최신 312-50v13 무료덤프 - ECCouncil Certified Ethical Hacker Exam (CEHv13)

문제1

Bob, your senior colleague, has sent you a mail regarding a deal with one of the clients. You are requested to accept the offer and you oblige. After 2 days. Bob denies that he had ever sent a mail. What do you want to
""know"" to prove yourself that it was Bob who had send a mail?

A. Authentication

B. Integrity

C. Non-Repudiation

D. Confidentiality

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제2

Which of the following web vulnerabilities would an attacker be attempting to exploit if they delivered the following input?
<!DOCTYPE blah [ < IENTITY trustme SYSTEM "file:///etc/passwd" > ] >

A. XXE

B. SQLi

C. XXS

D. IDOR

정답: A

문제3

What type of virus is most likely to remain undetected by antivirus software?

A. Cavity virus

B. Macro virus

C. Stealth virus

D. File-extension virus

정답: C

문제4

These hackers have limited or no training and know how to use only basic techniques or tools.
What kind of hackers are we talking about?

A. White-Hat Hackers

B. Gray-Hat Hacker

C. Script Kiddies

D. Black-Hat Hackers A

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제5

What is one of the advantages of using both symmetric and asymmetric cryptography in SSL/TLS?

A. Symmetric encryption allows the server to security transmit the session keys out-of-band.

B. Supporting both types of algorithms allows less-powerful devices such as mobile phones to use symmetric encryption instead.

C. Asymmetric cryptography is computationally expensive in comparison. However, it is well-suited to securely negotiate keys for use with symmetric cryptography.

D. Symmetric algorithms such as AES provide a failsafe when asymmetric methods fail.

정답: B

문제6

What is the role of test automation in security testing?

A. It can accelerate benchmark tests and repeat them with a consistent test setup. But it cannot replace manual testing completely.

B. Test automation is not usable in security due to the complexity of the tests.

C. It is an option but it tends to be very expensive.

D. It should be used exclusively. Manual testing is outdated because of low speed and possible test setup inconsistencies.

정답: A

문제7

Which of the following tools are used for enumeration? (Choose three.)

A. SolarWinds

B. USER2SID

C. Cheops

D. SID2USER

E. DumpSec

정답: B,D,E

문제8

Which of the following tools can be used to perform a zone transfer?

A. Finger

B. Sam Spade

C. Dig

D. NSLookup

E. Netcat

F. Neotrace

G. Host

정답: B,C,D,G

문제9

Windows LAN Manager (LM) hashes are known to be weak.
Which of the following are known weaknesses of LM? (Choose three.)

A. Makes use of only 32-bit encryption.

B. Hashes are sent in clear text over the network.

C. Effective length is 7 characters.

D. Converts passwords to uppercase.

정답: B,C,D

문제10

What is the first step for a hacker conducting a DNS cache poisoning (DNS spoofing) attack against an organization?

A. The attacker queries a nameserver using the DNS resolver.

B. The attacker forges a reply from the DNS resolver.

C. The attacker makes a request to the DNS resolver.

D. The attacker uses TCP to poison the ONS resofver.

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제11

OpenSSL on Linux servers includes a command line tool for testing TLS. What is the name of the tool and the correct syntax to connect to a web server?

A. openssl_client -connect www.website.com:443

B. openssl s_client -site www.website.com:443

C. openssl_client -site www.website.com:443

D. openssl s_client -connect www.website.com:443

정답: D

문제12

Which access control mechanism allows for multiple systems to use a central authentication server (CAS) that permits users to authenticate once and gain access to multiple systems?

A. Discretionary Access Control (DAC)

B. Single sign-on

C. Role Based Access Control (RBAC)

D. Windows authentication

정답: B

문제13

Which of the following antennas is commonly used in communications for a frequency band of 10 MHz to VHF and UHF?

A. Omnidirectional antenna

B. Dipole antenna

C. Parabolic grid antenna

D. Yagi antenna

정답: D

문제14

Which type of attack attempts to overflow the content-addressable memory (CAM) table in an Ethernet switch?

A. MAC flooding

B. DNS cache flooding

C. Evil twin attack

D. DDoS attack

정답: A

문제15

Bob wants to ensure that Alice can check whether his message has been tampered with. He creates a checksum of the message and encrypts it using asymmetric cryptography. What key does Bob use to encrypt the checksum for accomplishing this goal?

A. His own public key

B. Alice's private key

C. His own private key

D. Alice's public key

정답: D

문제16

Which of the following is considered an exploit framework and has the ability to perform automated attacks on services, ports, applications and unpatched security flaws in a computer system?

A. Wireshark

B. Maltego

C. Metasploit

D. Nessus

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제17

Hackers often raise the trust level of a phishing message by modeling the email to look similar to the internal email used by the target company. This includes using logos, formatting, and names of the target company.
The phishing message will often use the name of the company CEO, President, or Managers. The time a hacker spends performing research to locate this information about a company is known as?

A. Investigation

B. Exploration

C. Enumeration

D. Reconnaissance

정답: D

설명: (DumpTOP 회원만 볼 수 있음)

최신 312-50v13 무료덤프 - ECCouncil Certified Ethical Hacker Exam (CEHv13)

우리와 연락하기

유용한 링크

최신 업데이트