최신 312-50v8 무료덤프 - EC-COUNCIL Certified Ethical Hacker v8

문제1

Which one of the following is defined as the process of distributing incorrect Internet Protocol (IP) addresses/names with the intent of diverting traffic?

A. Port scanning

B. Network aliasing

C. Reverse Address Resolution Protocol (ARP)

D. Domain Name Server (DNS) poisoning

정답: D

설명: (DumpTOP 회원만 볼 수 있음)

문제2

Peter extracts the SID list from Windows 2008 Server machine using the hacking tool "SIDExtracter". Here is the output of the SIDs:

From the above list identify the user account with System Administrator privileges?

A. Sheela

B. John

C. Rebecca

D. Somia

E. Chang

F. Micah

G. Shawn

정답: E

문제3

A company has publicly hosted web applications and an internal Intranet protected by a firewall. Which technique will help protect against enumeration?

A. Allow full DNS zone transfers.

B. Reject all invalid email received via SMTP.

C. Remove A records for internal hosts.

D. Enable null session pipes.

정답: C

문제4

LM authentication is not as strong as Windows NT authentication so you may want to disable its use, because an attacker eavesdropping on network traffic will attack the weaker protocol. A successful attack can compromise the user's password. How do you disable LM authentication in Windows XP?

A. Download and install LMSHUT.EXE tool from Microsoft website

B. Stop the LM service in Windows XP

C. Disable LM authentication in the registry

D. Disable LSASS service in Windows XP

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제5

Bill is a security analyst for his company.
All the switches used in the company's office are Cisco switches.
Bill wants to make sure all switches are safe from ARP poisoning.
How can Bill accomplish this?

A. Bill could use the command: ip arp no flood.

B. Bill can use the command: ip dhcp snooping.

C. He could use the command: ip arp no snoop.

D. Bill can use the command: no ip snoop.

정답: B

문제6

Cyber Criminals have long employed the tactic of masking their true identity. In IP spoofing,
an attacker gains unauthorized access to a computer or a network by making it appear that a malicious message has come from a trusted machine, by "spoofing" the IP address of that machine.
How would you detect IP spoofing?

A. Check the IPID of the spoofed packet and compare it with TLC checksum. If the numbers match then it is spoofed packet

B. Sending a packet to the claimed host will result in a reply. If the TTL in the reply is not the same as the packet being checked then it is a spoofed packet

C. Probe a SYN Scan on the claimed host and look for a response SYN/FIN packet,if the connection completes then it is a spoofed packet

D. Turn on 'Enable Spoofed IP Detection' in Wireshark,you will see a flag tick if the packet is spoofed

정답: B

문제7

How would you prevent session hijacking attacks?

A. Using unpredictable sequence numbers secures sessions against hijacking

B. Using non-Internet protocols like http secures sessions against hijacking

C. Using biometrics access tokens secures sessions against hijacking

D. Using hardware-based authentication secures sessions against hijacking

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제8

While conducting a penetration test, the tester determines that there is a firewall between the tester's machine and the target machine. The firewall is only monitoring TCP handshaking of packets at the session layer of the OSI model. Which type of firewall is the tester trying to traverse?

A. Packet filtering firewall

B. Circuit-level gateway firewall

C. Stateful multilayer inspection firewall

D. Application-level firewall

정답: B

문제9

What is a NULL scan?

A. A scan in which all flags are on

B. A scan in which the packet size is set to zero

C. A scan in which certain flags are off

D. A scan in which all flags are turned off

E. A scan with a illegal packet size

정답: D

설명: (DumpTOP 회원만 볼 수 있음)

문제10

Which type of sniffing technique is generally referred as MiTM attack?

A. Mac Flooding

B. DHCP Sniffing

C. ARP Poisoning

D. Password Sniffing

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제11

When does the Payment Card Industry Data Security Standard (PCI-DSS) require organizations to perform external and internal penetration testing?

A. At least twice a year or after any significant upgrade or modification

B. At least once a year and after any significant upgrade or modification

C. At least once every two years and after any significant upgrade or modification

D. At least once every three years or after any significant upgrade or modification

정답: B

문제12

What does black box testing mean?

A. You have no knowledge of the environment

B. You have partial knowledge of the environment

C. You have full knowledge of the environment

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제13

Sandra is the security administrator of XYZ.com. One day she notices that the XYZ.com Oracle database server has been compromised and customer information along with financial data has been stolen. The financial loss will be estimated in millions of dollars if the database gets into the hands of competitors. Sandra wants to report this crime to the law enforcement agencies immediately.
Which organization coordinates computer crime investigations throughout the United States?

A. NICP

B. NPC

C. CIA

D. NDCA

E. CIRP

정답: B

문제14

Derek has stumbled upon a wireless network and wants to assess its security. However, he does not find enough traffic for a good capture. He intends to use AirSnort on the captured traffic to crack the WEP key and does not know the IP address range or the AP. How can he generate traffic on the network so that he can capture enough packets to crack the WEP key?

A. Derek can use a session replay on the packets captured

B. Use any ARP requests found in the capture

C. Derek can use KisMAC as it needs two USB devices to generate traffic

D. Use Ettercap to discover the gateway and ICMP ping flood tool to generate traffic

정답: D

설명: (DumpTOP 회원만 볼 수 있음)

문제15

What happens when one experiences a ping of death?

A. This is when an IP datagram is received with the "protocol" field in the IP header set to 1 (ICMP) and the "type" field in the ICMP header is set to 18 (Address Mask Reply).

B. This is when an IP datagram is received with the "protocol" field in the IP header set to 1 (ICMP),the Last Fragment bit is set,and (IP offset ' 8) + (IP data length) >65535. In other words,the IP offset (which represents the starting position of this fragment in the original packet,and which is in 8-byte units) plus the rest of the packet is greater than the maximum size for an IP packet.

C. This is when an the IP header is set to 1 (ICMP) and the "type" field in the ICMP header is set to 5 (Redirect).

D. This is when an IP datagram is received with the "protocol" field in the IP header set to 1 (ICMP) and the source equal to destination address.

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제16

Eve is spending her day scanning the library computers. She notices that Alice is using a computer whose port 445 is active and listening. Eve uses the ENUM tool to enumerate Alice machine. From the command prompt, she types the following command.
For /f "tokens=1 %%a in (hackfile.txt) do net use * \\10.1.2.3\c$ /user:"Administrator" %%a
What is Eve trying to do?

A. Eve is trying to escalate privilege of the null user to that of Administrator

B. Eve is trying to connect as an user with Administrator privileges

C. Eve is trying to carry out a password crack for user Administrator

D. Eve is trying to enumerate all users with Administrative privileges

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제17

Which of the following conditions must be given to allow a tester to exploit a Cross-Site Request Forgery (CSRF) vulnerable web application?

A. The victim user must open the malicious link with an Internet Explorer prior to version 8.

B. The victim user must open the malicious link with a Firefox prior to version 3.

C. The web application should not use random tokens.

D. The session cookies generated by the application do not have the HttpOnly flag set.

정답: C

최신 312-50v8 무료덤프 - EC-COUNCIL Certified Ethical Hacker v8

우리와 연락하기

유용한 링크

최신 업데이트