312-50v9試験無料問題集（125題）「EC-COUNCIL Certified Ethical Hacker v9 認定」

出題：1

You have successfully compromised a machine on the network and found a server that is alive on the same network. You tried to ping but you didn't get any response back.
What is happening?

A. ICMP could be disabled on the target server.

B. The ARP is disabled on the target server.

C. You need to run the ping command with root privileges.

D. TCP/IP doesn't support ICMP.

正解：D 解答を投票する

出題：2

Which of these options is the most secure procedure for strong backup tapes?

A. In a climate controlled facility offsite

B. In a cool dry environment

C. On a different floor in the same building

D. Inside the data center for faster retrieval in afireproof safe

正解：A 解答を投票する

出題：3

Jesse receives an email with an attachment labeled "Court_Notice_21206.zip". Inside the zip file is a file named "Court_Notice_21206.docx.exe" disguised as a word document.Upon execution, a windows appears stating, "This word document is corrupt." In the background, the file copies itself to Jesse APPDATA\local directory and begins to beacon to a C2 server to download additional malicious binaries. What type of malware has Jesse encountered?

A. Micro Virus

B. Trojan

C. Key-Logger

D. Worm

正解：B 解答を投票する

出題：4

You have successfully comprised a server having an IP address of 10.10.0.5. You would like to enumerate all machines in the same network quickly.
What is the best nmap command you will use?

A. Nmap -T4 -r 10.10.0.0/24

B. Nmap -T4 -q 10.10.0.0/24

C. Nmap -T4 -F 10.10.0.0/24

D. Nmap -T4 -O 10.10.0.0/24

正解：C 解答を投票する

出題：5

Which of the following is an extremelycommon IDS evasion technique in the web world?

A. post knocking

B. subnetting

C. unicode characters

D. spyware

正解：C 解答を投票する

出題：6

You've just been hired to perform a pentest on an organization that has been subjected to a large-scale attack. The CIO is concerned with mitigating threats and vulnerabilities to totally eliminate risk.
What is one of the first thing you should to when the job?

A. Start the wireshark application to start sniffing network traffic.

B. Interview all employees in the company to rule out possible insider threats.

C. Explain to the CIO that you cannot eliminate all risk, but you will be able to reduce risk to acceptable levels.

D. Establish attribution to suspected attackers.

正解：C 解答を投票する

出題：7

You have several plain-text firewall logs that you must review to evaluate network traffic.
You know that in order to do this fast and efficiently you must user regular expressions.
Which command-line utility are you most likely to use?

A. Relational Database

B. Notepad

C. Grep

D. MS Excel

正解：C 解答を投票する

出題：8

Which of the following is the BEST way to defend against network sniffing?

A. Register all machines MAC Address in a centralized Database

B. Restrict Physical Access to Server Rooms hosting Critical Servers

C. Using encryption protocols to secure network communications

D. Use Static IP Address

正解：C 解答を投票する

出題：9

A company's Web development team has become aware ofa certain type of security vulnerability in their Web software. To mitigate the possibility of this vulnerability being exploited, the team wants to modify the software requirements to disallow users from entering HTML as input into their Web application.
What kind of web application vulnerability likely exists in their software?

A. SQL injection vulnerability

B. Web site defacement vulnerability

C. Cross-site Scripting vulnerability

D. Cross-site Request Forgery vulnerability

正解：C 解答を投票する

出題：10

Which of the following tools can be used for passiveOS fingerprinting?

A. Tracert

B. ping

C. tcpdump

D. nmap

正解：D 解答を投票する

312-50v9試験無料問題集「EC-COUNCIL Certified Ethical Hacker v9 認定」