최신 312-50v10 무료덤프 - EC-COUNCIL Certified Ethical Hacker Exam (CEH v10)
A certified ethical hacker (CEH) completed a penetration test of the main headquarters of a company almost two months ago, but has yet to get paid. The customer is suffering from financial problems, and the CEH is worried that the company will go out of business and end up not paying. What actions should the CEH take?
정답: A
It is a short-range wireless communication technology intended to replace the cables connecting portable of fixed devices while maintaining high levels of security. It allows mobile phones, computers and other devices to connect and communicate using a short-range wireless connection.
Which of the following terms best matches the definition?
Which of the following terms best matches the definition?
정답: B
설명: (DumpTOP 회원만 볼 수 있음)
A big company, who wanted to test their security infrastructure, wants to hire elite pen testers like you. During the interview, they asked you to show sample reports from previous penetration tests. What should you do?
정답: B
What is the term coined for logging, recording and resolving events in a company?
정답: B
You have compromised a server on a network and successfully opened a shell. You aimed to identify all operating systems running on the network. However, as you attempt to fingerprint all machines in the network using the nmap syntax below, it is not going through.
What seems to be wrong?
What seems to be wrong?
정답: D
설명: (DumpTOP 회원만 볼 수 있음)
Which of the following tools can be used for passive OS fingerprinting?
정답: A
설명: (DumpTOP 회원만 볼 수 있음)
Your business has decided to add credit card numbers to the data it backs up to tape. Which of the following represents the best practice your business should observe?
정답: C
Sandra has been actively scanning the client network on which she is doing a vulnerability assessment test.
While conducting a port scan she notices open ports in the range of 135 to 139.
What protocol is most likely to be listening on those ports?
While conducting a port scan she notices open ports in the range of 135 to 139.
What protocol is most likely to be listening on those ports?
정답: D
DHCP snooping is a great solution to prevent rogue DHCP servers on your network. Which security feature on switches leverages the DHCP snooping database to help prevent man-in-the-middle attacks?
정답: B
What are the three types of compliance that the Open Source Security Testing Methodology Manual (OSSTMM) recognizes?
정답: B
Which utility will tell you in real time which ports are listening or in another state?
정답: A
Bob, your senior colleague, has sent you a mail regarding a deal with one of the clients. You are requested to accept the offer and you oblige. After 2 days. Bob denies that he had ever sent a mail. What do you want to
""know"" to prove yourself that it was Bob who had send a mail?
""know"" to prove yourself that it was Bob who had send a mail?
정답: C
A possibly malicious sequence of packets that were sent to a web server has been captured by an Intrusion Detection System (IDS) and was saved to a PCAP file. As a network administrator, you need to determine whether this packets are indeed malicious. What tool are you going to use?
정답: D
A large company intends to use Blackberry for corporate mobile phones and a security analyst is assigned to evaluate the possible threats. The analyst will use the Blackjacking attack method to demonstrate how an attacker could circumvent perimeter defenses and gain access to the corporate network. What tool should the analyst use to perform a Blackjacking attack?
정답: B
설명: (DumpTOP 회원만 볼 수 있음)
If executives are found liable for not properly protecting their company's assets and information systems, what type of law would apply in this situation?
정답: B
Insecure direct object reference is a type of vulnerability where the application does not verify if the user is authorized to access the internal object via its name or key.
Suppose a malicious user Rob tries to get access to the account of a benign user Ned.
Which of the following requests best illustrates an attempt to exploit an insecure direct object reference vulnerability?
Suppose a malicious user Rob tries to get access to the account of a benign user Ned.
Which of the following requests best illustrates an attempt to exploit an insecure direct object reference vulnerability?
정답: D
Bob is going to perform an active session hijack against Brownies Inc. He has found a target that allows session oriented connections (Telnet) and performs the sequence prediction on the target operating system. He manages to find an active session due to the high level of traffic on the network. What is Bob supposed to do next?
정답: B
An NMAP scan of a server shows port 69 is open. What risk could this pose?
정답: B