[2024年02月]更新のEC-COUNCIL 312-50v11問題集厳選された問題集でパスして、最短時間を目指そう [Q274-Q299]

Share

[2024年02月]更新のEC-COUNCIL 312-50v11問題集厳選された問題集でパスして、最短時間を目指そう

EC-COUNCIL 312-50v11試験問題集で[2024年最新] 練習 高合格率な試験問題集問題


EC-COUNCIL 312-50v11 Certified Ethical Hacker Exam(CEH v11)は、ネットワークセキュリティと倫理的ハッキングの分野での個人のスキルと知識を評価する、国際的に認知された認定試験です。試験は、コンピュータネットワークとシステムの脆弱性と弱点を特定し、倫理的なハッキング技術を使用して不正アクセスを防止し、サイバー脅威から保護する能力を試験するために設計されています。

 

質問 # 274
Jack, a professional hacker, targets an organization and performs vulnerability scanning on the target web server to identify any possible weaknesses, vulnerabilities, and misconfigurations. In this process, Jack uses an automated tool that eases his work and performs vulnerability scanning to find hosts, services, and other vulnerabilities in the target server. Which of the following tools is used by Jack to perform vulnerability scanning?

  • A. Netsparker
  • B. Infoga
  • C. WebCopier Pro
  • D. NCollector Studio

正解:A


質問 # 275
Tony is a penetration tester tasked with performing a penetration test. After gaining initial access to a target system, he finds a list of hashed passwords.
Which of the following tools would not be useful for cracking the hashed passwords?

  • A. John the Ripper
  • B. Hashcat
  • C. THC-Hydra
  • D. netcat

正解:A


質問 # 276
What is the common name for a vulnerability disclosure program opened by companies In platforms such as HackerOne?

  • A. Bug bounty program
  • B. White-hat hacking program
  • C. Vulnerability hunting program
  • D. Ethical hacking program

正解:A

解説:
Bug bounty programs allow independent security researchers to report bugs to an companies and receive rewards or compensation. These bugs area unit sometimes security exploits and vulnerabilities, although they will additionally embody method problems, hardware flaws, and so on.
The reports area unit usually created through a program travel by associate degree freelance third party (like Bugcrowd or HackerOne). The companies can got wind of (and run) a program curated to the organization's wants.
Programs is also non-public (invite-only) wherever reports area unit unbroken confidential to the organization or public (where anyone will sign in and join). they will happen over a collection timeframe or with without stopping date (though the second possibility is a lot of common).
Who uses bug bounty programs?
Many major organizations use bug bounties as an area of their security program, together with AOL, Android, Apple, Digital Ocean, and goldman Sachs. you'll read an inventory of all the programs offered by major bug bounty suppliers, Bugcrowd and HackerOne, at these links.
Why do corporations use bug bounty programs?
Bug bounty programs provide corporations the flexibility to harness an outsized cluster of hackers so as to seek out bugs in their code.
This gives them access to a bigger variety of hackers or testers than they'd be able to access on a one-on-one basis. It {can also|also will|can even|may also|may} increase the probabilities that bugs area unit found and reported to them before malicious hackers can exploit them.
It may also be an honest publicity alternative for a firm. As bug bounties became a lot of common, having a bug bounty program will signal to the general public and even regulators that a corporation incorporates a mature security program.
This trend is likely to continue, as some have began to see bug bounty programs as an business normal that all companies ought to invest in.
Why do researchers and hackers participate in bug bounty programs?
Finding and news bugs via a bug bounty program may end up in each money bonuses and recognition. In some cases, it will be a good thanks to show real-world expertise once you are looking for employment, or will even facilitate introduce you to parents on the protection team within an companies.
This can be full time income for a few of us, income to supplement employment, or the way to point out off your skills and find a full time job.
It may also be fun! it is a nice (legal) probability to check out your skills against huge companies and government agencies.
What area unit the disadvantages of a bug bounty program for independent researchers and hackers?
A lot of hackers participate in these varieties of programs, and it will be tough to form a major quantity of cash on the platform.
In order to say the reward, the hacker has to be the primary person to submit the bug to the program. meaning that in apply, you may pay weeks searching for a bug to use, solely to be the person to report it and build no cash.
Roughly ninety seven of participants on major bug bounty platforms haven't sold-out a bug.
In fact, a 2019 report from HackerOne confirmed that out of quite three hundred,000 registered users, solely around two.5% received a bounty in their time on the platform.
Essentially, most hackers are not creating a lot of cash on these platforms, and really few square measure creating enough to switch a full time wage (plus they do not have advantages like vacation days, insurance, and retirement planning).
What square measure the disadvantages of bug bounty programs for organizations?
These programs square measure solely helpful if the program ends up in the companies realizeing issues that they weren't able to find themselves (and if they'll fix those problems)!
If the companies is not mature enough to be able to quickly rectify known problems, a bug bounty program is not the right alternative for his or her companies.
Also, any bug bounty program is probably going to draw in an outsized range of submissions, several of which can not be high-quality submissions. a corporation must be ready to cope with the exaggerated volume of alerts, and also the risk of a coffee signal to noise magnitude relation (essentially that it's probably that they're going to receive quite few unhelpful reports for each useful report).
Additionally, if the program does not attract enough participants (or participants with the incorrect talent set, and so participants are not able to establish any bugs), the program is not useful for the companies.
The overwhelming majority of bug bounty participants consider web site vulnerabilities (72%, per HackerOn), whereas solely a number of (3.5%) value more highly to seek for package vulnerabilities.
This is probably because of the actual fact that hacking in operation systems (like network hardware and memory) needs a big quantity of extremely specialised experience. this implies that firms may even see vital come on investment for bug bounties on websites, and not for alternative applications, notably those that need specialised experience.
This conjointly implies that organizations which require to look at AN application or web site among a selected time-frame may not need to rely on a bug bounty as there is no guarantee of once or if they receive reports.
Finally, it are often probably risky to permit freelance researchers to try to penetrate your network. this could end in public speech act of bugs, inflicting name harm within the limelight (which could end in individuals not eager to purchase the organizations' product or service), or speech act of bugs to additional malicious third parties, United Nations agency may use this data to focus on the organization.


質問 # 277
Which of the following Metasploit post-exploitation modules can be used to escalate privileges on Windows systems?

  • A. getuid
  • B. keylogrecorder
  • C. autoroute
  • D. getsystem

正解:D


質問 # 278
The network administrator at Spears Technology, Inc has configured the default gateway Cisco router's access-list as below:
You are hired to conduct security testing on their network.
You successfully brute-force the SNMP community string using a SNMP crack tool.
The access-list configured at the router prevents you from establishing a successful connection.
You want to retrieve the Cisco configuration from the router. How would you proceed?

  • A. Send a customized SNMP set request with a spoofed source IP address in the range -192.168.1.0
  • B. Use the Cisco's TFTP default password to connect and download the configuration file
  • C. Run a network sniffer and capture the returned traffic with the configuration file from the router
  • D. Run Generic Routing Encapsulation (GRE) tunneling protocol from your computer to the router masking your IP address

正解:A、C


質問 # 279
What is the role of test automation in security testing?

  • A. It is an option but it tends to be very expensive.
  • B. Test automation is not usable in security due to the complexity of the tests.
  • C. It can accelerate benchmark tests and repeat them with a consistent test setup. But it cannot replace manual testing completely.
  • D. It should be used exclusively. Manual testing is outdated because of low speed and possible test setup inconsistencies.

正解:C


質問 # 280
John is investigating web-application firewall logs and observers that someone is attempting to inject the following:
char buff[10];
buff[>o] - 'a':
What type of attack is this?

  • A. XSS
  • B. SQL injection
  • C. CSRF
  • D. Buffer overflow

正解:D

解説:
Explanation
Buffer overflow this attack is an anomaly that happens when software writing data to a buffer overflows the buffer's capacity, leading to adjacent memory locations being overwritten. In other words, an excessive amount of information is being passed into a container that doesn't have enough space, which information finishes up replacing data in adjacent containers.Buffer overflows are often exploited by attackers with a goal of modifying a computer's memory so as to undermine or take hold of program execution.

What's a buffer?A buffer, or data buffer, is a neighborhood of physical memory storage wont to temporarily store data while it's being moved from one place to a different . These buffers typically sleep in RAM memory. Computers frequently use buffers to assist improve performance; latest hard drives cash in of buffering to efficiently access data, and lots of online services also use buffers. for instance , buffers are frequently utilized in online video streaming to stop interruption. When a video is streamed, the video player downloads and stores perhaps 20% of the video at a time during a buffer then streams from that buffer. This way, minor drops in connection speed or quick service disruptions won't affect the video stream performance.Buffers are designed to contain specific amounts of knowledge . Unless the program utilizing the buffer has built-in instructions to discard data when an excessive amount of is shipped to the buffer, the program will overwrite data in memory adjacent to the buffer.Buffer overflows are often exploited by attackers to corrupt software. Despite being well-understood, buffer overflow attacks are still a serious security problem that torment cyber-security teams. In 2014 a threat referred to as 'heartbleed' exposed many many users to attack due to a buffer overflow vulnerability in SSL software.
How do attackers exploit buffer overflows?An attacker can deliberately feed a carefully crafted input into a program which will cause the program to undertake and store that input during a buffer that isn't large enough, overwriting portions of memory connected to the buffer space. If the memory layout of the program is well-defined, the attacker can deliberately overwrite areas known to contain executable code. The attacker can then replace this code together with his own executable code, which may drastically change how the program is meant to figure .For example if the overwritten part in memory contains a pointer (an object that points to a different place in memory) the attacker's code could replace that code with another pointer that points to an exploit payload. this will transfer control of the entire program over to theattacker's code.


質問 # 281
In this attack, a victim receives an e-mail claiming from PayPal stating that their account has been disabled and confirmation is required before activation. The attackers then scam to collect not one but two credit card numbers, ATM PIN number and other personal details. Ignorant users usually fall prey to this scam.
Which of the following statement is incorrect related to this attack?

  • A. Review credit card and bank account statements regularly
  • B. Do not trust telephone numbers in e-mails or popup ads
  • C. Antivirus, anti-spyware, and firewall software can very easily detect these type of attacks
  • D. Do not reply to email messages or popup ads asking for personal or financial information
  • E. Do not send credit card numbers, and personal or financial information via e-mail

正解:C


質問 # 282
Which of the following is a passive wireless packet analyzer that works on Linux-based systems?

  • A. tshark
  • B. OpenVAS
  • C. Burp Suite
  • D. Kismet

正解:A


質問 # 283
What does the -oX flag do in an Nmap scan?

  • A. Output the results in truncated format to the screen
  • B. Output the results in XML format to a file
  • C. Perform an eXpress scan
  • D. Perform an Xmas scan

正解:B


質問 # 284
Jack, a disgruntled ex-employee of Incalsol Ltd., decided to inject fileless malware into Incalsol's systems. To deliver the malware, he used the current employees' email IDs to send fraudulent emails embedded with malicious links that seem to be legitimate. When a victim employee clicks on the link, they are directed to a fraudulent website that automatically loads Flash and triggers the exploit. What is the technique used byjack to launch the fileless malware on the target systems?

  • A. Legitimate applications
  • B. Phishing
  • C. Script-based injection
  • D. In-memory exploits

正解:B


質問 # 285
What piece of hardware on a computer's motherboard generates encryption keys and only releases a part of the key so that decrypting a disk on a new piece of hardware is not possible?

  • A. GPU
  • B. TPM
  • C. UEFI
  • D. CPU

正解:B

解説:
Explanation
The TPM is a chip that's part of your - if you bought an off-the-shelf PC, it's soldered onto the motherboard. If you built your own , you can buy one as an add-on module if your motherboard supports it. The , keeping part of the key to itself


質問 # 286
Which Intrusion Detection System is best applicable for large environments where critical assets on the network need extra scrutiny and is ideal for observing sensitive network segments?

  • A. Network-based intrusion detection system (NIDS)
  • B. Firewalls
  • C. Host-based intrusion detection system (HIDS)
  • D. Honeypots

正解:A


質問 # 287
Robert, a professional hacker, is attempting to execute a fault injection attack on a target IoT device. In this process, he injects faults into the power supply that can be used for remote execution, also causing the skipping of key instructions. He also injects faults into the clock network used for delivering a synchronized signal across the chip.
Which of the following types of fault injection attack is performed by Robert in the above scenario?

  • A. Optical, electromagnetic fault injection (EMFI)
  • B. Frequency/voltage tampering
  • C. Temperature attack
  • D. Power/clock/reset glitching

正解:D

解説:
These types of attacks occur when faults or glitches are INJECTED into the Power supply that can be used for remote execution.


質問 # 288
Jason, an attacker, targeted an organization to perform an attack on its Internet-facing web server with the intention of gaining access to backend servers, which are protected by a firewall. In this process, he used a URL https://xyz.com/feed.php?url:externaIsile.com/feed/to to obtain a remote feed and altered the URL input to the local host to view all the local resources on the target server. What is the type of attack Jason performed In the above scenario?

  • A. Web server misconfiguration
  • B. web cache poisoning attack
  • C. Server-side request forgery (SSRF) attack
  • D. website defacement

正解:C

解説:
Explanation
Server-side request forgery (also called SSRF) is a net security vulnerability that allows an assaulter to induce the server-side application to make http requests to associate arbitrary domain of the attacker's choosing.
In typical SSRF examples, the attacker might cause the server to make a connection back to itself, or to other web-based services among the organization's infrastructure, or to external third-party systems.
Another type of trust relationship that often arises with server-side request forgery is where the application server is able to interact with different back-end systems that aren't directly reachable by users. These systems typically have non-routable private informatics addresses. Since the back-end systems normally ordinarily protected by the topology, they typically have a weaker security posture. In several cases, internal back-end systems contain sensitive functionality that may be accessed while not authentication by anyone who is able to act with the systems.
In the preceding example, suppose there's an body interface at the back-end url https://192.168.0.68/admin.
Here, an attacker will exploit the SSRF vulnerability to access the executive interface by submitting the following request:
POST /product/stock HTTP/1.0
Content-Type: application/x-www-form-urlencoded
Content-Length: 118
stockApi=http://192.168.0.68/admin


質問 # 289
While using your bank's online servicing you notice the following string in the URL bar:
"http://www.MyPersonalBank.com/account?id=368940911028389&Damount=10980&Camount=21" You observe that if you modify the Damount & Camount values and submit the request, that data on the web page reflect the changes.
Which type of vulnerability is present on this site?

  • A. Cookie Tampering
  • B. Web Parameter Tampering
  • C. SQL Injection
  • D. XSS Reflection

正解:B


質問 # 290
Heather's company has decided to use a new customer relationship management tool. After performing the appropriate research, they decided to purchase a subscription to a cloud-hosted solution. The only administrative task that Heather will need to perform is the management of user accounts. The provider will take care of the hardware, operating system, and software administration including patching and monitoring. Which of the following is this type of solution?

  • A. PasS
  • B. CaaS
  • C. IaaS
  • D. SaaS

正解:D

解説:
Software as a service (SaaS) allows users to attach to and use cloud-based apps over the web. Common examples ar email, calendaring and workplace tool (such as Microsoft workplace 365).
SaaS provides a whole software solution that you get on a pay-as-you-go basis from a cloud service provider. You rent the use of an app for your organisation and your users connect with it over the web, typically with an internet browser. All of the underlying infrastructure, middleware, app software system and app knowledge ar located within the service provider's knowledge center. The service provider manages the hardware and software system and with the appropriate service agreement, can make sure the availability and also the security of the app and your data as well. SaaS allows your organisation to induce quickly up and running with an app at token upfront cost.
Common SaaS scenarios
This tool having used a web-based email service like Outlook, Hotmail or Yahoo! Mail, then you have got already used a form of SaaS. With these services, you log into your account over the web, typically from an internet browser. the e-mail software system is found on the service provider's network and your messages ar hold on there moreover. you can access your email and hold on messages from an internet browser on any laptop or Internet-connected device.
The previous examples are free services for personal use. For organisational use, you can rent productivity apps, like email, collaboration and calendaring; and sophisticated business applications like client relationship management (CRM), enterprise resource coming up with (ERP) and document management. You buy the use of those apps by subscription or per the level of use.
Advantages of SaaS
Gain access to stylish applications. to supply SaaS apps to users, you don't ought to purchase, install, update or maintain any hardware, middleware or software system. SaaS makes even sophisticated enterprise applications, like ERP and CRM, affordable for organisations that lack the resources to shop for, deploy and manage the specified infrastructure and software system themselves.
Pay just for what you utilize. you furthermore may economize because the SaaS service automatically scales up and down per the level of usage.
Use free shopper software system. Users will run most SaaS apps directly from their web browser without needing to transfer and install any software system, though some apps need plugins. this suggests that you simply don't ought to purchase and install special software system for your users.
Mobilise your hands simply. SaaS makes it simple to "mobilise" your hands as a result of users will access SaaS apps and knowledge from any Internet-connected laptop or mobile device. You don't ought to worry concerning developing apps to run on differing types of computers and devices as a result of the service supplier has already done therefore. additionally, you don't ought to bring special experience aboard to manage the safety problems inherent in mobile computing. A fastidiously chosen service supplier can make sure the security of your knowledge, no matter the sort of device intense it.
Access app knowledge from anyplace. With knowledge hold on within the cloud, users will access their info from any Internet-connected laptop or mobile device. And once app knowledge is hold on within the cloud, no knowledge is lost if a user's laptop or device fails.


質問 # 291
Lewis, a professional hacker, targeted the loT cameras and devices used by a target venture-capital firm. He used an information-gathering tool to collect information about the loT devices connected to a network, open ports and services, and the attack surface are a. Using this tool, he also generated statistical reports on broad usage patterns and trends. This tool helped Lewis continually monitor every reachable server and device on the Internet, further allowing him to exploit these devices in the network. Which of the following tools was employed by Lewis in the above scenario?

  • A. Censys
  • B. NeuVector
  • C. Lacework
  • D. Wapiti

正解:A

解説:
Censys scans help the scientific community accurately study the Internet. The data is sometimes used to detect security problems and to inform operators of vulnerable systems so that they can fixed


質問 # 292
Peter extracts the SIDs list from Windows 2000 Server machine using the hacking tool "SIDExtractor". Here is the output of the SIDs:

From the above list identify the user account with System Administrator privileges.

  • A. John
  • B. Micah
  • C. Sheela
  • D. Rebecca
  • E. Somia
  • F. Chang
  • G. Shawn

正解:F


質問 # 293
Which of the following programming languages is most susceptible to buffer overflow attacks, due to its lack of a built-in bounds checking mechanism?
Code:
#include <string.h> int main(){char buffer[8];
strcpy(buffer, ""11111111111111111111111111111"");} Output: Segmentation fault

  • A. C++
  • B. C#
  • C. Java
  • D. Python

正解:A


質問 # 294
Jake, a professional hacker, installed spyware on a target iPhone to spy on the target user's activities. He can take complete control of the target mobile device by jailbreaking the device remotely and record audio, capture screenshots, and monitor all phone calls and SMS messages. What is the type of spyware that Jake used to infect the target device?

  • A. Trident
  • B. Zscaler
  • C. Androrat
  • D. DroidSheep

正解:C


質問 # 295
The establishment of a TCP connection involves a negotiation called three-way handshake. What type of message does the client send to the server in order to begin this negotiation?

  • A. SYN
  • B. RST
  • C. SYN-ACK
  • D. ACK

正解:A


質問 # 296
Gerard, a disgruntled ex-employee of Sunglass IT Solutions, targets this organization to perform sophisticated attacks and bring down its reputation in the market. To launch the attacks process, he performed DNS footprinting to gather information about ONS servers and to identify the hosts connected in the target network.
He used an automated tool that can retrieve information about DNS zone data including DNS domain names, computer names. IP addresses. DNS records, and network Who is records. He further exploited this information to launch other sophisticated attacks. What is the tool employed by Gerard in the above scenario?

  • A. Knative
  • B. Towelroot
  • C. Bluto
  • D. zANTI

正解:C


質問 # 297
Fingerprinting an Operating System helps a cracker because:

  • A. It opens a security-delayed window based on the port being scanned
  • B. It doesn't depend on the patches that have been applied to fix existing security holes
  • C. It informs the cracker of which vulnerabilities he may be able to exploit on your system
  • D. It defines exactly what software you have installed

正解:C


質問 # 298
Harper, a software engineer, is developing an email application. To ensure the confidentiality of email messages. Harper uses a symmetric-key block cipher having a classical 12- or 16-round Feistel network with a block size of 64 bits for encryption, which includes large 8 x 32-bit S-boxes (S1, S2, S3, S4) based on bent functions, modular addition and subtraction, key-dependent rotation, and XOR operations. This cipher also uses a masking key(Km1)and a rotation key (Kr1) for performing its functions. What is the algorithm employed by Harper to secure the email messages?

  • A. CAST-128
  • B. AES
  • C. DES
  • D. GOST block cipher

正解:D


質問 # 299
......

312-50v11試験問題集でPDF合格保証 成功は正確かつ更新された問題:https://www.passtest.jp/EC-COUNCIL/312-50v11-shiken.html

312-50v11問題集-[最新2024]EC-COUNCIL試験問題集を掴み取れ:https://drive.google.com/open?id=1iT9IVLTCBJ6g3slZsUVjSY6SaCQBipIf