リアルEC-COUNCIL 312-50v10試験問題集には正解745問題と解答があります [Q259-Q283]

リアルEC-COUNCIL 312-50v10試験問題集には正解745問題と解答があります

有効な312-50v10テスト解答とEC-COUNCIL 312-50v10試験PDF問題を試そう

質問 259
Bob, a network administrator at BigUniversity, realized that some students are connecting their notebooks in the wired network to have Internet access. In the university campus, there are many Ethernet ports available for professors and authorized visitors but not for students.
He identified this when the IDS alerted for malware activities in the network.
What should Bob do to avoid this problem?

• A. Ask students to use the wireless network
• B. Use the 802.1x protocol
• C. Separate students in a different VLAN
• D. Disable unused ports in the switches

正解: B

 

質問 260
Emil uses nmap to scan two hosts using this command.
nmap -sS -T4 -O 192.168.99.1 192.168.99.7
He receives this output:


What is his conclusion?

• A. Host 192.168.99.1 is the host that he launched the scan from.
• B. He performed a SYN scan and OS scan on hosts 192.168.99.1 and 192.168.99.7.
• C. Host 192.168.99.7 is an iPad.
• D. Host 192.168.99.7 is down.

正解: B

 

質問 261
Your team has won a contract to infiltrate an organization. The company wants to have the attack be as
realistic as possible; therefore, they did not provide any information besides the company name. What
should be the first step in security testing the client?

• A. Escalation
• B. Reconnaissance
• C. Scanning
• D. Enumeration

正解: B

 

質問 262
While reviewing the result of scanning run against a target network you come across the following:

Which among the following can be used to get this output?

• A. A Bo2k system query.
• B. An SNMP walk
• C. nmap protocol scan
• D. A sniffer

正解: B

 

質問 263
In which phase of the ethical hacking process can Google hacking be employed? This is a technique that involves manipulating a search string with specific operators to search for vulnerabilities.
Example:
allintitle: root passwd

• A. Gaining Access
• B. Scanning and Enumeration
• C. Reconnaissance
• D. Maintaining Access

正解: C

 

質問 264
Due to a slowdown of normal network operations, IT department decided to monitor internet traffic for all of the employees. From a legal stand point, what would be troublesome to take this kind of measure?

• A. Not informing the employees that they are going to be monitored could be an invasion of privacy.
• B. The network could still experience traffic slow down.
• C. IT department would be telling employees who the boss is
• D. All of the employees would stop normal work activities

正解: A

 

質問 265
What does a firewall check to prevent particular ports and applications from getting packets into an organization?

• A. Presentation layer headers and the session layer port numbers
• B. Network layer headers and the session layer port numbers
• C. Transport layer port numbers and application layer headers
• D. Application layer port numbers and the transport layer headers

正解: C

解説:
Newer firewalls can filter traffic based on many packet attributes like source IP address, source port, destination IP address or transport layer port, destination service like WWW or FTP. They can filter based on protocols, TTL values, netblock of originator, of the source, and many other attributes.
Application layer firewalls are responsible for filtering at 3, 4, 5, 7 layer. Because they analyze the application layer headers, most firewall control and filtering is performed actually in the software.
References:
https://en.wikipedia.org/wiki/Firewall_(computing)#Network_layer_or_packet_filters
http://howdoesinternetwork.com/2012/application-layer-firewalls

 

質問 266
When analyzing the IDS logs, the system administrator noticed an alert was logged when the external
router was accessed from the administrator's Computer to update the router configuration. What type of an
alert is this?

• A. True positive
• B. True negative
• C. False negative
• D. False positive

正解: D

 

質問 267
Although FTP traffic is not encrypted by default, which layer 3 protocol would allow for end-to-end encryption of the connection?

• A. SSL
• B. IPsec
• C. FTPS
• D. SFTP

正解: B

 

質問 268
An LDAP directory can be used to store information similar to a SQL database. LDAP uses a ____
database structure instead of SQL's ______ structure. Because of this, LDAP has difficulty representing
many-to-one relationships.

• A. Hierarchical, Relational
• B. Relational, Hierarchical
• C. Strict, Abstract
• D. Simple, Complex

正解: A

 

質問 269
What is the proper response for a NULL scan if the port is closed?

• A. PSH
• B. SYN
• C. RST
• D. ACK
• E. No response
• F. FIN

正解: C

 

質問 270
Matthew, a black hat, has managed to open a meterpreter session to one of the kiosk machines in Evil Corp's lobby. He checks his current SID, which is S-1-5-21-1223352397-
1872883824-861252104-501. What needs to happen before Matthew has full administrator access?

• A. He must perform privilege escalation.
• B. He needs to disable antivirus protection.
• C. He needs to gain physical access.
• D. He already has admin privileges, as shown by the "501" at the end of the SID.

正解: A

 

質問 271
Internet Protocol Security IPSec is actually a suite of protocols. Each protocol within the suite provides
different functionality. Collective IPSec does everything except.

• A. Protect the payload and the headers
• B. Encrypt
• C. Work at the Data Link Layer
• D. Authenticate

正解: C

 

質問 272
Which type of security feature stops vehicles from crashing through the doors of a building?

• A. Receptionist
• B. Bollards
• C. Mantrap
• D. Turnstile

正解: B

解説:
Explanation/Reference:

 

質問 273
While scanning with Nmap, Patin found several hosts which have the IP ID of incremental sequences. He then decided to conduct: nmap -Pn -p -sl kiosk.adobe.com www.riaa.com kiosk.adobe.com is the host with incremental IP ID sequence. What is the purpose of using "-sl" with Nmap?

• A. Conduct silent scan
• B. Conduct ICMP scan
• C. Conduct stealth scan
• D. Conduct IDLE scan

正解: D

 

質問 274
Your team has won a contract to infiltrate an organization. The company wants to have the attack be as realistic as possible; therefore, they did not provide any information besides the company name. What should be the first step in security testing the client?

• A. Escalation
• B. Reconnaissance
• C. Scanning
• D. Enumeration

正解: B

解説:
Explanation

 

質問 275
What did the following commands determine?

• A. These commands demonstrate that the guest account has NOT been disabled
• B. That the Joe account has a SID of 500
• C. Issued alone, these commands prove nothing
• D. These commands demonstrate that the guest account has been disabled
• E. That the true administrator is Joe

正解: E

 

質問 276
Which of the following is assured by the use of a hash?

• A. Integrity
• B. Authentication
• C. Confidentially
• D. Availability

正解: A

解説:
Explanation/Reference:

 

質問 277
Which of the following is a strong post designed to stop a car?

• A. Fence
• B. Bollard
• C. Reinforced rebar
• D. Gate

正解: B

 

質問 278
You have gained physical access to a Windows 2008 R2 server which has an accessible disc drive. When you attempt to boot the server and log in, you are unable to guess the password. In your toolkit, you have an Ubuntu 9.10 Linux LiveCD. Which Linux-based tool can change any user's password or activate disabled Windows accounts?

• A. CHNTPW
• B. Cain & Abel
• C. John the Ripper
• D. SET

正解: A

 

質問 279
You are performing a penetration test. You achieved access via a buffer overflow exploit and you proceed to find interesting data, such as files with usernames and passwords. You find a hidden folder that has the administrator's bank account password and login information for the administrator's bitcoin account.
What should you do?

• A. Do not report it and continue the penetration test.
• B. Report immediately to the administrator
• C. Do not transfer the money but steal the bitcoins.
• D. Transfer money from the administrator's account to another account.

正解: B

 

質問 280
During a security audit of IT processes, an IS auditor found that there were no documented security procedures. What should the IS auditor do?

• A. Identify and evaluate existing practices
• B. Terminate the audit
• C. Create a procedures document
• D. Conduct compliance testing

正解: A

解説:
Explanation
The auditor should first evaluated existing policies and practices to identify problem areas and opportunities.

 

質問 281
Every company needs a formal written document which spells out to employees precisely what they are allowed to use the company's systems for, what is prohibited, and what will happen to them if they break the rules. Two printed copies of the policy should be given to every employee as soon as possible after they join the organization. The employee should be asked to sign one copy, which should be safely filed by the company. No one should be allowed to use the company's computer systems until they have signed the policy in acceptance of its terms.
What is this document called?

• A. Penetration Testing Policy (PTP)
• B. Company Compliance Policy (CCP)
• C. Information Audit Policy (IAP)
• D. Information Security Policy (ISP)

正解: D

 

質問 282
Which of the following tools performs comprehensive tests against web servers, including dangerous files and CGIs?

• A. Dsniff
• B. Nikto
• C. John the Ripper
• D. Snort

正解: B

解説:
Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6700 potentially dangerous files/CGIs, checks for outdated versions of over 1250 servers, and version specific problems on over 270 servers. It also checks for server configuration items such as the presence of multiple index files, HTTP server options, and will attempt to identify installed web servers and software. Scan items and plugins are frequently updated and can be automatically updated.
References: https://en.wikipedia.org/wiki/Nikto_Web_Scanner

 

質問 283
......

312-50v10試験問題と有効な312-50v10問題集でPDF：https://www.goshiken.com/EC-COUNCIL/312-50v10-mondaishu.html

EC-COUNCIL 312-50v10認定リアル2022年最新の模擬試験：https://drive.google.com/open?id=1pakg6Dv6beOCWjxCiavKCRH3vYSFoIuf