최신 312-50v8 무료덤프 - EC-COUNCIL Certified Ethical Hacker v8

문제1

What happens when one experiences a ping of death?

A. This is when an IP datagram is received with the "protocol" field in the IP header set to 1 (ICMP) and the "type" field in the ICMP header is set to 18 (Address Mask Reply).

B. This is when an IP datagram is received with the "protocol" field in the IP header set to 1 (ICMP),the Last Fragment bit is set,and (IP offset ' 8) + (IP data length) >65535. In other words,the IP offset (which represents the starting position of this fragment in the original packet,and which is in 8-byte units) plus the rest of the packet is greater than the maximum size for an IP packet.

C. This is when an the IP header is set to 1 (ICMP) and the "type" field in the ICMP header is set to 5 (Redirect).

D. This is when an IP datagram is received with the "protocol" field in the IP header set to 1 (ICMP) and the source equal to destination address.

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제2

What is the main difference between a "Normal" SQL Injection and a "Blind" SQL Injection vulnerability?

A. The vulnerable application does not display errors with information about the injection results to the attacker.

B. The successful attack does not show an error message to the administrator of the affected application.

C. The request to the web server is not visible to the administrator of the vulnerable application.

D. The attack is called "Blind" because,although the application properly filters user input,it is still vulnerable to code injection.

정답: A

문제3

Low humidity in a data center can cause which of the following problems?

A. Heat

B. Corrosion

C. Static electricity

D. Airborne contamination

정답: C

문제4

Advanced encryption standard is an algorithm used for which of the following?

A. Data integrity

B. Bulk data encryption

C. Key discovery

D. Key recovery

정답: B

문제5

Leesa is the senior security analyst for a publicly traded company. The IT department recently rolled out an intranet for company use only with information ranging from training, to holiday schedules, to human resources data. Leesa wants to make sure the site is not accessible from outside and she also wants to ensure the site is Sarbanes-Oxley (SOX) compliant. Leesa goes to a public library as she wants to do some Google searching to verify whether the company's intranet is accessible from outside and has been indexed by Google. Leesa wants to search for a website title of "intranet" with part of the URL containing the word "intranet" and the words "human resources" somewhere in the webpage.
What Google search will accomplish this?

A. cache:"human resources" inurl:intranet(SharePoint)

B. site:"human resources"+intext:intranet intitle:intranet

C. related:intranet allinurl:intranet:"human resources"

D. intitle:intranet inurl:intranet+intext:"human resources"

정답: D

문제6

Smart cards use which protocol to transfer the certificate in a secure manner?

A. Point to Point Tunneling Protocol (PPTP)

B. Point to Point Protocol (PPP)

C. Layer 2 Tunneling Protocol (L2TP)

D. Extensible Authentication Protocol (EAP)

정답: D

문제7

A security engineer has been asked to deploy a secure remote access solution that will allow employees to connect to the company's internal network. Which of the following can be implemented to minimize the opportunity for the man-in-the-middle attack to occur?

A. Mutual authentication

B. IPSec

C. SSL

D. Static IP addresses

정답: B

문제8

Gerald, the Systems Administrator for Hyped Enterprises, has just discovered that his network has been breached by an outside attacker. After performing routine maintenance on his servers, he discovers numerous remote tools were installed that no one claims to have knowledge of in his department. Gerald logs onto the management console for his IDS and discovers an unknown IP address that scanned his network constantly for a week and was able to access his network through a high-level port that was not closed. Gerald traces the IP address he found in the IDS log to a proxy server in Brazil. Gerald calls the company that owns the proxy server and after searching through their logs, they trace the source to another proxy server in Switzerland. Gerald calls the company in Switzerland that owns the proxy server and after scanning through the logs again, they trace the source back to a proxy server in China. What proxy tool has Gerald's attacker used to cover their tracks?

A. Cheops proxy

B. ISA proxy

C. TOR proxy

D. IAS proxy

정답: C

문제9

Snort has been used to capture packets on the network. On studying the packets, the penetration tester finds it to be abnormal. If you were the penetration tester, why would you find this abnormal?
What is odd about this attack? (Choose the most appropriate statement)

A. The attacker wants to avoid creating a sub-carrier connection that is not normally valid.

B. This is back orifice activity as the scan comes from port 31337.

C. This is not a spoofed packet as the IP stack has increasing numbers for the three flags.

D. There packets were created by a tool; they were not created by a standard IP stack.

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제10

There are two types of honeypots- high and low interaction. Which of these describes a low interaction honeypot? Select the best answers.

A. More likely to be penetrated

B. More detectable

C. Tend to be used for research

D. Emulators of vulnerable programs

E. Easier to deploy and maintain

F. Tend to be used for production

정답: B,D,E,F

설명: (DumpTOP 회원만 볼 수 있음)

문제11

Which of the following items of a computer system will an anti-virus program scan for viruses?

A. Password Protected Files

B. Windows Process List

C. Boot Sector

D. Deleted Files

정답: C

문제12

Bob is a very security conscious computer user. He plans to test a site that is known to have malicious applets, code, and more. Bob always make use of a basic Web Browser to perform such testing.
Which of the following web browser can adequately fill this purpose?

A. Mozila

B. Lynx

C. Internet Explorer

D. Tiger

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제13

You perform the above traceroute and notice that hops 19 and 20 both show the same IP address.

This probably indicates what?

A. A Honeypot

B. A stateful inspection firewall

C. An application proxying firewall

D. A host based IDS

정답: B

문제14

Which of the following is NOT a reason 802.11 WEP encryption is vulnerable?

A. The standard does not provide for centralized key management

B. Automated tools like AirSnort are available to discover WEP keys

C. There is no mutual authentication between wireless clients and access points

D. The 24 bit Initialization Vector (IV) field is too small

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제15

Sally is a network admin for a small company. She was asked to install wireless accesspoints in the building. In looking at the specifications for the access-points, she sees that all of them offer WEP. Which of these are true about WEP?
Select the best answer.

A. Stands for Wired Equivalent Privacy

B. It offers end to end security

C. It makes a WLAN as secure as a LAN

D. Stands for Wireless Encryption Protocol

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

최신 312-50v8 무료덤프 - EC-COUNCIL Certified Ethical Hacker v8

우리와 연락하기

유용한 링크

최신 업데이트