allowing him to exploit these devices in the network. Which of the following tools was employed by Lewis in the above scenario?

（A）Wapiti

（B）NeuVector

（C）Lacework

（D）Censys

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 6

What is the proper response for a NULL scan if the port is open?

（A）FIN

（B）RST

（C）SYN

（D）ACK

（E）PSH

（F）No response

正解：F 解答を投票する

質問 7

Which regulation defines security and privacy controls for Federal information systems and organizations?

（A）PCI-DSS

（B）NIST-800-53

（C）HIPAA

（D）EU Safe Harbor

正解：B 解答を投票する

質問 8

Attacker Steve targeted an organization's network with the aim of redirecting the company's web traffic to another malicious website. To achieve this goal, Steve performed DNS cache poisoning by exploiting the vulnerabilities In the DNS server software and modified the original IP address of the target website to that of a fake website. What is the technique employed by Steve to gather information for identity theft?

（A）Wardriving

（B）Pretexting

（C）Pharming

（D）Skimming

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 9

A regional bank hires your company to perform a security assessment on their network after a recent data breach. The attacker was able to steal financial data from the bank by compromising only a single server. Based on this information, what should be one of your key recommendations to the bank?

（A）Place a front-end web server in a demilitarized zone that only handles external web traffic

（B）Require all employees to change their anti-virus program with a new one

（C）Issue new certificates to the web servers from the root certificate authority

（D）Move the financial data to another server on the same IP subnet

正解：A 解答を投票する

質問 10

BitLocker encryption has been implemented for all the Windows-based computers in an organization. You are concerned that someone might lose their cryptographic key. Therefore, a mechanism was implemented to recover the keys from Active Directory. What is this mechanism called in cryptography?

（A）Key renewal

（B）Key archival

（C）Certificate rollover

（D）Key escrow.

正解：D 解答を投票する

質問 11

Clark, a professional hacker, attempted to perform a Btlejacking attack using an automated tool, Btlejack, and hardware tool, micro:bit. This attack allowed Clark to hijack, read, and export sensitive information shared between connected devices. To perform this attack, Clark executed various btlejack commands. Which of the following commands was used by Clark to hijack the connections?

（A）btlejack -c any

（B）btlejack -f 0x9c68fd30 -t -m 0x1 fffffffff

（C）btlejack -d /dev/ttyACM0 -d /dev/ttyACM2 -s

（D）btlejack-f 0x129f3244-j

正解：B 解答を投票する

質問 12

To hide the file on a Linux system, you have to start the filename with a specific character. What is the character?

（A）Underscore (_)

（B）Exclamation mark (!)

（C）Tilde H

（D）Period (.)

正解：D 解答を投票する

質問 13

Steve, a scientist who works in a governmental security agency, developed a technological solution to identify people based on walking patterns and implemented this approach to a physical control access.
A camera captures people walking and identifies the individuals using Steve's approach.
After that, people must approximate their RFID badges. Both the identifications are required to open the door. In this case, we can say:

（A）The solution implements the two authentication factors: physical object and physical characteristic

（B）Although the approach has two phases, it actually implements just one authentication factor

（C）The solution will have a high level of false positives

（D）Biological motion cannot be used to identify people

正解：A 解答を投票する

質問 14

Which of the following Linux commands will resolve a domain name into IP address?

（A）>host -t soa hackeddomain.com

（B）>host-t a hackeddomain.com

（C）>host -t AXFR hackeddomain.com

（D）>host-t ns hackeddomain.com

正解：B 解答を投票する

質問 15

Log monitoring tools performing behavioral analysis have alerted several suspicious logins on a Linux server occurring during non-business hours. After further examination of all login activities, it is noticed that none of the logins have occurred during typical work hours. A Linux administrator who is investigating this problem realizes the system time on the Linux server is wrong by more than twelve hours. What protocol used on Linux servers to synchronize the time has stopped working?

（A）Time Keeper

（B）OSPP

（C）NTP

（D）PPP

正解：C 解答を投票する

質問 16

You are a penetration tester tasked with testing the wireless network of your client Brakeme SA.
You are attempting to break into the wireless network with the SSID "Brakeme-lnternal." You realize that this network uses WPA3 encryption, which of the following vulnerabilities is the promising to exploit?

（A）Key reinstallation attack

（B）AP Myconfiguration

（C）Cross-site request forgery

（D）Dragonblood

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

312-50v11 無料問題集「EC-COUNCIL Certified Ethical Hacker Exam (CEH v11)」

弊社を連絡する

関連リンク

トップ試験