312-50v12無料問題集「ECCouncil Certified Ethical Hacker」

質問 1

Geena, a cloud architect, uses a master component in the Kubernetes cluster architecture that scans newly generated pods and allocates a node to them. This component can also assign nodes based on factors such as the overall resource requirement, data locality, software/hardware/policy restrictions, and internal workload interventions.
Which of the following master components is explained in the above scenario?

（A）Kube-scheduler

（B）Etcd cluster

（C）Kube-apiserver

（D）Kube-controller-manager

正解：A 解答を投票する

質問 2

Which of the following Linux commands will resolve a domain name into IP address?

（A）>host -t soa hackeddomain.com

（B）>host-t a hackeddomain.com

（C）>host -t AXFR hackeddomain.com

（D）>host-t ns hackeddomain.com

正解：B 解答を投票する

質問 3

Which mode of IPSec should you use to assure security and confidentiality of data within the same LAN?

（A）ESP confidential

（B）AH Tunnel mode

（C）AH permiscuous

（D）ESP transport mode

正解：D 解答を投票する

質問 4

Widespread fraud ac Enron. WorldCom, and Tyco led to the creation of a law that was designed to improve the accuracy and accountability of corporate disclosures. It covers accounting firms and third parties that provide financial services to some organizations and came into effect in 2002. This law is known by what acronym?

（A）SOX

（B）PCIDSS

（C）Fed RAMP

（D）HIPAA

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 5

To invisibly maintain access to a machine, an attacker utilizes a toolkit that sits undetected In the core components of the operating system. What is this type of rootkit an example of?

（A）Mypervisor rootkit

（B）Hardware rootkit

（C）Firmware rootkit

（D）Kernel toolkit

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 6

A company's policy requires employees to perform file transfers using protocols which encrypt traffic. You suspect some employees are still performing file transfers using unencrypted protocols because the employees do not like changes. You have positioned a network sniffer to capture traffic from the laptops used by employees in the data ingest department. Using Wireshark to examine the captured traffic, which command can be used as display filter to find unencrypted file transfers?

（A）tcp.port ! = 21

（B）tcp.port = 23

（C）tcp.port = = 21 | | tcp.port = =22

（D）tcp.port = = 21

正解：D 解答を投票する

質問 7

The configuration allows a wired or wireless network interface controller to pass all traffic it receives to the Central Processing Unit (CPU), rather than passing only the frames that the controller is intended to receive.
Which of the following is being described?

（A）Multi-cast mode

（B）Promiscuous mode

（C）Port forwarding

（D）WEM

正解：B 解答を投票する

質問 8

Which of the following tactics uses malicious code to redirect users' web traffic?

（A）Phishing

（B）Spimming

（C）Pharming

（D）Spear-phishing

正解：C 解答を投票する

質問 9

Taylor, a security professional, uses a tool to monitor her company's website, analyze the website's traffic, and track the geographical location of the users visiting the company's website. Which of the following tools did Taylor employ in the above scenario?

（A）web-Stat

（B）WAFW00F

（C）WebSite Watcher

（D）Webroot

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 10

what is the port to block first in case you are suspicious that an loT device has been compromised?

（A）80

（B）48101

（C）22

（D）443

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 11

Robin, a professional hacker, targeted an organization's network to sniff all the traffic. During this process.
Robin plugged in a rogue switch to an unused port in the LAN with a priority lower than any other switch in the network so that he could make it a root bridge that will later allow him to sniff all the traffic in the network.
What is the attack performed by Robin in the above scenario?

（A）STP attack

（B）ARP spoofing attack

（C）DNS poisoning attack

（D）VLAN hopping attack

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 12

This kind of password cracking method uses word lists in combination with numbers and special characters:

（A）Symmetric

（B）Brute Force

（C）Linear

（D）Hybrid

正解：D 解答を投票する

質問 13

Bob wants to ensure that Alice can check whether his message has been tampered with. He creates a checksum of the message and encrypts it using asymmetric cryptography. What key does Bob use to encrypt the checksum for accomplishing this goal?

（A）His own public key

（B）Alice's private key

（C）His own private key

（D）Alice's public key

正解：D 解答を投票する

質問 14

Insecure direct object reference is a type of vulnerability where the application does not verify if the user is authorized to access the internal object via its name or key. Suppose a malicious user Rob tries to get access to the account of a benign user Ned.
Which of the following requests best illustrates an attempt to exploit an insecure direct object reference vulnerability?

（A）"GET /restricted/goldtransfer?to=Rob&from=1 or 1=1' HTTP/1.1Host: westbank.com"

（B）"GET /restricted/\r\n\%00account%00Ned%00access HTTP/1.1 Host: westbank.com"

（C）"GET /restricted/accounts/?name=Ned HTTP/1.1 Host westbank.com"

（D）"GET /restricted/ HTTP/1.1 Host: westbank.com

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

312-50v12 無料問題集「ECCouncil Certified Ethical Hacker」

弊社を連絡する

関連リンク

トップ試験