EC0-350試験無料問題集（878題）「EC-COUNCIL Ethical hacking and countermeasures 認定」

出題：1

Within the context of Computer Security, which of the following statements describes Social Engineering best?

A. Social Engineering is a training program within sociology studies

B. Social Engineering is the act of getting needed information from a person rather than breaking into a system

C. Social Engineering is the act of publicly disclosing information

D. Social Engineering is the means put in place by human resource to perform time accounting

正解：B 解答を投票する

出題：2

When using Wireshark to acquire packet capture on a network, which device would enable the capture of all traffic on the wire?

A. Network tap

B. Application firewall

C. Network bridge

D. Layer 3 switch

正解：A 解答を投票する

出題：3

Who is an Ethical Hacker?

A. A person who hacks for an ethical cause

B. A person who hacks for defensive purposes

C. A person who hacks for offensive purposes

D. A person who hacks for ethical reasons

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：4

An attacker sniffs encrypted traffic from the network and is subsequently able to decrypt it. The attacker can now use which cryptanalytic technique to attempt to discover the encryption key?

A. Meet in the middle attack

B. Birthday attack

C. Chosen ciphertext attack

D. Plaintext attack

正解：C 解答を投票する

出題：5

Which element of Public Key Infrastructure (PKI) verifies the applicant?

A. Validation authority

B. Registration authority

C. Certificate authority

D. Verification authority

正解：B 解答を投票する

出題：6

StackGuard (as used by Immunix), ssp/ProPolice (as used by OpenBSD), and Microsoft's /GS option use _____ defense against buffer overflow attacks.

A. Canary

B. Hex editing

C. Non-executing stack

D. Format checking

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：7

If you come across a sheepdip machine at your client's site, what should you do?

A. A sheepdip computer is another name for a honeypot

B. A sheepdip computers defers a denial of service attack.

C. A sheepdip coordinates several honeypots.

D. A sheepdip computer is used only for virus-checking.

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：8

In this attack, a victim receives an e-mail claiming from PayPal stating that their account has been disabled and confirmation is required before activation. The attackers then scam to collect not one but two credit card numbers, ATM PIN number and other personal details.

Ignorant users usually fall prey to this scam. Which of the following statement is incorrect related to this attack?

A. Do not trust telephone numbers in e-mails or popup ads

B. Do not send credit card numbers, and personal or financial information via e-mail

C. Review credit card and bank account statements regularly

D. Antivirus, anti-spyware, and firewall software can very easily detect these type of attacks

E. Do not reply to email messages or popup ads asking for personal or financial information

正解：D 解答を投票する

出題：9

You may be able to identify the IP addresses and machine names for the firewall, and the names of internal mail servers by:

A. Examining the SMTP header information generated by using the -mx command parameter of DIG

B. Sending a mail message to a valid address on the target network, and examining the header information generated by the IMAP servers

C. Examining the SMTP header information generated in response to an e-mail message sent to an invalid address

D. Sending a mail message to an invalid address on the target network, and examining the header information generated by the POP servers

正解：C 解答を投票する

出題：10

What is Cygwin?

A. Cygwin is a free Unix subsystem that runs on top of Windows

B. Cygwin is a X Windows GUI subsytem that runs on top of Linux GNOME environment

C. Cygwin is a free C++ compiler that runs on Windows

D. Cygwin is a free Windows subsystem that runs on top of Linux

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：11

On wireless networks, SSID is used to identify the network. Why are SSID not considered to be a good security mechanism to protect a wireless networks?

A. The SSID is only 32 bits in length.

B. The SSID is transmitted in clear text.

C. The SSID is the same as the MAC address for all vendors.

D. The SSID is to identify a station, not a network.

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：12

In order to attack a wireless network, you put up an access point and override the signal of the real access point. As users send authentication data, you are able to capture it. What kind of attack is this?

A. WEP attack

B. Rouge access point attack

C. War Chalking

D. Unauthorized access point attack

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：13

What are the main drawbacks for anti-virus software?

A. AV software is very machine (hardware) dependent.

B. AV software can detect viruses but can take no action.

C. AV software is difficult to keep up to the current revisions.

D. AV software is signature driven so new exploits are not detected.

E. AV software isn't available on all major operating systems platforms.

F. It's relatively easy for an attacker to change the anatomy of an attack to bypass AV systems

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：14

Study the snort rule given below and interpret the rule.
alert tcp any any --> 192.168.1.0/24 111 (content:"|00 01 86 a5|"; msG. "mountd access";)

A. An alert is generated when a TCP packet originating from any IP address is seen on the network and destined for any IP address on the 192.168.1.0 subnet on port 111

B. An alert is generated when a TCP packet is originated from port 111 of any IP address to the 192.168.1.0 subnet

C. An alert is generated when a TCP packet is generated from any IP on the 192.168.1.0 subnet and destined to any IP on port 111

D. An alert is generated when any packet other than a TCP packet is seen on the network and destined for the 192.168.1.0 subnet

正解：A 解答を投票する

出題：15

Which of the following lists are valid data-gathering activities associated with a risk assessment?

A. Attack profile, defense profile, loss profile

B. Threat identification, vulnerability identification, control analysis

C. System profile, vulnerability identification, security determination

D. Threat identification, response identification, mitigation identification

正解：B 解答を投票する

出題：16

An organization hires a tester to do a wireless penetration test. Previous reports indicate that the last test did not contain management or control packets in the submitted traces. Which of the following is the most likely reason for lack of management or control packets?

A. The wireless card was not turned on.

B. On Linux and Mac OS X, only 802.11 headers are received in promiscuous mode.

C. Certain operating systems and adapters do not collect the management or control packets.

D. The wrong network card drivers were in use by Wireshark.

正解：C 解答を投票する

出題：17

A company has five different subnets: 192.168.1.0, 192.168.2.0, 192.168.3.0, 192.168.4.0 and 192.168.5.0. How can NMAP be used to scan these adjacent Class C networks?

A. NMAP -P 192.168.0.0/16

B. NMAP -P 192.168.1.0, 2.0, 3.0, 4.0, 5.0

C. NMAP -P 192.168.1-5.

D. NMAP -P 192.168.1/17

正解：C 解答を投票する

EC0-350試験無料問題集「EC-COUNCIL Ethical hacking and countermeasures 認定」