2024年01月実際に出る312-50v11試験問題集には正確で更新された問題 [Q132-Q147]

Share

2024年01月実際に出る312-50v11試験問題集には正確で更新された問題

312-50v11試験問題集でPDF問題とテストエンジン

質問 # 132
As a Certified Ethical Hacker, you were contracted by a private firm to conduct an external security assessment through penetration testing.
What document describes the specifics of the testing, the associated violations, and essentially protects both the organization's interest and your liabilities as a tester?

  • A. Rules of Engagement
  • B. Non-Disclosure Agreement
  • C. Project Scope
  • D. Service Level Agreement

正解:A


質問 # 133
At what stage of the cyber kill chain theory model does data exfiltration occur?

  • A. Command and control
  • B. Weaponization
  • C. Installation
  • D. Actions on objectives

正解:D


質問 # 134
A friend of yours tells you that he downloaded and executed a file that was sent to him by a coworker. Since the file did nothing when executed, he asks you for help because he suspects that he may have installed a trojan on his computer.
what tests would you perform to determine whether his computer Is Infected?

  • A. Use netstat and check for outgoing connections to strange IP addresses or domains.
  • B. Upload the file to VirusTotal.
  • C. Use ExifTool and check for malicious content.
  • D. You do not check; rather, you immediately restore a previous snapshot of the operating system.

正解:A


質問 # 135
Clark is a professional hacker. He created and configured multiple domains pointing to the same host to switch quickly between the domains and avoid detection.
Identify the behavior of the adversary In the above scenario.

  • A. Unspecified proxy activities
  • B. Data staging
  • C. use of command-line interface
  • D. Use of DNS tunneling

正解:A

解説:
Explanation
A proxy server acts as a gateway between you and therefore the internet. It's an intermediary server separating end users from the websites they browse. Proxy servers provide varying levels of functionality, security, and privacy counting on your use case, needs, or company policy.If you're employing a proxy server, internet traffic flows through the proxy server on its thanks to the address you requested. A proxy server is essentially a computer on the web with its own IP address that your computer knows. once you send an internet request, your request goes to the proxy server first. The proxy server then makes your web request on your behalf, collects the response from the online server, and forwards you the online page data so you'll see the page in your browser.


質問 # 136
After an audit, the auditors Inform you that there is a critical finding that you must tackle Immediately. You read the audit report, and the problem is the service running on port 369. Which service Is this and how can you tackle the problem?

  • A. The service is SMTP, and you must change it to SMIME. which is an encrypted way to send emails.
  • B. The service is LDAP. and you must change it to 636. which is LDPAPS.
  • C. The findings do not require immediate actions and are only suggestions.
  • D. The service is NTP. and you have to change It from UDP to TCP in order to encrypt it

正解:B


質問 # 137
Which type of virus can change its own code and then cipher itself multiple times as it replicates?

  • A. Tunneling virus
  • B. Cavity virus
  • C. Encryption virus
  • D. Stealth virus

正解:D


質問 # 138
The following is an entry captured by a network IDS. You are assigned the task of analyzing this entry. You notice the value 0x90, which is the most common NOOP instruction for the Intel processor. You figure that the attacker is attempting a buffer overflow attack.
You also notice "/bin/sh" in the ASCII part of the output.
As an analyst what would you conclude about the attack?

  • A. The attacker is creating a directory on the compromised machine
  • B. The attacker is attempting a buffer overflow attack and has succeeded
  • C. The buffer overflow attack has been neutralized by the IDS
  • D. The attacker is attempting an exploit that launches a command-line shell

正解:D


質問 # 139
Sam is working as a system administrator In an organization. He captured the principal characteristics of a vulnerability and produced a numerical score to reflect Its severity using CVSS v3.0 to property assess and prioritize the organization's vulnerability management processes. The base score that Sam obtained after performing cvss rating was 4.0. What is the CVSS severity level of the vulnerability discovered by Sam in the above scenario?

  • A. High
  • B. Critical
  • C. Medium
  • D. Low

正解:C


質問 # 140
This form of encryption algorithm is asymmetric key block cipher that is characterized by a 128-bit block size, and its key size can be up to 256 bits. Which among the following is this encryption algorithm?

  • A. IDEA
  • B. Blowfish encryption algorithm
  • C. HMAC encryption algorithm
  • D. Twofish encryption algorithm

正解:D

解説:
Twofish is an encryption algorithm designed by Bruce Schneier. It's a symmetric key block cipher with a block size of 128 bits, with keys up to 256 bits. it's associated with AES (Advanced Encryption Standard) and an earlier block cipher called Blowfish. Twofish was actually a finalist to become the industry standard for encryption, but was ultimately beaten out by the present AES. Twofish has some distinctive features that set it aside from most other cryptographic protocols. For one, it uses pre-computed, key-dependent S-boxes. An S-box (substitution-box) may be a basic component of any symmetric key algorithm which performs substitution. within the context of Twofish's block cipher, the S-box works to obscure the connection of the key to the ciphertext. Twofish uses a pre-computed, key-dependent S-box which suggests that the S-box is already provided, but depends on the cipher key to decrypt the knowledge .
How Secure is Twofish?
Twofish is seen as a really secure option as far as encryption protocols go. one among the explanations that it wasn't selected because the advanced encryption standard is thanks to its slower speed. Any encryption standard that uses a 128-bit or higher key, is theoretically safe from brute force attacks. Twofish is during this category. Because Twofish uses "pre-computed key-dependent S-boxes", it are often susceptible to side channel attacks. this is often thanks to the tables being pre-computed. However, making these tables key-dependent helps mitigate that risk. There are a couple of attacks on Twofish, but consistent with its creator, Bruce Schneier, it didn't constitute a real cryptanalysis. These attacks didn't constitue a practical break within the cipher.
Products That Use Twofish
GnuPG: GnuPG may be a complete and free implementation of the OpenPGP standard as defined by RFC4880 (also referred to as PGP). GnuPG allows you to encrypt and sign your data and communications; it features a flexible key management system, along side access modules for all types of public key directories. KeePass: KeePass may be a password management tool that generates passwords with top-notch security. It's a free, open source, lightweight and easy-to-use password manager with many extensions and plugins. Password Safe: Password Safe uses one master password to stay all of your passwords protected, almost like the functionality of most of the password managers on this list. It allows you to store all of your passwords during a single password database, or multiple databases for various purposes. Creating a database is straightforward , just create the database, set your master password. PGP (Pretty Good Privacy): PGP is employed mostly for email encryption, it encrypts the content of the e-mail . However, Pretty Good Privacy doesn't encrypt the topic and sender of the e-mail , so make certain to never put sensitive information in these fields when using PGP. TrueCrypt: TrueCrypt may be a software program that encrypts and protects files on your devices. With TrueCrypt the encryption is transparent to the user and is completed locally at the user's computer. this suggests you'll store a TrueCrypt file on a server and TrueCrypt will encrypt that file before it's sent over the network.


質問 # 141
If a token and 4-digit personal identification number (PIN) are used to access a computer system and the token performs off-line checking for the correct PIN, what type of attack is possible?

  • A. Man-in-the-middle
  • B. Smurf
  • C. Brute force
  • D. Birthday

正解:C


質問 # 142
Which of the following is the best countermeasure to encrypting ransomwares?

  • A. Use multiple antivirus softwares
  • B. Analyze the ransomware to get decryption key of encrypted data
  • C. Keep some generation of off-line backup
  • D. Pay a ransom

正解:C


質問 # 143
Sophia is a shopping enthusiast who spends significant time searching for trendy outfits online. Clark, an attacker, noticed her activities several times and sent a fake email containing a deceptive page link to her social media page displaying all-new and trendy outfits. In excitement, Sophia clicked on the malicious link and logged in to that page using her valid credentials. Which of the following tools is employed by Clark to create the spoofed email?

  • A. PLCinject
  • B. PyLoris
  • C. Evilginx
  • D. Slowloris

正解:C


質問 # 144
Why containers are less secure that virtual machines?

  • A. Containers may full fill disk space of the host.
  • B. Containers are attached to the same virtual network.
  • C. A compromise container may cause a CPU starvation of the host.
  • D. Host OS on containers has a larger surface attack.

正解:D


質問 # 145
Bill is a network administrator. He wants to eliminate unencrypted traffic inside his company's network. He decides to setup a SPAN port and capture all traffic to the datacenter. He immediately discovers unencrypted traffic in port UDP 161. what protocol is this port using and how can he secure that traffic?

  • A. it is not necessary to perform any actions, as SNMP is not carrying important information.
  • B. SNMP and he should change it to SNMP V3
  • C. SNMP and he should change it to SNMP v2, which is encrypted
  • D. RPC and the best practice is to disable RPC completely

正解:B

解説:
We have various articles already in our documentation for setting up SNMPv2 trap handling in Opsview, but SNMPv3 traps are a whole new ballgame. They can be quite confusing and complicated to set up the first time you go through the process, but when you understand what is going on, everything should make more sense.
SNMP has gone through several revisions to improve performance and security (version 1, 2c and 3). By default, it is a UDP port based protocol where communication is based on a 'fire and forget' methodology in which network packets are sent to another device, but there is no check for receipt of that packet (versus TCP port when a network packet must be acknowledged by the other end of the communication link).
There are two modes of operation with SNMP - get requests (or polling) where one device requests information from an SNMP enabled device on a regular basis (normally using UDP port 161), and traps where the SNMP enabled device sends a message to another device when an event occurs (normally using UDP port 162). The latter includes instances such as someone logging on, the device powering up or down, or a wide variety of other problems that would need this type of investigation.
This blog covers SNMPv3 traps, as polling and version 2c traps are covered elsewhere in our documentation.
SNMP traps
Since SNMP is primarily a UDP port based system, traps may be 'lost' when sending between devices; the sending device does not wait to see if the receiver got the trap. This means if the configuration on the sending device is wrong (using the wrong receiver IP address or port) or the receiver isn't listening for traps or rejecting them out of hand due to misconfiguration, the sender will never know.
The SNMP v2c specification introduced the idea of splitting traps into two types; the original 'hope it gets there' trap and the newer 'INFORM' traps. Upon receipt of an INFORM, the receiver must send an acknowledgement back. If the sender doesn't get the acknowledgement back, then it knows there is an existing problem and can log it for sysadmins to find when they interrogate the device.


質問 # 146
Nicolas just found a vulnerability on a public-facing system that is considered a zero-day vulnerability. He sent an email to the owner of the public system describing the problem and how the owner can protect themselves from that vulnerability. He also sent an email to Microsoft informing them of the problem that their systems are exposed to. What type of hacker is Nicolas?

  • A. white hat
  • B. Gray hat
    A white hat (or a white hat hacker) is an ethical computer hacker, or a computer security expert, who focuses on penetration testing and in other testing methodologies that ensures the safety of an organization's information systems. Ethical hacking may be a term meant to imply a broader category than simply penetration testing. Contrasted with black hat, a malicious hacker, the name comes from Western films, where heroic and antagonistic cowboys might traditionally wear a white and a black hat respectively. While a white hat hacker hacks under good intentions with permission, and a black hat hacker, most frequently unauthorized, has malicious intent, there's a 3rd kind referred to as a gray hat hacker who hacks with good intentions but sometimes without permission. White hat hackers can also add teams called "sneakers and/or hacker clubs",red teams, or tiger teams. While penetration testing concentrates on attacking software and computer systems from the beginning - scanning ports, examining known defects in protocols and applications running on the system and patch installations, as an example - ethical hacking may include other things. A full-blown ethical hack might include emailing staff to invite password details, searching through executive's dustbins and typically breaking and entering, without the knowledge and consent of the targets. Only the owners, CEOs and Board Members (stake holders) who asked for such a censoring of this magnitude are aware. to undertake to duplicate a number of the destructive techniques a true attack might employ, ethical hackers may arrange for cloned test systems, or organize a hack late in the dark while systems are less critical. In most up-to-date cases these hacks perpetuate for the long-term con (days, if not weeks, of long-term human infiltration into an organization). Some examples include leaving USB/flash key drives with hidden auto-start software during a public area as if someone lost the tiny drive and an unsuspecting employee found it and took it. Some other methods of completing these include: * DoS attacks * Social engineering tactics * Reverse engineering * Network security * Disk and memory forensics * Vulnerability research * Security scanners such as: - W3af - Nessus - Burp suite * Frameworks such as: - Metasploit * Training Platforms These methods identify and exploit known security vulnerabilities and plan to evade security to realize entry into secured areas. they're ready to do that by hiding software and system 'back-doors' which will be used as a link to information or access that a non-ethical hacker, also referred to as 'black-hat' or 'grey-hat', might want to succeed in .
  • C. Red hat
  • D. Black hat

正解:A


質問 # 147
......

合格させるEC-COUNCIL 312-50v11試験最速合格にはPassTest:https://www.passtest.jp/EC-COUNCIL/312-50v11-shiken.html

312-50v11問題集で必ず試験合格させる:https://drive.google.com/open?id=1iT9IVLTCBJ6g3slZsUVjSY6SaCQBipIf