312-50v11無料問題集「EC-COUNCIL Certified Ethical Hacker Exam (CEH v11)」

質問 1

Which iOS jailbreaking technique patches the kernel during the device boot so that it becomes jailbroken after each successive reboot?

（A）Semi-Untethered jailbreaking

（B）Tethered jailbreaking

（C）Semi-tethered jailbreaking

（D）Untethered jailbreaking

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 2

You are working as a Security Analyst in a company XYZ that owns the whole subnet range of 23.0.0.0/8 and 192.168.0.0/8.
While monitoring the data, you find a high number of outbound connections. You see that IP's owned by XYZ (Internal) and private IP's are communicating to a Single Public IP. Therefore, the Internal IP's are sending data to the Public IP.
After further analysis, you find out that this Public IP is a blacklisted IP, and the internal communicating devices are compromised.
What kind of attack does the above scenario depict?

（A）Rootkit Attack

（B）Spear Phishing Attack

（C）Botnet Attack

（D）Advanced Persistent Threats

正解：C 解答を投票する

質問 3

Jacob works as a system administrator in an organization. He wants to extract the source code of a mobile application and disassemble the application to analyze its design flaws. Using this technique, he wants to fix any bugs in the application, discover underlying vulnerabilities, and improve defense strategies against attacks.
What is the technique used by Jacob in the above scenario to improve the security of the mobile application?

（A）Reverse engineering

（B）App sandboxing

（C）Social engineering

（D）Jailbreaking

正解：A 解答を投票する

質問 4

An attacker attaches a rogue router in a network. He wants to redirect traffic to a LAN attached to his router as part of a man-in-the-middle attack. What measure on behalf of the legitimate admin can mitigate this attack?

（A）Only using OSPFv3 will mitigate this risk.

（B）Make sure that legitimate network routers are configured to run routing protocols with authentication.

（C）Redirection of the traffic cannot happen unless the admin allows it explicitly.

（D）Disable all routing protocols and only use static routes

正解：B 解答を投票する

質問 5

Why is a penetration test considered to be more thorough than vulnerability scan?

（A）The tools used by penetration testers tend to have much more comprehensive vulnerability databases.

（B）A penetration test actively exploits vulnerabilities in the targeted infrastructure, while a vulnerability scan does not typically involve active exploitation.

（C）Vulnerability scans only do host discovery and port scanning by default.

（D）It is not - a penetration test is often performed by an automated tool, while a vulnerability scan requires active engagement.

正解：B 解答を投票する

質問 6

What does the -oX flag do in an Nmap scan?

（A）Perform an eXpress scan

（B）Perform an Xmas scan

（C）Output the results in XML format to a file

（D）Output the results in truncated format to the screen

正解：C 解答を投票する

質問 7

A large mobile telephony and data network operator has a data center that houses network elements. These are essentially large computers running on Linux. The perimeter of the data center is secured with firewalls and IPS systems.
What is the best security policy concerning this setup?

（A）There is no need for specific security measures on the network elements as long as firewalls and IPS systems exist.

（B）Network elements must be hardened with user ids and strong passwords. Regular security tests and audits should be performed.

（C）The operator knows that attacks and down time are inevitable and should have a backup site.

（D）As long as the physical access to the network elements is restricted, there is no need for additional measures.

正解：B 解答を投票する

質問 8

Robin, an attacker, is attempting to bypass the firewalls of an organization through the DNS tunneling method in order to exfiltrate dat a. He is using the NSTX tool for bypassing the firewalls. On which of the following ports should Robin run the NSTX tool?

（A）Port 23

（B）Port 50

（C）Port 53

（D）Port 80

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 9

Becky has been hired by a client from Dubai to perform a penetration test against one of their remote offices. Working from her location in Columbus, Ohio, Becky runs her usual reconnaissance scans to obtain basic information about their network. When analyzing the results of her Whois search, Becky notices that the IP was allocated to a location in Le Havre, France. Which regional Internet registry should Becky go to for detailed information?

（A）RIPE

（B）ARIN

（C）APNIC

（D）LACNIC

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 10

The network users are complaining because their system are slowing down. Further, every time they attempt to go a website, they receive a series of pop-ups with advertisements. What types of malware have the system been infected with?

（A）Virus

（B）Trojan

（C）Spyware

（D）Adware

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 11

What is the BEST alternative if you discover that a rootkit has been installed on one of your computers?

（A）Perform a trap and trace

（B）Reload from a previous backup

（C）Copy the system files from a known good system

（D）Delete the files and try to determine the source

（E）Reload from known good media

正解：E 解答を投票する

質問 12

In the context of Windows Security, what is a 'null' user?

（A）A pseudo account that has no username and password

（B）A pseudo account that was created for security administration purpose

（C）An account that has been suspended by the admin

（D）A user that has no skills

正解：A 解答を投票する

312-50v11 無料問題集「EC-COUNCIL Certified Ethical Hacker Exam (CEH v11)」

弊社を連絡する

関連リンク

トップ試験