EC0-350試験無料問題集（878題）「EC-COUNCIL Ethical hacking and countermeasures 認定」

出題：1

In the context of Windows Security, what is a 'null' user?

A. An account that has been suspended by the admin

B. A pseudo account that was created for security administration purpose

C. A pseudo account that has no username and password

D. A user that has no skills

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：2

Hayden is the network security administrator for her company, a large finance firm based in Miami. Hayden just returned from a security conference in Las Vegas where they talked about all kinds of old and new security threats; many of which she did not know of. Hayden is worried about the current security state of her company's network so she decides to start scanning the network from an external IP address. To see how some of the hosts on her network react, she sends out SYN packets to an IP range. A number of IPs responds with a SYN/ACK response. Before the connection is established she sends RST packets to those hosts to stop the session. She does this to see how her intrusion detection system will log the traffic. What type of scan is Hayden attempting here?

A. She is utilizing a SYN scan to find live hosts that are listening on her network

B. The type of scan, she is using is called a NULL scan

C. Hayden is using a half-open scan to find live hosts on her network

D. Hayden is attempting to find live hosts on her company's network by using an XMAS scan

正解：C 解答を投票する

出題：3

Bob reads an article about how insecure wireless networks can be. He gets approval from his management to implement a policy of not allowing any wireless devices on the network. What other steps does Bob have to take in order to successfully implement this? (Select 2 answer.)

A. Continuously survey the area for wireless devices.

B. Disable all wireless protocols at the firewall.

C. Train users in the new policy.

D. Disable SNMP on the network so that wireless devices cannot be configured.

正解：A,C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：4

Why would an ethical hacker use the technique of firewalking?

A. It is a technique used to discover wireless network on foot.

B. It is a technique used to discover the nature of rules configured on a gateway.

C. It is a technique used to map routers on a network link.

D. It is a technique used to discover interfaces in promiscuous mode.

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：5

A company has hired a security administrator to maintain and administer Linux and Windows-based systems. Written in the nightly report file is the followinG.
Firewall log files are at the expected value of 4 MB. The current time is 12am. Exactly two hours later the size has decreased considerably. Another hour goes by and the log files have shrunk in size again.
Which of the following actions should the security administrator take?

A. Run an anti-virus scan because it is likely the system is infected by malware.

B. Log the event as suspicious activity and report this behavior to the incident response team immediately.

C. Log the event as suspicious activity, call a manager, and report this as soon as possible.

D. Log the event as suspicious activity, continue to investigate, and act according to the site's security policy.

正解：D 解答を投票する

出題：6

An engineer is learning to write exploits in C++ and is using the exploit tool Backtrack. The engineer wants to compile the newest C++ exploit and name it calc.exe. Which command would the engineer use to accomplish this?

A. g++ hackersExploit.py -o calc.exe

B. g++ -i hackersExploit.pl -o calc.exe

C. g++ hackersExploit.cpp -o calc.exe

D. g++ --compile -i hackersExploit.cpp -o calc.exe

正解：C 解答を投票する

出題：7

Which of the following activities will NOT be considered as passive footprinting?

A. Search on financial site such as Yahoo Financial to identify assets.

B. Perform multiples queries using a search engine.

C. Go through the rubbish to find out any information that might have been discarded.

D. Scan the range of IP address found in the target DNS database.

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：8

John has scanned the web server with NMAP. However, he could not gather enough information to help him identify the operating system running on the remote host accurately.
What would you suggest to John to help identify the OS that is being used on the remote web server?

A. Connect to the web server with an FTP client.

B. Connect to the web server with a browser and look at the web page.

C. Telnet to port 8080 on the web server and look at the default page code.

D. Telnet to an open port and grab the banner.

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：9

One advantage of an application-level firewall is the ability to

A. retain state information for each packet.

B. monitor tcp handshaking.

C. filter specific commands, such as http:post.

D. filter packets at the network level.

正解：C 解答を投票する

出題：10

You work as security technician at XYZ.com. While doing web application testing, you might be required to look through multiple web pages online which can take a long time. Which of the processes listed below would be a more efficient way of doing this type of validation?

A. Use get* to download all pages locally for further inspection.

B. Use mget to download all pages locally for further inspection.

C. Use get() to download all pages locally for further inspection.

D. Use wget to download all pages locally for further inspection.

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：11

In order to show improvement of security over time, what must be developed?

A. Metrics

B. Testing tools

C. Reports

D. Taxonomy of vulnerabilities

正解：A 解答を投票する

出題：12

A file integrity program such as Tripwire protects against Trojan horse attacks by:

A. Helping you catch unexpected changes to a system utility file that might indicate it had been replaced by a Trojan horse

B. Using programming hooks to inform the kernel of Trojan horse behavior

C. Rejecting packets generated by Trojan horse programs

D. Automatically deleting Trojan horse programs

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：13

Peter, a Network Administrator, has come to you looking for advice on a tool that would help him perform SNMP enquires over the network. Which of these tools would do the SNMP enumeration he is looking for?
Select the best answers.

A. NMap

B. Solarwinds IP Network Browser

C. SNMPScan

D. SNScan

E. SNMPUtil

正解：B,D,E 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：14

Jess the hacker runs L0phtCrack's built-in sniffer utility that grabs SMB password hashes and stores them for offline cracking. Once cracked, these passwords can provide easy access to whatever network resources the user account has access to. But Jess is not picking up hashes from the network. Why?

A. The network protocol is configured to use IPSEC

B. L0phtCrack SMB sniffing only works through Switches and not Hubs

C. The physical network wire is on fibre optic cable

D. The network protocol is configured to use SMB Signing

正解：D 解答を投票する

EC0-350試験無料問題集「EC-COUNCIL Ethical hacking and countermeasures 認定」