
最新の無料312-50v11効率的問題集をダウンロード2024年02月25日更新された525問がある
EC-COUNCIL 312-50v11試験練習テスト解答
質問 # 49
John, a disgruntled ex-employee of an organization, contacted a professional hacker to exploit the organization.
In the attack process, the professional hacker installed a scanner on a machine belonging to one of the victims and scanned several machines on the same network to identify vulnerabilities to perform further exploitation.
What is the type of vulnerability assessment tool employed by John in the above scenario?
- A. Cluster scanner
- B. Network-based scanner
- C. Proxy scanner
- D. Agent-based scanner
正解:D
質問 # 50
While using your bank's online servicing you notice the following string in the URL bar:
"http: // www. MyPersonalBank. com/ account?id=368940911028389&Damount=10980&Camount=21" You observe that if you modify the Damount & Camount values and submit the request, that data on the web page reflects the changes.
Which type of vulnerability is present on this site?
- A. SQL Injection
- B. XSS Reflection
- C. Web Parameter Tampering
- D. Cookie Tampering
正解:C
質問 # 51
You are a security officer of a company. You had an alert from IDS that indicates that one PC on your Intranet is connected to a blacklisted IP address (C2 Server) on the Internet. The IP address was blacklisted just before the alert. You are starting an investigation to roughly analyze the severity of the situation. Which of the following is appropriate to analyze?
- A. IDS log
- B. Internet Firewall/Proxy log.
- C. Event logs on domain controller
- D. Event logs on the PC
正解:B
質問 # 52
Ethical hacker Jane Smith is attempting to perform an SQL injection attack. She wants to test the response time of a true or false response and wants to use a second command to determine whether the database will return true or false results for user IDs.
Which two SQL injection types would give her the results she is looking for?
- A. Union-based and error-based
- B. Time-based and union-based
- C. Out of band and boolean-based
- D. Time-based and boolean-based
正解:A
質問 # 53
Heather's company has decided to use a new customer relationship management tool. After performing the appropriate research, they decided to purchase a subscription to a cloud-hosted solution. The only administrative task that Heather will need to perform is the management of user accounts. The provider will take care of the hardware, operating system, and software administration including patching and monitoring.
Which of the following is this type of solution?
- A. PasS
- B. SaaS
- C. CaaS
- D. IaaS
正解:B
解説:
Explanation
Software as a service (SaaS) allows users to attach to and use cloud-based apps over the web. Common examples ar email, calendaring and workplace tool (such as Microsoft workplace 365).
SaaS provides a whole software solution that you get on a pay-as-you-go basis from a cloud service provider.
You rent the use of an app for your organisation and your users connect with it over the web, typically with an internet browser. All of the underlying infrastructure, middleware, app software system and app knowledge ar located within the service provider's knowledge center. The service provider manages the hardware and software system and with the appropriate service agreement, can make sure the availability and also the security of the app and your data as well. SaaS allows your organisation to induce quickly up and running with an app at token upfront cost.
Common SaaS scenariosThis tool having used a web-based email service like Outlook, Hotmail or Yahoo!
Mail, then you have got already used a form of SaaS. With these services, you log into your account over the web, typically from an internet browser. the e-mail software system is found on the service provider's network and your messages ar hold on there moreover. you can access your email and hold on messages from an internet browser on any laptop or Internet-connected device.
The previous examples are free services for personal use. For organisational use, you can rent productivity apps, like email, collaboration and calendaring; and sophisticated business applications like client relationship management (CRM), enterprise resource coming up with (ERP) and document management. You buy the use of those apps by subscription or per the level of use.
Advantages of SaaSGain access to stylish applications. to supply SaaS apps to users, you don't ought to purchase, install, update or maintain any hardware, middleware or software system. SaaS makes even sophisticated enterprise applications, like ERP and CRM, affordable for organisations that lack the resources to shop for, deploy and manage the specified infrastructure and software system themselves.
Pay just for what you utilize. you furthermore may economize because the SaaS service automatically scales up and down per the level of usage.
Use free shopper software system. Users will run most SaaS apps directly from their web browser without needing to transfer and install any software system, though some apps need plugins. this suggests that you simply don't ought to purchase and install special software system for your users.
Mobilise your hands simply. SaaS makes it simple to "mobilise" your hands as a result of users will access SaaS apps and knowledge from any Internet-connected laptop or mobile device. You don't ought to worry concerning developing apps to run on differing types of computers and devices as a result of the service supplier has already done therefore. additionally, you don't ought to bring special experience aboard to manage the safety problems inherent in mobile computing. A fastidiously chosen service supplier can make sure the security of your knowledge, no matter the sort of device intense it.
Access app knowledge from anyplace. With knowledge hold on within the cloud, users will access their info from any Internet-connected laptop or mobile device. And once app knowledge is hold on within the cloud, no knowledge is lost if a user's laptop or device fails.
質問 # 54
There have been concerns in your network that the wireless network component is not sufficiently secure. You perform a vulnerability scan of the wireless network and find that it is using an old encryption protocol that was designed to mimic wired encryption, what encryption protocol is being used?
- A. WPA3
- B. RADIUS
- C. WPA
- D. WEP
正解:C
解説:
Wi-Fi Protected Access (WPA), Wi-Fi Protected Access II (WPA2), and Wi-Fi Protected Access 3 (WPA3) are the three security and security certification programs developed by the Wi-Fi Alliance to secure wireless computer networks. The Alliance defined these in response to serious weaknesses researchers had found within the previous system, Wired Equivalent Privacy (WEP). WPA (sometimes mentioned because the draft IEEE 802.11i standard) became available in 2003. The Wi-Fi Alliance intended it as an intermediate measure in anticipation of the supply of the safer and sophisticated WPA2, which became available in 2004 and may be a common shorthand for the complete IEEE 802.11i (or IEEE 802.11i-2004) standard. In January 2018, Wi-Fi Alliance announced the discharge of WPA3 with several security improvements over WPA2. The Wi-Fi Alliance intended WPA as an intermediate measure to require the place of WEP pending the supply of the complete IEEE 802.11i standard. WPA might be implemented through firmware upgrades on wireless network interface cards designed for WEP that began shipping as far back as 1999. However, since the changes required within the wireless access points (APs) were more extensive than those needed on the network cards, most pre-2003 APs couldn't be upgraded to support WPA. The WPA protocol implements much of the IEEE 802.11i standard. Specifically, the Temporal Key Integrity Protocol (TKIP) was adopted for WPA. WEP used a 64-bit or 128-bit encryption key that has got to be manually entered on wireless access points and devices and doesn't change. TKIP employs a per-packet key, meaning that it dynamically generates a replacement 128-bit key for every packet and thus prevents the kinds of attacks that compromised WEP. WPA also includes a Message Integrity Check, which is meant to stop an attacker from altering and resending data packets. This replaces the cyclic redundancy check (CRC) that was employed by the WEP standard. CRC's main flaw was that it didn't provide a sufficiently strong data integrity guarantee for the packets it handled. Well-tested message authentication codes existed to unravel these problems, but they required an excessive amount of computation to be used on old network cards. WPA uses a message integrity check algorithm called TKIP to verify the integrity of the packets. TKIP is far stronger than a CRC, but not as strong because the algorithm utilized in WPA2. Researchers have since discovered a flaw in WPA that relied on older weaknesses in WEP and therefore the limitations of the message integrity code hash function, named Michael, to retrieve the keystream from short packets to use for re-injection and spoofing.
質問 # 55
By performing a penetration test, you gained access under a user account. During the test, you established a connection with your own machine via the SMB service and occasionally entered your login and password in plaintext.
Which file do you have to clean to clear the password?
- A. .X session-log
- B. .bash_history
- C. .profile
- D. .bashrc
正解:A
解説:
Explanation
If you would like to seek out more information a few problem during a session or want to repair it, consult the system log, which stores log data for your user session and applications.The ~/.xsession-errors X session log file has been deprecated and is not any longer used.On systemd-based systems, you'll find the session log data within the systemd journal, which stores the info during a binary format. to look at the logs, use the journalctl command.To view your user session logs:1. Determine your user ID (uid) by running the subsequent command:2. $ id -user10003. View the journal logs for the user ID determined above:$ journalctl
_UID=1000For more information on the systemd journal, see the journalctl(1) man page.
質問 # 56
Which access control mechanism allows for multiple systems to use a central authentication server (CAS) that permits users to authenticate once and gain access to multiple systems?
- A. Discretionary Access Control (DAC)
- B. Windows authentication
- C. Role Based Access Control (RBAC)
- D. Single sign-on
正解:D
質問 # 57
By performing a penetration test, you gained access under a user account. During the test, you established a connection with your own machine via the SMB service and occasionally entered your login and password in plaintext.
Which file do you have to clean to clear the password?
- A. .X session-log
- B. .profile
- C. .bash_history
- D. .bashrc
正解:C
解説:
Explanation
File created by Bash, a Unix-based shell program commonly used on Mac OS X and Linux operating systems; stores a history of user commands entered at the command prompt; used for viewing old commands that are executed.BASH_HISTORY files are hidden files with no filename prefix. They always use the filename
.bash_history.NOTE: Bash is that the shell program employed by Apple Terminal.Our goal is to assist you understand what a file with a *.bash_history suffix is and the way to open it.The Bash History file type, file format description, and Mac and Linux programs listed on this page are individually researched and verified by the FileInfo team. we attempt for 100% accuracy and only publish information about file formats that we've tested and validated.
質問 # 58
When configuring wireless on his home router, Javik disables SSID broadcast. He leaves authentication
"open" but sets the SSID to a 32-character string of random letters and numbers.
What is an accurate assessment of this scenario from a security perspective?
- A. Disabling SSID broadcast prevents 802.11 beacons from being transmitted from the access point, resulting in a valid setup leveraging "security through obscurity".
- B. Since the SSID is required in order to connect, the 32-character string is sufficient to prevent brute-force attacks.
- C. Javik's router is still vulnerable to wireless hacking attempts because the SSID broadcast setting can be enabled using a specially crafted packet sent to the hardware address of the access point.
- D. It is still possible for a hacker to connect to the network after sniffing the SSID from a successful wireless association.
正解:D
質問 # 59
Bob is going to perform an active session hijack against Brownies Inc. He has found a target that allows session oriented connections (Telnet) and performs the sequence prediction on the target operating system. He manages to find an active session due to the high level of traffic on the network. What is Bob supposed to do next?
- A. Guess the sequence numbers
- B. Take over the session
- C. Reverse sequence prediction
- D. Take one of the parties offline
正解:A
質問 # 60
Robert, a professional hacker, is attempting to execute a fault injection attack on a target IoT device. In this process, he injects faults into the power supply that can be used for remote execution, also causing the skipping of key instructions. He also injects faults into the clock network used for delivering a synchronized signal across the chip.
Which of the following types of fault injection attack is performed by Robert in the above scenario?
- A. Frequency/voltage tampering
- B. Power/clock/reset glitching
- C. Temperature attack
- D. Optical, electromagnetic fault injection (EMFI)
正解:D
質問 # 61
A penetration tester is performing the footprinting process and is reviewing publicly available information about an organization by using the Google search engine.
Which of the following advanced operators would allow the pen tester to restrict the search to the organization's web domain?
- A. [location:]
- B. [site:]
- C. [link:]
- D. [allinurl:]
正解:B
質問 # 62
You have successfully comprised a server having an IP address of 10.10.0.5. You would like to enumerate all machines in the same network quickly.
What is the best Nmap command you will use?
- A. nmap -T4 -O 10.10.0.0/24
- B. nmap -T4 -F 10.10.0.0/24
- C. nmap -T4 -q 10.10.0.0/24
- D. nmap -T4 -r 10.10.1.0/24
正解:B
質問 # 63
The Heartbleed bug was discovered in 2014 and is widely referred to under MITRE's Common Vulnerabilities and Exposures (CVE) as CVE-2014-0160. This bug affects the OpenSSL implementation of the Transport Layer Security (TLS) protocols defined in RFC6520.
What type of key does this bug leave exposed to the Internet making exploitation of any compromised system very easy?
- A. Private
- B. Public
- C. Shared
- D. Root
正解:A
質問 # 64
While scanning with Nmap, Patin found several hosts which have the IP ID of incremental sequences. He then decided to conduct: nmap -Pn -p- -si kiosk.adobe.com www.riaa.com. kiosk.adobe.com is the host with incremental IP ID sequence. What is the purpose of using "-si" with Nmap?
- A. Conduct IDLE scan
- B. Conduct silent scan
- C. Conduct stealth scan
- D. Conduct ICMP scan
正解:C
質問 # 65
What piece of hardware on a computer's motherboard generates encryption keys and only releases a part of the key so that decrypting a disk on a new piece of hardware is not possible?
- A. TPM
- B. UEFI
- C. CPU
- D. GPU
正解:A
解説:
Explanation
The TPM is a chip that's part of your computer's motherboard - if you bought an off-the-shelf PC, it's soldered onto the motherboard. If you built your own computer, you can buy one as an add-on module if your motherboard supports it. The TPM generates encryption keys, keeping part of the key to itself
質問 # 66
Which tool can be used to silently copy files from USB devices?
- A. USB Snoopy
- B. USB Sniffer
- C. USB Grabber
- D. Use Dumper
正解:D
質問 # 67
Which of the following is the structure designed to verify and authenticate the identity of individuals within the enterprise taking part in a data exchange?
- A. single sign on
- B. SOA
- C. PKI
- D. biometrics
正解:C
質問 # 68
Henry is a penetration tester who works for XYZ organization. While performing enumeration on a client organization, he queries the DNS server for a specific cached DNS record. Further, by using this cached record, he determines the sites recently visited by the organization's user. What is the enumeration technique used by Henry on the organization?
- A. DNS cache poisoning
- B. DNS SEC zone walking
- C. DNS cache snooping
- D. DNS zone walking
正解:A
質問 # 69
Calvin, a grey-hat hacker, targets a web application that has design flaws in its authentication mechanism. He enumerates usernames from the login form of the web application, which requests users to feed data and specifies the incorrect field in case of invalid credentials. Later, Calvin uses this information to perform social engineering.
Which of the following design flaws in the authentication mechanism is exploited by Calvin?
- A. Verbose failure messages
- B. Insecure transmission of credentials
- C. User impersonation
- D. Password reset mechanism
正解:D
質問 # 70
A company's policy requires employees to perform file transfers using protocols which encrypt traffic. You suspect some employees are still performing file transfers using unencrypted protocols because the employees do not like changes. You have positioned a network sniffer to capture traffic from the laptops used by employees in the data ingest department. Using Wire shark to examine the captured traffic, which command can be used as a display filter to find unencrypted file transfers?
- A. tcp.port ==21 || tcp.port ==22
- B. tcp.port = 23
- C. tcp.port != 21
- D. tcp.port ==21
正解:A
質問 # 71
Taylor, a security professional, uses a tool to monitor her company's website, analyze the website's traffic, and track the geographical location of the users visiting the company's website. Which of the following tools did Taylor employ in the above scenario?
- A. WebSite Watcher
- B. web-Stat
- C. Webroot
- D. WAFW00F
正解:B
解説:
Increase your web site's performance and grow! Add Web-Stat to your site (it's free!) and watch individuals act together with your pages in real time.
Learn how individuals realize your web site. Get details concerning every visitor's path through your web site and track pages that flip browsers into consumers.
One-click install. observe locations, in operation systems, browsers and screen sizes and obtain alerts for new guests and conversions
質問 # 72
......
最新の検証済み312-50v11問題集と解答合格保証もしくは全額返金です:https://www.passtest.jp/EC-COUNCIL/312-50v11-shiken.html
最新の認証試験312-50v11問題集練習テスト解答はこちら:https://drive.google.com/open?id=1HHDtyy9zQ0wb61ePpchX_9ax_n3MgV7P